allbad.cards Open in urlscan Pro
2606:4700:20::681a:697 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://allbad.cards/
Effective URL:
https://allbad.cards/
Submission: On January 31 via manual (January 31st 2022, 8:13:35 pm UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 15 domains to perform 56 HTTP transactions. The main IP is 2606:4700:20::681a:697, located in United States and belongs to CLOUDFLARENET, US. The main domain is allbad.cards.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 10th 2022. Valid for: a year.

This is the only time allbad.cards was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	2606:4700:20:... 2606:4700:20::681a:697	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e024	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:170... 2a02:26f0:1700:16::b856:fbd7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:12d... 2a02:26f0:12d:485::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
6	2600:9000:236... 2600:9000:236e:1a00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:303... 2606:4700:3039::6815:c077	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42:1b:... 2a04:4e42:1b::720	54113 (FASTLY) (FASTLY)
1	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:5800:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.120.100.22 3.120.100.22	16509 (AMAZON-02) (AMAZON-02)
56	22

13 2606:4700:20::681a:697 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

allbad.cards	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:f7::5c7b:e024 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:16::b856:fbd7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.fuseplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:12d:485::19fd (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:236e:1a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c077 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

publift-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)

images.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:5800:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.100.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-100-22.eu-central-1.compute.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	allbad.cards 1 redirects allbad.cards	440 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	188 KB
8	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2278 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 6636 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 10814	178 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 ad.doubleclick.net — Cisco Umbrella Rank: 195	153 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 509 p.typekit.net — Cisco Umbrella Rank: 656	191 KB
4	prismic.io images.prismic.io — Cisco Umbrella Rank: 14876	52 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 1249 api.btloader.com — Cisco Umbrella Rank: 1475	9 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
1	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1513	938 B
1	videoplayerhub.com 1 redirects publift-com.videoplayerhub.com — Cisco Umbrella Rank: 43309	542 B
1	google.se adservice.google.se — Cisco Umbrella Rank: 57807	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	644 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1366	5 KB
1	fuseplatform.net cdn.fuseplatform.net — Cisco Umbrella Rank: 28677	25 KB
56	15

	Domain	Requested by
13	allbad.cards	1 redirects allbad.cards static.cloudflareinsights.com
6	quantcast.mgr.consensu.org	cdn.fuseplatform.net quantcast.mgr.consensu.org
6	pagead2.googlesyndication.com	allbad.cards pagead2.googlesyndication.com tpc.googlesyndication.com
4	images.prismic.io	allbad.cards
4	use.typekit.net	allbad.cards use.typekit.net
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	cdn.fuseplatform.net securepubads.g.doubleclick.net
2	www.google-analytics.com	allbad.cards www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	www.google.com	tpc.googlesyndication.com
1	api.btloader.com	publift-com.videoplayerhub.com
1	ad-delivery.net	allbad.cards
1	ad.doubleclick.net	allbad.cards
1	stats.g.doubleclick.net	www.google-analytics.com
1	btloader.com	allbad.cards
1	publift-com.videoplayerhub.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.se	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	p.typekit.net	use.typekit.net
1	static.cloudflareinsights.com	allbad.cards
1	cdn.fuseplatform.net	allbad.cards
56	24

This site contains links to these domains. Also see Links.

Domain
twitter.com
instagram.com
reddit.com
patreon.com

Subject Issuer	Validity	Valid
allbad.cards Cloudflare Inc ECC CA-3	`2022-01-10` - `2023-01-10`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
cdn.fuseplatform.net R3	`2022-01-17` - `2022-04-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-12-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.cartrawler.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-11` - `2022-06-12`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2021-12-25` - `2022-03-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://allbad.cards/
Frame ID: 13E7B0A24830F18CA9AF9DB75D39D962
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: 65DF8E1D182A445D242AADAEEB862F61
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3525646721011012&output=html&adk=1812271804&adf=3025194257&lmt=1643660010&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fallbad.cards%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643660010450&bpp=3&bdt=163&idt=94&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&nras=1&correlator=885553368073&frm=20&pv=2&ga_vid=2141751659.1643660011&ga_sid=1643660011&ga_hid=1672276016&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221&oid=2&pvsid=1500624255522816&pem=713&tmod=1269569482&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=105
Frame ID: 81FF114DD415C9CA7851A24E65C054B2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7E535C171A93A8878F4D8BDCAA05A09C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1ED715A755ED5EFBCB4AA2FE650E4900
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

All Bad Cards | be rude. be irreverent. be hilarious!

Page URL History Show full URLs

http://allbad.cards/ HTTP 301
https://allbad.cards/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

56
Requests

98 %
HTTPS

83 %
IPv6

15
Domains

24
Subdomains

22
IPs

3
Countries

1265 kB
Transfer

3508 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://twitter.com/allbadcards/

Search URL Search Domain Scan URL

URL: http://instagram.com/allbadcardsgame/

Search URL Search Domain Scan URL

URL: https://reddit.com/r/allbadcards

Search URL Search Domain Scan URL

URL: http://patreon.com/allbadcards/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://allbad.cards/ HTTP 301
https://allbad.cards/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://publift-com.videoplayerhub.com/galleryplayer.js HTTP 301
https://btloader.com/tag?h=publift-com&upapi=true

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
allbad.cards/
Redirect Chain

http://allbad.cards/
https://allbad.cards/

6 KB
3 KB

235ms
195ms

Document
text/html

2606:4700:20::681a:697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8af3f8c495f85adf0c42a35d5e5c6400db5a07b76cc00c62ab72baaf0b80c26e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
vary: Origin, Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQ1jFQZF48OC7xEZ9LDQMc9UKdShkNglFeFle9ne%2FKG9vLhwcx%2F9xcLuzpPCFRxDJWvAiz0%2FgvyXZ5niSxRUrdBzQvbsJ3j74ELqcIxB6Y5ihu90Kj68l8jYt3rPT%2BweaK9zfW6RM9E2xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d6599d71db49255-FRA
content-encoding: br

Redirect headers

Date: Mon, 31 Jan 2022 20:13:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 31 Jan 2022 21:13:30 GMT
Location: https://allbad.cards/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7sVKr34kSOGfJR0PBWjX3C0eL9k8DhSxHQGnjtSWvIZIMoCXGQzRzIX%2F7v5rXU2Zjzf5kcOYaSaGVVgOVx7ef7fTSAtSuck5CsZd2i9jU9y9KAPYz7cexBFYiDg846%2FC2YX47nQ2RYgaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6d6599d69ee791ea-FRA

GET
H2 200 logo-small.png
allbad.cards/ 105 KB
106 KB 59ms
58ms Image
image/png 2606:4700:20::681a:697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allbad.cards/logo-small.png?2
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3ca60c9b7f51448f9597fe0b15435ade18740fab213032b9e1b9e68a9b86f30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22191
x-powered-by: Express
content-length: 107931
last-modified: Fri, 24 Sep 2021 19:51:58 GMT
server: cloudflare
etag: W/"1ccb6-17c195d4f30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qVmmjCAeWRWBZOEhfDqcOUhQk%2B%2BWBWcbXa7iSs0JcgUHqilptELU2%2BkYGlsZkcFFpjv6eDpoLPq%2F4KzjALgRG5gl4a3P93oFeXHd5e7yE9BbekhI2FUHxCEBi%2BrVjECycT3n2VOqPgvLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
cf-polished: origSize=117942, status=vary_header_present
accept-ranges: bytes
cf-ray: 6d6599d889df9255-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 wni2zli.css
use.typekit.net/ 2 KB
911 B 115ms
47ms Stylesheet
text/css 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/wni2zli.css

Requested by

Host: allbad.cards
URL: https://allbad.cards/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9db33f748119b895ca22e6a219290c8ae9c3e5da38ba566e13876654c759da39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Mon, 31 Jan 2022 20:13:30 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 679

GET
H2 200 fuse.js Show response
cdn.fuseplatform.net/publift/tags/2/2326/ 101 KB
25 KB 469ms
403ms Script
application/x-javascript 2a02:26f0:1700:16::b856:fbd7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/publift/tags/2/2326/fuse.js
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:16::b856:fbd7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 155143806b406e02618629fa533743b83d5106756fc62422f3834480a49bf6f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 01:01:28 GMT
server: AkamaiNetStorage
etag: "073fecb0f6fa5a10b3c07a86167bd871:1639530088.95636"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 24963
expires: Mon, 31 Jan 2022 20:43:30 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
52 KB 92ms
50ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: allbad.cards
URL: https://allbad.cards/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be7e34c6bc7ce9bf655a63aef54e824ac3bb5917eb64180ed30e577a50a988cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52462
x-xss-protection: 0
server: cafe
etag: 15702818317705877748
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 31 Jan 2022 20:13:30 GMT

GET
H2 200 3.70f274f3.chunk.css
allbad.cards/static/css/ 4 KB
1 KB 51ms
50ms Stylesheet
text/css 2606:4700:20::681a:697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/static/css/3.70f274f3.chunk.css
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9a5ac199133a042646791a688c0f2cf7a0e22931667838dd1e747db176977b74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18426
x-powered-by: Express
last-modified: Sun, 09 Jan 2022 22:24:24 GMT
server: cloudflare
etag: W/"1107-17e40f151c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYwjp9HY6pNtRU1DzPVFxpicVI4eCfwbrP8WjUl5yLgmbSjMLME8qG0%2BPMkVNJyimzrK6auaO5FJXmf%2Bwh5VwhkUNXvc2O3RCFUPvUuYId3OjkSEMLl1ooFAzgVR2T%2FR%2BUmOFFeEaKvxMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
cf-polished: origSize=4359
cf-ray: 6d6599d889e39255-FRA
cf-bgj: minify

GET
H2 200 main.4ed72f55.chunk.css
allbad.cards/static/css/ 801 B
663 B 58ms
57ms Stylesheet
text/css 2606:4700:20::681a:697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/static/css/main.4ed72f55.chunk.css
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3c8cd71b25601820aa5893136ab33d413f7789da1a49e3566da34b42f9ea2f08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18426
x-powered-by: Express
last-modified: Sun, 09 Jan 2022 22:24:24 GMT
server: cloudflare
etag: W/"355-17e40f151c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FucRAqy2UEur4Nr%2FvK9vJNzuoW4hVDJ5spamRDI9eKWQuBAKd6%2B2%2BhJfoVu25HA9Wkcklv7fasVgQAa5WoTcxo99W%2Fp5ZpUjZpWH9juqn64dizp63LOAg3RfIOGPnc0LGslJ3VLljbYJyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
cf-polished: origSize=853
cf-ray: 6d6599d889e99255-FRA
cf-bgj: minify

GET
H2 200 3.d9d60f22.chunk.js Show response
allbad.cards/static/js/ 991 KB
290 KB 79ms
79ms Script
application/javascript 2606:4700:20::681a:697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/static/js/3.d9d60f22.chunk.js
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 517fae04bff4fcba4c03ec091e6684f77da126781e563a21819ee544b02a5464

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18426
x-powered-by: Express
last-modified: Sun, 09 Jan 2022 22:24:24 GMT
server: cloudflare
etag: W/"f7adf-17e40f151c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9%2BTs%2F2wP%2BElsp3uXu7bSp62lA9DdNYn8BQm6XI80oMZANfsOPwnWh4iNpcm%2FIWV3BeR5%2Bgp%2BJB3CipD2w%2BGOa5VI21tMLBqrU5UfwsQovsmnsvPYDNSKdbZ9LPOH9uIuIN0wgNS4YsqnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-polished: origSize=1014495
cf-ray: 6d6599d889ea9255-FRA
cf-bgj: minify

GET
H2 200 main.1e0b04ff.chunk.js Show response
allbad.cards/static/js/ 136 KB
34 KB 79ms
79ms Script
application/javascript 2606:4700:20::681a:697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/static/js/main.1e0b04ff.chunk.js
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6ab0e2bd5a6003882d29ff2ef4beba612a154cb6be12b8133bc17f81b9922955

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18426
x-powered-by: Express
last-modified: Sun, 09 Jan 2022 22:24:24 GMT
server: cloudflare
etag: W/"220d7-17e40f151c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqdFQiU5JUC5MMRVK7wsOpxMerkSq9ftWJvYf8bCM3jhn75p22vD0MRQt5O9yXJB%2FjmOILos77Wujqh2XuChI%2F589LxQybWDchIM8TTHdKWtW0VC18CugEetlu79MAM2E9yLFFM98eMBKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-polished: origSize=139479
cf-ray: 6d6599d889ec9255-FRA
cf-bgj: minify

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 112ms
76ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://allbad.cards/
Origin: https://allbad.cards
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6d6599d8a8048fda-FRA

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 121ms
24ms Stylesheet
text/css 2a02:26f0:12d:485::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=wni2zli&ht=tk&f=43789.43790.43791&a=48185717&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wni2zli.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:485::19fd Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
last-modified: Wed, 02 Sep 2020 00:59:02 GMT
server: nginx
etag: "5f4eee56-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/ 284 KB
102 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3525646721011012&plah=allbad.cards

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f560b78d9dcc86d126b07b4e9df9b85bab779b08d85e0808ad722d78c446585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104642
x-xss-protection: 0
server: cafe
etag: 9972802715434934514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 31 Jan 2022 20:13:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame 65DF 10 KB
5 KB 58ms
17ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Mon, 31 Jan 2022 15:32:23 GMT
expires: Mon, 14 Feb 2022 15:32:23 GMT
cache-control: public, max-age=1209600
age: 16867
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
644 B 76ms
24ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=allbad.cards&callback=_gfp_s_&client=ca-pub-3525646721011012

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3525646721011012&plah=allbad.cards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

85e8ac3606ff45b3c10becebd29c3982026e93f77343ec0f748d87316fdb5d04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
792 B 71ms
28ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=allbad.cards

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 69ms
26ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=allbad.cards

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 81FF 603 B
68 B 62ms
37ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3525646721011012&output=html&adk=1812271804&adf=3025194257&lmt=1643660010&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fallbad.cards%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643660010450&bpp=3&bdt=163&idt=94&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&nras=1&correlator=885553368073&frm=20&pv=2&ga_vid=2141751659.1643660011&ga_sid=1643660011&ga_hid=1672276016&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221&oid=2&pvsid=1500624255522816&pem=713&tmod=1269569482&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=105

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 31 Jan 2022 20:13:30 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 31 Jan 2022 20:13:30 GMT
cache-control: private

GET
H2 200 get-auth-urls Show response
allbad.cards/auth/ 969 B
780 B 408ms
407ms Fetch
application/json 2606:4700:20::681a:697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/auth/get-auth-urls?state={{REPLACEME}}
Requested by: Host: allbad.cards
URL: https://allbad.cards/static/js/main.1e0b04ff.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f700c1c383931ba77eac334f7b683ce0a85b29649482d190980c013665da7a4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: br
etag: W/"3c9-j8o8ryqXXzbIsJF6aUQLhe1L8xU"
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikdD59xj0aLbsutPydcpJDXg2YY9APB%2BjhUHx5LhBb9VEHrSxcRTj6sE8H9KBqIG8dfTDtt1ZBaLO%2BGDUWqVSWTuA5VDsfbn72kvN4j%2B3FE%2BdtDHbvLpsyBOj%2FaBS0M8vtqF42fhPYtUOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 6d6599da2ded9255-FRA

GET
H2 200 data Show response
allbad.cards/api/user/ 101 B
402 B 367ms
367ms Fetch
application/json 2606:4700:20::681a:697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/api/user/data?authTypes=patreon
Requested by: Host: allbad.cards
URL: https://allbad.cards/static/js/main.1e0b04ff.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0792402f54856bbae381b0dd8f3a5bc57f135579f03296a4784c8b0e0ac94191

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: br
etag: W/"65-MwwmkP7M0dncGBAQOtkJn6kds5c"
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9pDI8INQOS%2Fg6CZviyF4YxHfj%2FQmSUm1K%2FNWbtsQoNwqGZp6RB52EF7T%2Bo8evunHv9dCao2CmJ8pKzwMso4%2BFdkXsZCQFsqxCfNbnXmhB%2FvcebvWopfvX4BIKpQgc0p5um6qvLWZ0Bo4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 6d6599da2def9255-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 61ms
18ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: allbad.cards
URL: https://allbad.cards/static/js/3.d9d60f22.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2316
date: Mon, 31 Jan 2022 19:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 31 Jan 2022 21:34:54 GMT

GET
H2 200 l
use.typekit.net/af/fafe2b/00000000000000007735cab2/30/ 63 KB
63 KB 86ms
37ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/fafe2b/00000000000000007735cab2/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wni2zli.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0d114778023ce7fe2dff3f4aac57a15e3a3a5c97875a80d46b66d197a6fdd9aa

Request headers

Referer: https://use.typekit.net/wni2zli.css
Origin: https://allbad.cards
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
server: nginx
etag: "1829aa4130ab2f8a31eb0f8e94b701d0a169cc43"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 64332

GET
H2 200 l
use.typekit.net/af/6628e0/00000000000000007735caa8/30/ 65 KB
65 KB 101ms
53ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6628e0/00000000000000007735caa8/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wni2zli.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 07a71c04f9437e8b1ee280bc7278be59d88035546ca34f05e8ba0769965dd735

Request headers

Referer: https://use.typekit.net/wni2zli.css
Origin: https://allbad.cards
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
server: nginx
etag: "37946c996cd7ecf7e764df9ea46fa2a100b81eb0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 66160

GET
H2 200 get-auth-urls Show response
allbad.cards/auth/ 969 B
746 B 387ms
387ms Fetch
application/json 2606:4700:20::681a:697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/auth/get-auth-urls?state={{REPLACEME}}
Requested by: Host: allbad.cards
URL: https://allbad.cards/static/js/main.1e0b04ff.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f700c1c383931ba77eac334f7b683ce0a85b29649482d190980c013665da7a4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:31 GMT
content-encoding: br
etag: W/"3c9-j8o8ryqXXzbIsJF6aUQLhe1L8xU"
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A55N6ILCp7w%2BETRAhLzSc6LbFAt0EdeqAF%2BdWeD3mis7K59r9WA9auWyIPdu6Kd1iBvijb3IHCGocw9RHPHgQXQ%2FuLX3ZPlqgo2m7tqSH4w3wqhHriOeh6OL2Na12QRmGqC7SkizKPnPbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 6d6599db1fd19255-FRA

GET
H2 200 upsells Show response
allbad.cards/api/content/ 3 KB
2 KB 196ms
196ms Fetch
application/json 2606:4700:20::681a:697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/api/content/upsells
Requested by: Host: allbad.cards
URL: https://allbad.cards/static/js/main.1e0b04ff.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 876aa62e9065c95b6ae1b2e15da1a47936aa807495a5d3097d270c3e98efad1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: br
etag: W/"da4-mRAKFXpPsm3ZgKoP5HT/hrHcy80"
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sthf0dZ%2BGp7I8KCw%2B0jMcS2a3%2BjE7dseeTVO2q19Hewxygw%2FPmTB0%2F%2FamNhBT4Q7RniRa4ipnjX0jk7AkH49NjJhk6s04BBNEhwocWfwTm2eD8ob%2B1VPPW%2FQ%2FpcVtCbuAHabaXwwggTHxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: max-age=41
cf-ray: 6d6599db1fd39255-FRA

GET
H2 200 register Show response
allbad.cards/api/user/ 32 B
609 B 382ms
381ms Fetch
application/json 2606:4700:20::681a:697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/api/user/register
Requested by: Host: allbad.cards
URL: https://allbad.cards/static/js/main.1e0b04ff.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e353ff8d345d1818d8c0dda29b9f703386709cec9aa26b02377d9374b692f79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:31 GMT
etag: W/"20-NSgrEmyZ5ZtrINRHTUFkqSYEu50"
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukWiUDYbRy%2FMelJc24wxQyL44Ti4SiDIyiV9D0VR8rhsDTEQVaziQG0aOxLNPpCLjLNqst8O%2BmjaDNUVaxYyFNdBLKBYUqaQNs1Oq%2FIWYG3FlQmTSn7OewN0Uq9dHuflTEnQUOTjAQiUSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 6d6599db1fd59255-FRA
content-length: 32

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 49ms
25ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1672276016&t=pageview&_s=1&dl=https%3A%2F%2Fallbad.cards%2F&dp=%2F&ul=en-us&de=UTF-8&dt=All%20Bad%20Cards%20%7C%20be%20rude.%20be%20irreverent.%20be%20hilarious!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=488696517&gjid=1356914488&cid=2141751659.1643660011&tid=UA-23730353-5&_gid=1535071976.1643660011&_r=1&_slc=1&z=1788002380

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://allbad.cards/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 20:13:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://allbad.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/allbad.cards/ 10 KB
4 KB 453ms
414ms XHR
application/javascript 2600:9000:236e:1a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/allbad.cards/choice.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2326/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:1a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c9807454607191fc0ee5c4c777c7b4ed69c286dde019f64003b2170a10c7f89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:32 GMT
content-encoding: br
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
cross-origin-resource-policy: cross-origin
access-control-allow-origin: https://allbad.cards
last-modified: Thu, 27 May 2021 01:23:02 GMT
server: AmazonS3
etag: W/"4bf1bfb3d30a549df79675e96d6f3fa7"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
cache-control: max-age=900
access-control-allow-credentials: true
x-amz-cf-id: GjVCkkl_fgLYE5a1JfSK7ZvVV8QeDBcf5kvYCqJO3D9dud_D6XDOqQ==

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://publift-com.videoplayerhub.com/galleryplayer.js
https://btloader.com/tag?h=publift-com&upapi=true

29 KB
9 KB

95ms
31ms

Script
application/javascript

2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=publift-com&upapi=true
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e82b90e1414bd6c43386e642eb8a454c1e840cf07b5cad91d39f35aea40d653

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d6599dd09ca916a-FRA
date: Mon, 31 Jan 2022 20:13:31 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2500
etag: W/"0fae4175c5bb521b337e5380b4abfef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oR0qs9DPzFlXJ9sw6YStxhP7BnBIxvyGqoe1xAMj5m5LG6Mq2kfuXJmX%2F47S0z3JVwxxzKpsUd0BluPqmwO25uBEqEB4R0s3lwiHsBHwJ3uaK3s42IRbSNGQrZehTH6nk78RgFVFjNQfNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800, must-revalidate
content-encoding: br

Redirect headers

date: Mon, 31 Jan 2022 20:13:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THNO9ZFOv0D8CVCOEJyx7GCkAW1rwEJETgduwb6KeXX4uvpfkgUAft%2BTMc10ZvhzHynvZXiU6Bc3Vt2foBsq5TVZi%2BEQBAS%2FghT8zTvGbcU7ZhT9bxsBbeO%2Buboxpu%2BRSHjw%2BDexx4STt%2F8p15F7hUZyxde1vlMtDaXZOg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=publift-com&upapi=true
cache-control: max-age=3600
cf-ray: 6d6599dc5a92ff08-MAD
expires: Mon, 31 Jan 2022 21:13:30 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 104ms
64ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2326/fuse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

086186b46bab648cd75474724d6eba688d0c6e592672d2ad86d57988dbba7681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27247
x-xss-protection: 0
server: sffe
etag: "1118 / 781 of 1000 / last-modified: 1643638952"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 31 Jan 2022 20:13:30 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 72ms
23ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23730353-5&cid=2141751659.1643660011&jid=488696517&gjid=1356914488&_gid=1535071976.1643660011&_u=IAhAAEAAAAAAAC~&z=221861885

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://allbad.cards/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 31 Jan 2022 20:13:30 GMT
content-type: text/plain
access-control-allow-origin: https://allbad.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022012701.js Show response
securepubads.g.doubleclick.net/gpt/ 355 KB
120 KB 40ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122333
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 09:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 31 Jan 2023 20:08:48 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 87 B
104 B 54ms
27ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=allbad.cards

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e1010f741564360e01d79b6861fcaab27d3aa9cf7880917a22ed11ea01f19d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 20:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Mon, 31 Jan 2022 20:13:30 GMT

GET
H2 200 31f96dff-c149-4ddc-9534-76db6cec6399_covid.png
images.prismic.io/allbadcards/ 5 KB
5 KB 90ms
20ms Image
image/avif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/allbadcards/31f96dff-c149-4ddc-9534-76db6cec6399_covid.png?auto=compress,format

Requested by

Host: allbad.cards
URL: https://allbad.cards/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

4b757264bdc8448edac3f934cdb078cc6d7842068b449b91bdc47e9e76b00b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:31 GMT
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 03:10:06 GMT
server: imgix
age: 4554204
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 313de16a75bf3f312e9e8d7ba6cab5c658dfab1a
accept-ranges: bytes
content-length: 5036
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10071-SJC, cache-hhn4077-HHN

GET
H2 200 53bfc1ac-4d1f-4df7-b9ca-7fc57e2bbbeb_backer.png
images.prismic.io/allbadcards/ 17 KB
18 KB 92ms
23ms Image
image/avif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/allbadcards/53bfc1ac-4d1f-4df7-b9ca-7fc57e2bbbeb_backer.png?auto=compress,format

Requested by

Host: allbad.cards
URL: https://allbad.cards/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

6b64bdae967b8f776cb17fd8949d7a22785eba7ed410c65f62a7d604a1e5ee38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:31 GMT
x-content-type-options: nosniff
age: 2347566
x-cache: MISS, HIT, HIT
x-imgix-id: 53ff33232df5539a57cda17b71cb3a153ab1c7f3
fastly-restarts: 1
x-served-by: cache-sjc10037-SJC, cache-sjc10053-SJC, cache-hhn4077-HHN
accept-ranges: bytes
last-modified: Tue, 04 Jan 2022 16:07:24 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-length: 17797
cross-origin-resource-policy: cross-origin

GET
H2 200 fd409830-9409-419e-816c-e52b076f1b2e_backer_star_background.png
images.prismic.io/allbadcards/ 18 KB
18 KB 88ms
19ms Image
image/avif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/allbadcards/fd409830-9409-419e-816c-e52b076f1b2e_backer_star_background.png?auto=compress,format

Requested by

Host: allbad.cards
URL: https://allbad.cards/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

4d92f55077f7205ab8577e09418f7b3757e4ae688b9c8dca2efb56af32513729

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Jan 2022 08:59:18 GMT
server: imgix
age: 558853
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: fc391caf3ec02fe94c6f037dceba7f5d39041388
accept-ranges: bytes
content-length: 18127
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10030-SJC, cache-hhn4077-HHN

GET
H2 200 3f39a4b1-7d3c-4dcd-9003-9165ffa6c038_superbacker_got.png
images.prismic.io/allbadcards/ 11 KB
12 KB 91ms
22ms Image
image/avif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/allbadcards/3f39a4b1-7d3c-4dcd-9003-9165ffa6c038_superbacker_got.png?auto=compress,format

Requested by

Host: allbad.cards
URL: https://allbad.cards/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c055ea947c8bcdee51fe5ac7d23e369617872fecaaa560c91736644f44aa221a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Dec 2021 02:19:32 GMT
server: imgix
age: 4643638
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 9580a626891e9d4d6c41567b4e4593f52eceb4d2
accept-ranges: bytes
content-length: 11692
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10062-SJC, cache-hhn4077-HHN

GET
H2 200 l
use.typekit.net/af/57ab84/00000000000000007735caae/30/ 62 KB
62 KB 43ms
43ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/57ab84/00000000000000007735caae/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wni2zli.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b377941c7661c42ab6886f6692434610d177841b92b38aeea578d029fe0a7b

Request headers

Referer: https://use.typekit.net/wni2zli.css
Origin: https://allbad.cards
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:30 GMT
server: nginx
etag: "53616ff62efdaa142a80f44c72a0d93e878b8a18"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 63284

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 67ms
18ms Image
image/x-icon 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: allbad.cards
URL: https://allbad.cards/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 01:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66104
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 01:51:47 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
938 B 79ms
32ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.46099967327419433
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Mon, 31 Jan 2022 20:13:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3338
x-guploader-uploadid: ADPycdsiEy1nuSQNLEfhas8uFzs_VoTwqWcTlfyykl3xjJisrZ87FPDWKxvP13qNt4XQ7osgGFoYD-rBw7_qRR-jYcOYmaiEZQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47kxwfiDWckymHGwHW6aDKUJhSvZyn5ziuSISf84APXA%2Fnaq%2BsDZUQX5nZEhegocU%2FvceahgClEMJQdGkz7gkOO5tDfUKLc4MocFjPSreHeXBs0hsKElWtY3rFf6xAxhbRTQNuUnouM0k1%2BGDA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 6d6599dd8af4908a-FRA
expires: Mon, 31 Jan 2022 20:17:31 GMT

GET
H2 204 pv Show response
api.btloader.com/ 0
96 B 167ms
123ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=H3UvG1tbiw&w=5668699747909632&o=5708166709903360&cv=2.0.2-2-gfdc9054&r=false&pageURL=https%3A%2F%2Fallbad.cards%2F&upapi=true
Requested by: Host: publift-com.videoplayerhub.com
URL: https://publift-com.videoplayerhub.com/galleryplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 20:13:31 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: clear
via: 1.1 google

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 57ms
32ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220126&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32c3414e993c5c66e15dfb7208ad9cf666b9b7212cebd7fd8109c713ac34e80a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 20:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9077
x-xss-protection: 0

POST
H2 200 rum Show response
allbad.cards/cdn-cgi/ 0
232 B 33ms
33ms XHR
text/plain 2606:4700:20::681a:697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allbad.cards/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:697 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://allbad.cards/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: application/json

Response headers

date: Mon, 31 Jan 2022 20:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://allbad.cards
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6d6599ddcecf9255-FRA
vary: Origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 177ms
121ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 20:13:31 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/allbad.cards/ 10 KB
4 KB 175ms
139ms Script
application/javascript 2600:9000:236e:1a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/allbad.cards/choice.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2326/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:1a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c9807454607191fc0ee5c4c777c7b4ed69c286dde019f64003b2170a10c7f89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 31 Jan 2022 20:13:32 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 01:23:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"4bf1bfb3d30a549df79675e96d6f3fa7"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: SPNysrSDccQ6g_53Thc5eW1hI-Irv6j2HqknXd3UyAchJJNokEt1IQ==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7E53 13 KB
5 KB 51ms
18ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 19:15:50 GMT
expires: Tue, 31 Jan 2023 19:15:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 3461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1ED7 783 B
1 KB 83ms
28ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

972fb220a6324342f43cbfe875c888fce1b2d05b9c68fa42428c12e0744ef39d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bT7gVG1T0ciaiaumGBd+yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 31 Jan 2022 20:13:31 GMT
date: Mon, 31 Jan 2022 20:13:31 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-bT7gVG1T0ciaiaumGBd+yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 179 KB
44 KB 23ms
22ms Script
text/javascript 2600:9000:236e:1a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=allbad.cards
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/allbad.cards/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:1a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87a05e266719cffcabe1f5b046d7e6c0b095a2f35723e3d00b41d001b5b02ff0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:12:58 GMT
content-encoding: br
age: 34
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 06 Jan 2022 15:10:02 GMT
server: AmazonS3
etag: W/"c29546e2a6954891b2b97d808459afe6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: uC61mtdJLqc10QFWI__qotvYCIvWtqgfE0I9qUYlMMwyRhrcTbUGMw==

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 52ms
16ms XHR
application/json 2600:9000:225e:5800:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=allbad.cards
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:5800:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 971259392517086cf8e76d37862bd77c61d9656ea92756b8ab83f5a522244bc1

Request headers

Accept: application/json, text/plain, */*
Referer: https://allbad.cards/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 03:00:35 GMT
content-encoding: gzip
age: 61977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 19:52:29 GMT
server: AmazonS3
etag: W/"b8c06acd22d1ac0496b19b68f23f006c"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: c1JWPRAv0S3Zojgoo96k7T1rhMmc9RNG
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P4
content-type: application/json
x-amz-cf-id: 2drsJ9Aok6IShaZkwTI9JyYMfE95A-H0yCpc51cgqYft3xG_KShwFw==

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E53 35 KB
13 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:47:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 11:47:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1ED7 0
0 58ms
57ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220126&jk=1500624255522816&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/38/ 226 KB
55 KB 21ms
20ms Script
text/javascript 2600:9000:236e:1a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=allbad.cards
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:1a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fd77c2a1954dc2b757a6b8245a264a0422a70161f9566d997bac242f47d5bbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:02:15 GMT
content-encoding: br
age: 105077
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 06 Jan 2022 15:09:37 GMT
server: AmazonS3
etag: W/"d2e44b7f9549a166eb2f13551350fe5e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Yo_CprhckSrwTef28wMZDbIkpaJi1vODfGVHQzCLKrCVaXpIVUGBtg==

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 282 KB
33 KB 21ms
21ms XHR
application/json 2600:9000:236e:1a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=allbad.cards
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:1a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31cc6b72e56b6d33e07ae0a498b1f44a1cc52b7ab3bcf426afdfb2858b0937a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 03:00:36 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 61976
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 31 Jan 2022 03:00:32 GMT
server: AmazonS3
etag: W/"f29fd5f05eb88eff725d0b2e0b129a1d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: bzRnM3D6LsLCAyEL0KPA-NaggZ27gfFp-zt6dbapqRqp_Y-r8E7q9g==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 154 KB
36 KB 35ms
35ms XHR
application/json 2600:9000:236e:1a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=allbad.cards
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:1a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1668cc6245de787187adc85cac679a9a03a178186af0eeabe5389787b0ca0107

Request headers

Accept: application/json, text/plain, */*
Referer: https://allbad.cards/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 03:00:31 GMT
content-encoding: br
age: 61981
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Mon, 31 Jan 2022 03:00:28 GMT
server: AmazonS3
etag: W/"207d875b90127b965d637f833f517a2d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: y2yuRmAb_GRVZvkUykiZAPtTKz4LAGF1LFEXezLfrMtYRn4DlaSebg==

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 56ms
18ms XHR
text/plain 3.120.100.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22PRrmquD1Ggcb1%22%2C%22domain%22%3A%22allbad.cards%22%2C%22publisher%22%3A%22All%20Bad%20Cards%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.38%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22swYX3GonWG1FgF1THLt9Dw%22%2C%22clientTimestamp%22%3A1643660011594%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-rgncy2iahuoe5waua4q8%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.100.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-100-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://allbad.cards/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 20:13:31 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7E53 0
9 B 16ms
16ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-cq3dQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:13:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220126&jk=1500624255522816&bg=!AgGlAUXNAAY6OBv_Ojg7ACkAdvg8WtlV5Ny-DeI2Piw53HrkoMvOtvNNjXOv5vOoOpDK_pO70kCQyAIAAACZUgAAAAFoAQeZAp2Mo-mdG1PQebI-a7PJhSrwGK8zF9J5neLKIm6B86VfmlD8X8Uy7EdmgXMDpyTZpYsY8U83xuHInQSWwClT8RAeht8kF7vU0yxSXBji1CgF5iSQl0w_A3-8lSjB_zRiaQcVWBTyplOsNZUjGmn74TJmyxyTFM6FgWzneCMLBD4-F20HHr6tZlXSmJEk5CRsw1sXX9Z2x9ZnwDElag8OrwC_BNGZNF_1IGVHdkjgPsQaCUiEOMqHfbC5vGwlmHabkJBuPL0QYeW2x40HT11hlpVQ1ia0v8noQxdq92Nf0ThEHr13VlRoHM5W2z68kLhscFYEPte3hLFdu8cmbc5WogJyubSCgT0IYbVhcR6xLgGFtLKfimWe-z_fCe6m1aCHISqdgo3iSi-tUyyBuE_y2N2vpQGrvRTW9ePAY1zOD6p_bIDW3iJMuKg9Za8IjQ5Nr5j26cK-Vro5F6qTFqA_AempqhUQZ4UV68yAJD9RKK0Z82OiHIYGTBHuI5ORK1vUt-7OXKkIHPJRvHRRmGckofXbBl2SozYq6jvkwhas_LKcQ2NEcbY_moYuUMje2OJ0Vkhp4veOS2mhZz9QDKk1RdnIWC-g1g2L3FjzP_JUCaS2NCH3epYy5vywbZYawAY4apA1b4ZC8fBjRBhBIoYn7hX2jYgvmuNgPSTFiXbfUtWA78F2ACJ-7eRHbflpxXUtE27UnI9MutOVOWq26hi3Ospauer6o64f28uEtPdcNpa5ibKgOz5UwkNew5KLM1TbR3FgEFwnqulLVviC9SltdWNLiUcA9zMijNl932fcnx0TIipnEIjrM6M2jQ2HiZZoEJHsIue16L6_70XTyH5nPwj1ZkKOLbyXnPjXJIc4HcmGkiaUvckIl00qALJsCcM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 20:13:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 00:34:20	Name: test_cookie Value: CheckForPermission
.allbad.cards/	1970-01-20 09:55:56	Name: __gads Value: ID=41ffa5bc0fa34f30-2201011931cd0060:T=1643660010:RT=1643660010:S=ALNI_MZa_a4ASd5tJKCvXK83SjxXn6B1Yg
.allbad.cards/	1970-01-20 18:05:32	Name: _ga Value: GA1.2.2141751659.1643660011
.allbad.cards/	1970-01-20 00:35:46	Name: _gid Value: GA1.2.1535071976.1643660011
.allbad.cards/	1970-01-20 00:34:20	Name: _gat Value: 1
cdn.fuseplatform.net/	1970-01-20 01:17:32	Name: akacd_allbadcards Value: 1646252010~rv=11~id=67f8c4a1632053874b488ed714c0e5d3
.allbad.cards/	1971-01-19 15:48:44	Name: playerSecret Value: 5c80fb976ce8fcd85af69c4c80c7272695ea39ccaf1a7904798c764740dec41afbbbbfe1c4f0cfb8f1de831a9b6fb7d0880ad615039d998c72c8e59649ebc13b
.allbad.cards/	1971-01-19 15:48:44	Name: playerGuid Value: xz0ClX8elG5iQDGPKJDTA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
adservice.google.com
adservice.google.se
allbad.cards
api.btloader.com
audit-tcfv2.quantcast.mgr.consensu.org
btloader.com
cdn.fuseplatform.net
googleads.g.doubleclick.net
images.prismic.io
p.typekit.net
pagead2.googlesyndication.com
partner.googleadservices.com
publift-com.videoplayerhub.com
quantcast.mgr.consensu.org
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
test.quantcast.mgr.consensu.org
tpc.googlesyndication.com
use.typekit.net
www.google-analytics.com
www.google.com
130.211.23.194
142.250.184.226
172.217.18.102
2600:9000:225e:5800:3:a4cd:8380:93a1
2600:9000:236e:1a00:9:46dc:4700:93a1
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:20::681a:697
2606:4700:3039::6815:c077
2606:4700::6810:5f41
2a00:1450:4001:808::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:400c:c06::9a
2a02:26f0:12d:485::19fd
2a02:26f0:1700:16::b856:fbd7
2a02:26f0:f7::5c7b:e024
2a04:4e42:1b::720
3.120.100.22
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0792402f54856bbae381b0dd8f3a5bc57f135579f03296a4784c8b0e0ac94191
07a71c04f9437e8b1ee280bc7278be59d88035546ca34f05e8ba0769965dd735
086186b46bab648cd75474724d6eba688d0c6e592672d2ad86d57988dbba7681
0d114778023ce7fe2dff3f4aac57a15e3a3a5c97875a80d46b66d197a6fdd9aa
155143806b406e02618629fa533743b83d5106756fc62422f3834480a49bf6f9
1668cc6245de787187adc85cac679a9a03a178186af0eeabe5389787b0ca0107
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
31cc6b72e56b6d33e07ae0a498b1f44a1cc52b7ab3bcf426afdfb2858b0937a5
32c3414e993c5c66e15dfb7208ad9cf666b9b7212cebd7fd8109c713ac34e80a
3c8cd71b25601820aa5893136ab33d413f7789da1a49e3566da34b42f9ea2f08
3ca60c9b7f51448f9597fe0b15435ade18740fab213032b9e1b9e68a9b86f30f
4b757264bdc8448edac3f934cdb078cc6d7842068b449b91bdc47e9e76b00b04
4d92f55077f7205ab8577e09418f7b3757e4ae688b9c8dca2efb56af32513729
517fae04bff4fcba4c03ec091e6684f77da126781e563a21819ee544b02a5464
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5e353ff8d345d1818d8c0dda29b9f703386709cec9aa26b02377d9374b692f79
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6ab0e2bd5a6003882d29ff2ef4beba612a154cb6be12b8133bc17f81b9922955
6b64bdae967b8f776cb17fd8949d7a22785eba7ed410c65f62a7d604a1e5ee38
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7c9807454607191fc0ee5c4c777c7b4ed69c286dde019f64003b2170a10c7f89
7e82b90e1414bd6c43386e642eb8a454c1e840cf07b5cad91d39f35aea40d653
7f560b78d9dcc86d126b07b4e9df9b85bab779b08d85e0808ad722d78c446585
7fd77c2a1954dc2b757a6b8245a264a0422a70161f9566d997bac242f47d5bbc
85e8ac3606ff45b3c10becebd29c3982026e93f77343ec0f748d87316fdb5d04
876aa62e9065c95b6ae1b2e15da1a47936aa807495a5d3097d270c3e98efad1d
87a05e266719cffcabe1f5b046d7e6c0b095a2f35723e3d00b41d001b5b02ff0
8af3f8c495f85adf0c42a35d5e5c6400db5a07b76cc00c62ab72baaf0b80c26e
971259392517086cf8e76d37862bd77c61d9656ea92756b8ab83f5a522244bc1
972fb220a6324342f43cbfe875c888fce1b2d05b9c68fa42428c12e0744ef39d
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
9a5ac199133a042646791a688c0f2cf7a0e22931667838dd1e747db176977b74
9db33f748119b895ca22e6a219290c8ae9c3e5da38ba566e13876654c759da39
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
be7e34c6bc7ce9bf655a63aef54e824ac3bb5917eb64180ed30e577a50a988cb
c055ea947c8bcdee51fe5ac7d23e369617872fecaaa560c91736644f44aa221a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e1010f741564360e01d79b6861fcaab27d3aa9cf7880917a22ed11ea01f19d60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b377941c7661c42ab6886f6692434610d177841b92b38aeea578d029fe0a7b
f700c1c383931ba77eac334f7b683ce0a85b29649482d190980c013665da7a4d
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

allbad.cards Open in urlscan Pro 2606:4700:20::681a:697 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

98 %HTTPS

83 %IPv6

15 Domains

24 Subdomains

22 IPs

3 Countries

1265 kBTransfer

3508 kBSize

8 Cookies

4 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

allbad.cards Open in urlscan Pro
2606:4700:20::681a:697 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

98 %
HTTPS

83 %
IPv6

15
Domains

24
Subdomains

22
IPs

3
Countries

1265 kB
Transfer

3508 kB
Size

8
Cookies

56 HTTP transactions
0 data transactions