bad.cards Open in urlscan Pro
172.67.75.226 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bad.cards/
Submission: On March 27 via api (March 27th 2024, 2:15:21 am UTC) from US — Scanned from DE

Summary HTTP 86 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 16 domains to perform 86 HTTP transactions. The main IP is 172.67.75.226, located in United States and belongs to CLOUDFLARENET, US. The main domain is bad.cards.
TLS certificate: Issued by E1 on February 16th 2024. Valid for: 3 months.

This is the only time bad.cards was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	172.67.75.226 172.67.75.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
8	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	143.204.215.56 143.204.215.56	16509 (AMAZON-02) (AMAZON-02)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::ac43:4b99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.147.115 18.66.147.115	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 _) (CDN77 _)
2	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	142.250.185.136 142.250.185.136	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
2	18.66.147.118 18.66.147.118	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6812:3bb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::6812:212d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a04:4e42:200... 2a04:4e42:200::720	54113 (FASTLY) (FASTLY)
1	2600:9000:249... 2600:9000:2491:7c00:18:28e9:8880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.61 18.66.122.61	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.58 143.204.215.58	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
86	27

26 172.67.75.226 (United States)

ASN13335 (CLOUDFLARENET, US)

bad.cards	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.bad.cards	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-56.fra53.r.cloudfront.net

cdn.refersion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b99 (United States)

ASN13335 (CLOUDFLARENET, US)

wisepops.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-115.fra60.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

web-sdk.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-118.fra60.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:3bb (United States)

ASN13335 (CLOUDFLARENET, US)

a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:212d (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.refersion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:200::720 (United States)

ASN54113 (FASTLY, US)

images.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:7c00:18:28e9:8880:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.bad.cards	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-61.fra60.r.cloudfront.net

d3k81ch9hvuctc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-58.fra53.r.cloudfront.net

pub-a5fa57787d10daadcf9f.tracking.refersion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	bad.cards bad.cards api.bad.cards static.bad.cards	1 MB
21	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 3359 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4275 fast.a.klaviyo.com — Cisco Umbrella Rank: 4628 static-forms.klaviyo.com — Cisco Umbrella Rank: 4163 a.klaviyo.com — Cisco Umbrella Rank: 4113	153 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 138 tpc.googlesyndication.com — Cisco Umbrella Rank: 199	207 KB
4	prismic.io images.prismic.io — Cisco Umbrella Rank: 20993	93 KB
4	refersion.com cdn.refersion.com — Cisco Umbrella Rank: 41781 tracking.refersion.com — Cisco Umbrella Rank: 47883 pub-a5fa57787d10daadcf9f.tracking.refersion.com	32 KB
3	stripe.com js.stripe.com — Cisco Umbrella Rank: 2489	149 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 108	256 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	165 KB
2	smartlook.com web-sdk.smartlook.com — Cisco Umbrella Rank: 28922	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 112	1 KB
1	cloudfront.net d3k81ch9hvuctc.cloudfront.net	31 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4335	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 203	249 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2156	249 B
1	wisepops.net wisepops.net — Cisco Umbrella Rank: 19414
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1397	7 KB
86	16

	Domain	Requested by
15	bad.cards	bad.cards static.cloudflareinsights.com
13	static.klaviyo.com	bad.cards static.klaviyo.com
11	api.bad.cards	bad.cards
8	pagead2.googlesyndication.com	bad.cards pagead2.googlesyndication.com
4	images.prismic.io	bad.cards
4	a.klaviyo.com	static-tracking.klaviyo.com
3	js.stripe.com	bad.cards js.stripe.com
3	www.googletagmanager.com	bad.cards www.googletagmanager.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	tracking.refersion.com	cdn.refersion.com
2	web-sdk.smartlook.com	bad.cards web-sdk.smartlook.com
2	fonts.gstatic.com	fonts.googleapis.com
2	static-tracking.klaviyo.com	static.klaviyo.com
2	fonts.googleapis.com	bad.cards client
1	pub-a5fa57787d10daadcf9f.tracking.refersion.com	cdn.refersion.com
1	d3k81ch9hvuctc.cloudfront.net	bad.cards
1	static.bad.cards	bad.cards
1	www.google.de	bad.cards
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static-forms.klaviyo.com	static-tracking.klaviyo.com
1	fast.a.klaviyo.com	static-tracking.klaviyo.com
1	wisepops.net	bad.cards
1	cdn.refersion.com	bad.cards
1	static.cloudflareinsights.com	bad.cards
1	www.gstatic.com	bad.cards
86	26

This site contains links to these domains. Also see Links.

Domain
twitter.com
instagram.com
reddit.com
patreon.com
checkout.stripe.com

Subject Issuer	Validity	Valid
bad.cards E1	`2024-02-16` - `2024-05-16`	3 months	crt.sh
static.klaviyo.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.refersion.com Amazon RSA 2048 M03	`2024-02-26` - `2025-03-25`	a year	crt.sh
static-tracking.klaviyo.com R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
wisepops.net GTS CA 1P5	`2024-03-24` - `2024-06-22`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
api.bad.cards E1	`2024-02-19` - `2024-05-19`	3 months	crt.sh
1688964705.rsc.cdn77.org R3	`2024-02-23` - `2024-05-23`	3 months	crt.sh
fast.a.klaviyo.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
static-forms.klaviyo.com R3	`2024-02-20` - `2024-05-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-24` - `2024-06-23`	a year	crt.sh
images.prismic.io Certainly Intermediate R1	`2024-03-08` - `2024-04-07`	a month	crt.sh
static.bad.cards Amazon RSA 2048 M02	`2023-11-05` - `2024-12-03`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.tracking.refersion.com Amazon RSA 2048 M01	`2023-08-12` - `2024-09-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://bad.cards/
Frame ID: CE3F7EC1BBEC86E93AADBDED7EA366F5
Requests: 78 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3525646721011012&output=html&adk=1812271804&adf=3025194257&lmt=1704939388&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbad.cards%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuNTgiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuNTgiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjU4Il1dLDBd&dt=1711505715686&bpp=2&bdt=655&idt=159&shv=r20240321&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1812546392581&frm=20&pv=2&ga_vid=1366199529.1711505716&ga_sid=1711505716&ga_hid=843245834&ga_fc=1&u_tz=60&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C42531705%2C44798934%2C31082078%2C95321963%2C95328826&oid=2&pvsid=804653489761242&tmod=741575988&uas=0&nvt=1&fsapi=1&fc=1920&brdim=770%2C570%2C770%2C570%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=186
Frame ID: F171D9EC28C3C129A4C038B54C4C683E
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-59712691d6b10782f5c18f081277b020.html
Frame ID: 7FFDB813AC7BC59FD50DA20703D492C9
Requests: 1 HTTP requests in this frame

Frame: https://pub-a5fa57787d10daadcf9f.tracking.refersion.com/r.html
Frame ID: 23AC1F597D8C95DD02D4E5D9D04794E9
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 8C2B1BFC1CAD6DCD81B91246AECB3EFD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3B0C4FFD7E522CAC27A51445AAD7F235
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bad Cards | good games for your bad side.

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

Page Statistics

86
Requests

99 %
HTTPS

54 %
IPv6

16
Domains

26
Subdomains

27
IPs

3
Countries

2538 kB
Transfer

5826 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://twitter.com/playbadcards/

Search URL Search Domain Scan URL

URL: https://instagram.com/playbadcards?igshid=YmMyMTA2M2Y=

Search URL Search Domain Scan URL

URL: https://reddit.com/r/allbadcards

Search URL Search Domain Scan URL

URL: http://patreon.com/allbadcards/

Search URL Search Domain Scan URL

URL: https://checkout.stripe.com/c/pay/cs_live_b1yBkfxWvaDGOvgObRGwm8kfqS3nN9vjRRko3sZ2OKNvJWCThuQXekfhgv#fidkdWxOYHwnPyd1blppbHNgWjA0TDE8NTVGfTdoZ25iRmFEZzZfV3ZoMnRgd2h3b2lVcTNpSEB3bWFiTklqQGhmcDFJTmdNQF1PdmFSUFQwV2R2Ql1yN0xzYm9xNFxDaVZvYURHRl1Id2JQNTV9QkBQa2dTTycpJ2hsYXYnP34nYnBsYSc%2FJ2BkNGAzN2AxKGc2YDUoMTUyPCg9N2ZjKDMzNWBjYzJhYz0yNzw0PDZjNScpJ2hwbGEnPydjMTJgZGFkYygxN2NkKDE2PWYoZDZnNigwYTU3NzZmYDYzMmA2YWA2ZzYnKSd2bGEnPyc9MWFjNT09ZCgwNGRgKDE1MGYoPWZgMygzMjRgMWFjNTw8YGY3MWNnMGYneCknZ2BxZHYnP15YKSdpZHxqcHFRfHVgJz8naHBpcWxabHFgaCcpJ3dgY2B3d2B3SndsYmxrJz8nbXFxdXY%2FKipnZGErZmR3YXYneCUl
Title: Super Subsciber subscription

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
bad.cards/ 8 KB
4 KB 763ms
301ms Document
text/html 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002813a2b4c02c892fdc1f8958c5b1b7e1f8a6f3510ff61659494cafd8e7db9e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86abdf1d2b8b917a-FRA
content-encoding: br
content-type: text/html
date: Wed, 27 Mar 2024 02:15:15 GMT
last-modified: Thu, 11 Jan 2024 02:16:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d0QJagaS%2FKCU5RfEgAyISeJSmMNibdqC90IjUFnn1M8o%2BQGFiKoodom2z28N9KAO2IIh53ynfd5dE3iuzq%2B%2F%2B1omU0jb3l7L3bXsAW%2FZqRD60CnFnINoyxyHEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: NKCfVpNvFWf/GUYDYxd9Fn8XLTUxOurvzr8xhv+wkNDNQ18iSJMJzceWAUDPnlJvS/PQwEOlWYA=
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5: 06c0fee69673dd16e8cfb093613fd9ed
x-amz-meta-codebuild-content-sha256: 35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
x-amz-request-id: KV2MJBYF54FBE72R
x-amz-version-id: CaIP5OZ4ThxfHhT9shKVkO7jiGnUTHi0

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 4 KB
2 KB 153ms
39ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

883e0ed227576bf0db14075ebf49c6a68553e98522f75e5e6d5994cd0657ed5e

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:15 GMT
age: 11298
x-cache: HIT, HIT
content-length: 1170
x-served-by: cache-lga21927-LGA, cache-fra-etou8220078-FRA
server: nginx
x-timer: S1711505715.178005,VS0,VE0
etag: W/"e7ecf74ad13c48b050ea644fe1fa051d"
allow: OPTIONS, GET
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-language: en-us
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
content-type: application/javascript
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 11, 237

GET
H3 200 logo-small.png
bad.cards/ 43 KB
44 KB 165ms
164ms Image
image/webp 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bad.cards/logo-small.png?2
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 410ef933fcf7e164fd4d087bfbf65f43d1e55d17526a6d3496698a7911474771

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-version-id: qm3yrBkj0Z.ATBrPYhBIT9CvLxSxr18y
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GSVKXMF9G13CFFFW
cf-polished: origFmt=png, origSize=84701
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
content-disposition: inline; filename="logo-small.webp"
x-amz-meta-codebuild-content-md5: 06c0fee69673dd16e8cfb093613fd9ed
content-length: 44042
x-amz-id-2: ykrNCvd2OI1eA5JyZ2DVOKrR+2HgSQ+IM6ZRsYM09fGSC8FXqgFRiXrdtJmU/KXrK0MumTtxLvI=
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 11 Jan 2024 02:16:36 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "2cbdcb10271e7175ee6cb9774c7a44cc"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xEmmXRE20Q%2BnzoiiEMEEdT3jWaDYOWbIjZve0zDIREbA3F117eFiAZOE8FRRTN4DWr62C9BelAV%2BR12MwvxU%2FTauQ3xwFWJ1ooblR8AbEszC9huvQvH0Fcx0lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-amz-meta-codebuild-content-sha256: 35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
accept-ranges: bytes
cf-ray: 86abdf1f2c54917a-FRA

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
840 B 148ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Spline+Sans:wght@300;400;700&display=swap

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

127bb164c943645ec093dcffaf9e8e9a4c6eea16845dcdde53fcb1d150e6692a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Mar 2024 02:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 02:15:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Mar 2024 02:15:15 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 141ms
58ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

af77cf353141fb692463a7b527e4b3b372faa57efc1ada671f021c6755b39ce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51058
x-xss-protection: 0
server: cafe
etag: 1490850024009652423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 27 Mar 2024 02:15:15 GMT

GET
H2 200 cast_receiver_framework.js Show response
www.gstatic.com/cast/sdk/libs/caf_receiver/v3/ 344 KB
90 KB 154ms
58ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56fd2c12fe2b5236053f10d190c3b7c89e55b7534c91a4451824b203c2a155dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91319
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 21:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Wed, 27 Mar 2024 02:15:15 GMT

GET
H3 200 main.5bc16e45.chunk.css
bad.cards/static/css/ 2 KB
1 KB 243ms
242ms Stylesheet
text/css 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/css/main.5bc16e45.chunk.css
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 275cfaaa9a9c31fe14a1c842243be14d237cb34e2871813b2a22797dd70fd297

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-version-id: Wgpb93pEOIXlZ5LEOaiHHRAMmmAwpeeV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EC1G936DC72QE3DP
cf-polished: status=cannot_optimize
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5: 06c0fee69673dd16e8cfb093613fd9ed
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ZVmOjwMxh0x+zexEDfmH4xBDKD/FRQf4AAvMI/aIoa8T2CHxcaQupl5YkJZ0B+ahvpeNYTZ+w/c=
last-modified: Thu, 11 Jan 2024 02:16:45 GMT
cf-bgj: minify
server: cloudflare
etag: W/"723f4df00015f5bfcd6c608ca1756910"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BUvCFTdYGFww%2FAujXrlboVDa3fzpdnfR1PJMNMmDS5X2Are9ZMY6ar0v%2F3Xodvu2Oltcfvt66nNrLo1evHO9mnbxzfLCU456xU4uxRC8yCAoS75Pe3dENoabQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-amz-meta-codebuild-content-sha256: 35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray: 86abdf1f2c55917a-FRA

GET
H3 200 7.76afe3d5.chunk.js Show response
bad.cards/static/js/ 1 MB
380 KB 243ms
242ms Script
application/x-javascript 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/js/7.76afe3d5.chunk.js?bv=1704938194264
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b3c1bc6754d998f93916a5299eaa865a666b89544b320acd6c45bedbc2e754

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-version-id: .q4byC4eAC40v.Nie9QGfHsntX1618UY
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PAD9Y64PRXXP796Y
cf-polished: origSize=1379277
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5: 06c0fee69673dd16e8cfb093613fd9ed
alt-svc: h3=":443"; ma=86400
x-amz-id-2: u6bxf5uBlmfyEKlKlkoBf0c3syT4RmXlkAtU9e5/l/YuIFkglPXt3ZDfhMv6qIbm0DXJsh9guzw=
last-modified: Thu, 11 Jan 2024 02:16:39 GMT
cf-bgj: minify
server: cloudflare
etag: W/"21c51dc888b501911966bf9973c7ff89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPDYk3Iqk3WKFqhFiQ3UAOhB%2B48JdDCSFHDQmldba3lIH2xK8p6tzQBFXuJiSeLNF7njCGKT535rV58rBvJeW208yO9%2FhwV%2FFILG%2FoadT6cAtSIYCUFJC618eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray: 86abdf1f2c56917a-FRA

GET
H3 200 main.76afe3d5.chunk.js Show response
bad.cards/static/js/ 187 KB
49 KB 361ms
361ms Script
application/x-javascript 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668bec4f01c3a975859c827b47a3914395dc8014717ba669ff9a824d1f0b490d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-version-id: W2t3UnYVlPAFZWl82Xn8QgUo3rWZ0pOg
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GKHS0DKVYN2P1NV4
cf-polished: origSize=191461
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5: 06c0fee69673dd16e8cfb093613fd9ed
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 9qZmO3qlVYFm8lwQKnOA9xBRXLxV7Xoh31h0yq0djtHr3CBLIhL/LbR4sFOqk9UarLaJtaQHDPU=
last-modified: Thu, 11 Jan 2024 02:16:33 GMT
cf-bgj: minify
server: cloudflare
etag: W/"89d6aeaaa1044f1174273a1c11b3881e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lKLQLLSG84UBrOqfkRhlyLHvvchzO7nG5p7mDmJfYh9saRcvnOzmpj4C2aaPGBzGhUrGPxsTlyw2X%2BIDMmkjhJFFvZE%2FBeBD9SE4hAWuazEMRS82rYK%2BROnarg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray: 86abdf1f2c57917a-FRA

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 157ms
67ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 86abdf215dc9916e-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 129 KB
50 KB 146ms
52ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5VR86X

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aee309d1262067162bb9407c310a72adf5e80457479766a16c26041802bed3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50545
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Mar 2024 02:15:15 GMT

GET
H/1.1 200
OK refersion.js Show response
cdn.refersion.com/ 31 KB
32 KB 168ms
44ms Script
application/x-javascript 143.204.215.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.refersion.com/refersion.js
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-56.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9ca1f96ff7ba29afd8520b80dbff93a386d205d07c6be3025fd17c1208108b5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: .z6Ij8RKlWu7_TjQFcP9teRjS.tAjstL
Date: Tue, 26 Mar 2024 04:47:19 GMT
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Age: 77277
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:441910979855:build/Refersion-Tracking-Build:73628c93-f755-4b3d-8d5c-a1ebdbebadc0
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-codebuild-content-md5: 91ec5cf5fda69cb6cd86040e2dd38391
Content-Length: 31724
Last-Modified: Wed, 22 Feb 2023 15:36:53 GMT
Server: AmazonS3
ETag: "cc3f66d9f13a349a59672074e6354f8a"
x-amz-meta-codebuild-content-sha256: 42d26243f1280db4b5fe4f14da9a93e79ee5c40ecaa56e39403c9417ef85fa11
Content-Type: application/x-javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: AypQlrbgu1BU2108y-eZ34N7P-gX1Ri59_XxbmO1j9oeXRgR-6ZlmA==

GET
H2 200 fender_analytics.ef4116f665b9b33c638e.js Show response
static-tracking.klaviyo.com/onsite/js/ 31 KB
12 KB 148ms
38ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.ef4116f665b9b33c638e.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c33ac6bac0d25dcb6f29eca048dfb3fcc7e0e50ef3df9aecb3f5375f7b1300b9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: D7d8SMg9JwWnVKVLbBADvXiYsHJGXaSm
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-request-id: 4CRGPH5MK9EGCT38
age: 11308
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12138
x-amz-id-2: WV4R2V7QFC8kw04ncge9bLb5YZBaZdwZ9bmqr0XOczC+F5YW+Ks+YomUE4h7iTbHiuslR3XV/M8=
x-served-by: cache-lga21921-LGA, cache-fra-etou8220110-FRA
last-modified: Thu, 29 Feb 2024 01:31:33 GMT
server: AmazonS3
etag: "1c1ff17ca82da1c09cc65108b4b565bf"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 771bbde1e53e812fa870a548a80f450846d20814
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 15, 2424

GET
H2 200 static.500134348b1f0969ffe3.js Show response
static-tracking.klaviyo.com/onsite/js/ 2 KB
1 KB 154ms
45ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 7U3jLLw9z4sVt_PYSHf5O2sK.gyJewM_
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-request-id: 4CRPYHS3F7K4D385
age: 11308
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 985
x-amz-id-2: 2Ym4rT3wvHvg4KVFVjOt14zJE3tHMBUQ6D3ERCx5FQnbpUe004rhSpytFdKz3bo6qS30WNLsYqg=
x-served-by: cache-lga21976-LGA, cache-fra-etou8220110-FRA
last-modified: Thu, 29 Feb 2024 01:31:33 GMT
server: AmazonS3
etag: "64de10774c3382fe4adddab07ea17f0d"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 771bbde1e53e812fa870a548a80f450846d20814
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 153, 2424

GET
H2 200 runtime.ac002e97523e0e78dcff.js Show response
static.klaviyo.com/onsite/js/ 20 KB
9 KB 118ms
38ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.ac002e97523e0e78dcff.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e8ff7c362f70415bad137f8dfc71381b3859938058ea93497ce49431ca5041e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Y4mTKh4fTMF4sgzrq9uXntWyMWX70fZI
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-request-id: FYRMZNJQHAH2DDFV
age: 11308
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8355
x-amz-id-2: ogoNLiBd5XrDN7XOYIu9Vq6HWn0fHuKrRweZ5APh6lPin65CXUp0se5hBgReJyn8wRVwjT9WEx4=
x-served-by: cache-lga21953-LGA, cache-fra-etou8220092-FRA
last-modified: Mon, 25 Mar 2024 15:48:43 GMT
server: AmazonS3
etag: "0389a784f33b8e18ea209c26ce761280"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 154b3c2da6cc6705406b66ef6a709c6e6f975883
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 8, 2577

GET
H2 200 sharedUtils.da5b208f17f49ca644cf.js Show response
static.klaviyo.com/onsite/js/ 44 KB
17 KB 121ms
42ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.da5b208f17f49ca644cf.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b815979d86effe554c2c612fb559b096c95f4de32c796f64554f6db8efef34e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: nPpew2aRjLe6Q49h6JWOnEpN1rCpsisb
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-request-id: MFHS0C661464BTG0
age: 11308
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 17037
x-amz-id-2: uKqdhbS0m0CaLY1Br3sDxol//xvjMLVTIUhnoX/kv/aZGEhpSOV+imLKgbwMveooX3ai2jR//oY=
x-served-by: cache-lga21947-LGA, cache-fra-etou8220092-FRA
last-modified: Tue, 26 Mar 2024 01:54:42 GMT
server: AmazonS3
etag: "da4c6ecbf818aeea800b75a20a058592"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: b73be40bfdaa4b5867e86d56c4601a5421797eb1
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 52, 2720

GET
H2 200 vendors~signup_forms~onsite-triggering.864cb3176bd70af21590.js Show response
static.klaviyo.com/onsite/js/ 20 KB
8 KB 121ms
43ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms~onsite-triggering.864cb3176bd70af21590.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5478093cbd10c6f050a10a8b06ea68f587a3b237718cd1a1b1f9b8b37ccff4a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: VL81xCfcRn1Ol1kdKune1PLT11kNI9M0
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-request-id: 4CRVN907YG8C7VW0
age: 11308
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7259
x-amz-id-2: 8mkoZTFnamljJevlesSEfBCVDYcuO/tVv3WKHq48QIK1zZvj3+TlVw6odvWxS8SuqSHkN1k+7D2ua4xPYO2AcQ==
x-served-by: cache-lga21932-LGA, cache-fra-etou8220092-FRA
last-modified: Thu, 29 Feb 2024 01:31:33 GMT
server: AmazonS3
etag: "6892cb06d116035760ead469a5a594cf"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 771bbde1e53e812fa870a548a80f450846d20814
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 34, 1592

GET
H2 200 vendors~signup_forms.e707d6d405eecdf67185.js Show response
static.klaviyo.com/onsite/js/ 12 KB
4 KB 121ms
42ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.e707d6d405eecdf67185.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb8d8f1ac92076838afbc5d039b1f60ad83c1dcb38911112059afeae7dc4583d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 3CAxwFhiTmJ7DlWsT1d21kohJWUc0GYT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-request-id: KRRA0TXMD346120Q
age: 11307
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4243
x-amz-id-2: saAdezjwSrWFsmh2xoOVS0Vc7yELk0aTERbCMS12Ju2snp0sjpSA3cPW5HKehGa5be1NgH00yKMqwUcOd3oHZz2yTy3EYz1IykBi9pejz+s=
x-served-by: cache-lga21965-LGA, cache-fra-etou8220092-FRA
last-modified: Wed, 28 Feb 2024 17:55:40 GMT
server: AmazonS3
etag: "05af735bb01844f826e4e4e8be8d4529"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 9886d9585773b1ccb805a0eef6d4c2d72206d9ba
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 76, 1549

GET
H2 200 default~signup_forms~onsite-triggering.f802a18932c79492ad38.js Show response
static.klaviyo.com/onsite/js/ 30 KB
9 KB 155ms
76ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.f802a18932c79492ad38.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 381b37762970831071baa2916dcb4008f0039de83e6db97e20085b3c61daff54

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qtsFjYDk4BlUn1g2DS.n32I2O7qXdXfl
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-request-id: 4CRTKB0W9BVM3YC4
age: 11308
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 9344
x-amz-id-2: sUZCC/XYisYq1fZWWJVNleCm/G5zoeNgqLrPnKuBIeszvSl1wSmv2+K3GcspjUwUm76ijPx7iDbDMLATKYRBgg==
x-served-by: cache-lga21950-LGA, cache-fra-etou8220092-FRA
last-modified: Thu, 29 Feb 2024 01:31:33 GMT
server: AmazonS3
etag: "d34d9221f78489a21a7b023ac739adae"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 771bbde1e53e812fa870a548a80f450846d20814
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 4, 1591

GET
H2 200 signup_forms.b6b6f28ee33b9d03e436.js Show response
static.klaviyo.com/onsite/js/ 14 KB
5 KB 158ms
80ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.b6b6f28ee33b9d03e436.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d32eb598d06797c30eb0ab0f472c07bb6798f03654f4829a964a70d5c4dec9da

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: q4mIl_IF.X3y.iWtVRI1Eta8k8DwnNGZ
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-request-id: CDMVSR8YGHQMP3KD
age: 11307
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5333
x-amz-id-2: oxIzIsftv/NltM3v/TNnoLN8rOlMjIRT4Pv7wqlAw53DKrQeJHsmKq7wtkbwGI0dPXj6tba2ZNo=
x-served-by: cache-lga21973-LGA, cache-fra-etou8220092-FRA
last-modified: Thu, 14 Mar 2024 14:15:17 GMT
server: AmazonS3
etag: "f83889f3ef9aba34fbff7085add56783"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 45b57a56e703881dbf8671f9858e991148697c50
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 50, 1589

GET
H2 401 loader.js
wisepops.net/ 0
0 532ms
436ms Script
text/plain 2606:4700:20::ac43:4b99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wisepops.net/loader.js?v=2&h=zkQm27zoAD
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2BjIz0FR3R1eHQCEw9pP1E7oZ9FOHwtFyw%2B2zmqFZQTvJQfbfwjAa1bhuOv5WgvvkSxGg1LNR9JUAvQqdSvLMWitpw2O%2BCkJVY6MfBgR45NNzao6Ee8wOQ2zk4MMfQ7nDXLRs2iUoQoK%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800, s-maxage=3600
cf-ray: 86abdf216c10bba1-FRA

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 139ms
58ms Fetch
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50884
x-xss-protection: 0
server: cafe
etag: 17024877558734822319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 27 Mar 2024 02:15:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 324 KB
103 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ

Requested by

Host: bad.cards
URL: https://bad.cards/static/js/7.76afe3d5.chunk.js?bv=1704938194264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c42a0750c74351d5015f3c382fe36c25aa97ec0580768e76b6f0a9d1220bed17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Mar 2024 02:15:15 GMT

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 60ms
59ms Fetch
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50885
x-xss-protection: 0
server: cafe
etag: 2443229126707400255
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 27 Mar 2024 02:15:15 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 607 KB
149 KB 154ms
47ms Script
text/javascript 18.66.147.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: bad.cards
URL: https://bad.cards/static/js/7.76afe3d5.chunk.js?bv=1704938194264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-115.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8d5fbdfed9ac3a0b1fd7f941450d1f2a704b96b1c0a713434f72572bf8a49059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:14:23 GMT
content-encoding: br
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 54
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
last-modified: Tue, 26 Mar 2024 22:11:56 GMT
server: Cloudfront
etag: W/"a4ac3e836ece6e4b71a72511e739a16d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: CGAiki_lVdbYEKMlzqUlaGjX1_X3nTV6ujOcGA7LRPEhFz4o6ob48Q==

GET
H3 200 logo.svg
bad.cards/ 27 KB
12 KB 166ms
166ms Image
image/svg+xml 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bad.cards/logo.svg
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f29ae1e4ea8c2af076975dda7f1d30b835973963e68f94ae3d347247e3192d2a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-version-id: tvZ6F_0HofwhbEBZKgWDk3oWFHgPqxjW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EC1V4PXRX4GXJ4Y3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5: 06c0fee69673dd16e8cfb093613fd9ed
alt-svc: h3=":443"; ma=86400
x-amz-id-2: MMFAW9T6wa4leVxWjSgVH3/qm8MowjzmHgGXq4U91ztbfsd4KI5mBoPWEZDLBIBW6f1Kehn/tCA=
last-modified: Thu, 11 Jan 2024 02:16:46 GMT
server: cloudflare
etag: W/"ce686602e46d8ce390da2835b7381d12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rqqgU7BFEUgqfd7KYUkL9LvGKdq5eiP1e%2FH%2FFJFAjUdsKVHnuwI9xvfXCUbVOVTLWHF3gkBlto54vpicUoz1uU0Hi9KzqpLx%2FEwqyrxRkdbIXKHZGoYKvNzbUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-amz-meta-codebuild-content-sha256: 35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray: 86abdf22bdc6917a-FRA

GET
H3 200 logo_arc.svg
bad.cards/ 53 KB
16 KB 527ms
527ms Image
image/svg+xml 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bad.cards/logo_arc.svg
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3779eac43cd022cc885fac931dc7264461205946e9cd0714877fcafe5cbc18dd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
x-amz-version-id: ypKJ2ZrWD_6qcJHUkf3iA6_5rGXiurSE
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KQRVEQ1YH7G3TEPP
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5: 06c0fee69673dd16e8cfb093613fd9ed
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 7UzGF/QtGokkNgfX3vgni8HkbQQ6+jDjJ1s6l/Dy9VWLSTpOwKC/k+9AVKhvcvPuQqjfbphPSeg=
last-modified: Thu, 11 Jan 2024 02:16:29 GMT
server: cloudflare
etag: W/"23913e44ce3cac92f14b931b1b35239c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VdnVpWxlYNLizA%2FwlQS3sZUesyIjXVu9Rkj3EqsPl71T0s7JpeRfe1jNAk9K0zPlNxZRCyxCFga0bHPaQTn48TaghSJVFgT4Z8hPFJknhnXejJf9wEPE0z9jKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-amz-meta-codebuild-content-sha256: 35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray: 86abdf22bdc7917a-FRA

GET
H2 200 _6_7ED73Uf-2WfU2LzycEbAimC0.woff2
fonts.gstatic.com/s/splinesans/v10/ 56 KB
57 KB 130ms
40ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/splinesans/v10/_6_7ED73Uf-2WfU2LzycEbAimC0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Spline+Sans:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e77f48d11c58959d5129845bf10ce5cc3fbcfb502b8c0fa690946011927d48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:35:01 GMT
x-content-type-options: nosniff
age: 88814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57612
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:59:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Mar 2025 01:35:01 GMT

GET
H3 200 Stacion-Regular.45ccf7d7.woff2
bad.cards/static/media/ 17 KB
18 KB 511ms
510ms Font
application/octet-stream 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/media/Stacion-Regular.45ccf7d7.woff2
Requested by: Host: bad.cards
URL: https://bad.cards/static/css/main.5bc16e45.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6433bb29063bf8ef44e9e8ca2037b3098cb815a7edc999d89508b5fd33f7aff9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/static/css/main.5bc16e45.chunk.css
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
x-amz-version-id: iUzjAp9LuK.gPiN.mZoWMcpeRiIyN256
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EC1HTJXQ4MZAMPMV
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5: 06c0fee69673dd16e8cfb093613fd9ed
content-length: 17856
x-amz-id-2: LghTJ5Dm0BypbXFJVWuhOnSMwT0HfGu5WgQ5LqSacKBauBKPl5o9QUJ2T7OMvDEnn0+neKul2pM=
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 11 Jan 2024 02:16:40 GMT
server: cloudflare
etag: "5d224e4161755db286840003ed42e7b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n7Xp1JeguzrmYoQK0c09yVTHtGbCJz%2B4z7wf%2Buasijm5P7aczSLQplIKl10LqYgD856nFIlvqXn5DUbohzTz30G9NZ%2FCftWsd768EaSHOFBSqF2by2FGE1LR8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-amz-meta-codebuild-content-sha256: 35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
accept-ranges: bytes
cf-ray: 86abdf22cdca917a-FRA

GET
H3 200 GinJus-Regular.39fa2588.woff2
bad.cards/static/media/ 15 KB
15 KB 163ms
162ms Font
application/octet-stream 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/media/GinJus-Regular.39fa2588.woff2
Requested by: Host: bad.cards
URL: https://bad.cards/static/css/main.5bc16e45.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f981d45f43f1c90fd39472e1ed4648205e69ffecbab12cc93eb057ca87276dce

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/static/css/main.5bc16e45.chunk.css
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-version-id: PTXQDYwq88fgCyGt0lqVrsRqlfBQhd1w
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JHYSZ9KR8FW94GGZ
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5: 06c0fee69673dd16e8cfb093613fd9ed
content-length: 14900
x-amz-id-2: h8LLgTH1/fawczBjS2x0hscuesMtphbI62c4q8MWzxC5Jh+Wxi+mv8VyyKFkekolke3F8wGFaZE=
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 11 Jan 2024 02:16:43 GMT
server: cloudflare
etag: "5666a64ba782c7af26eb499815c058b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FvUWHeepZ8bl7ggMvJgDZ%2BC%2BdFIpmcuHy3%2FL7cBRoqTg%2FF6%2FHwVTDhbPWTLv29KrzOQ8LQp4F0w2VEpL8bUQTUp9U2puPKSfxf66UYgE5i37JUTObcPkzmv2KA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-amz-meta-codebuild-content-sha256: 35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
accept-ranges: bytes
cf-ray: 86abdf22cdcd917a-FRA

GET
H3 200 get-auth-urls Show response
api.bad.cards/auth/ 978 B
1008 B 463ms
357ms Fetch
application/json 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/auth/get-auth-urls
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5902b67d28fe517d70224df925277f1d518dc44d1033844e9e0ccb3f353a8be4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3d2-2A3g8Efh8eM5H7V9SAsg2WXVs40"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5DlFBgCbNyqEUNLsqYuUfZS%2F4STOAJfsIGUB7A3UgE8Q5QzuGuplkyBvRjrlCDNthSLdx030AN%2FWTNJT%2BVUuw8lgn10TgTHNR67MpYr9j56fPTVNb%2FC9WYXEDivbCzY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
access-control-allow-credentials: true
cf-ray: 86abdf239f5a1e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 data Show response
api.bad.cards/api/user/ 118 B
589 B 471ms
363ms Fetch
application/json 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/user/data?authTypes=patreon
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a832dc33fd579bba19294511e037b6fa99f01e211eddc9fd11b355bb5c1fbfd8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"76-8ocUVIEYJo7HzaWn50eEi3HQvlo"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=to907yWGabngkFZOkddQlkrBW2AYk4i99jpatIBRJ7z1MZkVXOOpKGZ93VSLT0IK5Fef5BpI%2FRB4P7dMakqeG8m6u4JW9M1lP1a0jiX%2FslHN8irvjKlkGJHGakFIss8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
access-control-allow-credentials: true
cf-ray: 86abdf239f5f1e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 get-auth-urls Show response
api.bad.cards/auth/ 978 B
965 B 466ms
361ms Fetch
application/json 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/auth/get-auth-urls
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5902b67d28fe517d70224df925277f1d518dc44d1033844e9e0ccb3f353a8be4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3d2-2A3g8Efh8eM5H7V9SAsg2WXVs40"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wmLJrkUKcwUqUVPel%2Bcfue4Q1i9fQaAMUMihMYcQYWbeiQ5RZ1yiIg29u4p8zhgmWdGnJQfi9rDqHw9LZINAbV8BeSQNHM7KLckkz0nqC1%2Fol8aklqiRuck2c3L8Pbw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
access-control-allow-credentials: true
cf-ray: 86abdf239f5d1e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 homepage-faq Show response
api.bad.cards/api/content/ 9 KB
4 KB 476ms
371ms Fetch
application/json 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/content/homepage-faq
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: efb0dc0e4239ea59c90a3d465578a66bff9d9372cba852d5fdaa7a4c46ecbb72

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"22b2-I7v20HWurRkInIquKbFZzvbUCOs"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N4u5WLomKW98Ua9dMNsupFHXpvxaa35mvEJ9FwRtiDudrg9ss3XPExz1LrA4cGjG75mCk6ZXJIZ6cYeQsQ%2F%2FRaUBnHFNeAan%2F5%2BiEklF2bbG8awBOLZ35EBKz35Xy4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
cache-control: max-age=300
access-control-allow-credentials: true
cf-ray: 86abdf239f5e1e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 upsells Show response
api.bad.cards/api/content/ 4 KB
2 KB 527ms
422ms Fetch
application/json 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/content/upsells
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 726558ff0910cbe12ec98afcec56d49b360a0cfd8c803931f579b1889096788d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"e08-3gEjGlWLWqQvOa8UPQD3ZtrMB8I"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7nw3JbCzVMLDwHdv9gy7t2I2r93C1ER6Ey5ZqxqoAMwnxj4PnVEO9zuaaTIdSQpjyV%2Fij2OH08YpznUBccs5evC4EFTX6xRV8vf2NVzEfG2Ry4GVxabGA6sTKBDuhvM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
cache-control: max-age=300
access-control-allow-credentials: true
cf-ray: 86abdf239f621e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 homepage-faq Show response
api.bad.cards/api/content/ 9 KB
4 KB 482ms
378ms Fetch
application/json 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/content/homepage-faq
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: efb0dc0e4239ea59c90a3d465578a66bff9d9372cba852d5fdaa7a4c46ecbb72

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"22b2-I7v20HWurRkInIquKbFZzvbUCOs"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eICKrAGu2HaOMNOvZS%2FhjfK%2FdPUcjD5LATtQ3rnsQEAjGf8M51smtlBDrXXpRJz4V9Z67ZjJBxXPQz%2FF4ze3Ne7cVpMgzR7wFE3jBQtGZdD8vWYkkHysgEPw3GMm9EE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
cache-control: max-age=300
access-control-allow-credentials: true
cf-ray: 86abdf239f5c1e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 homepage-faq Show response
api.bad.cards/api/content/ 9 KB
4 KB 497ms
393ms Fetch
application/json 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/content/homepage-faq
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: efb0dc0e4239ea59c90a3d465578a66bff9d9372cba852d5fdaa7a4c46ecbb72

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"22b2-I7v20HWurRkInIquKbFZzvbUCOs"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QjOW5%2FuUj%2FXxT9kn0oa8Z3TA06ehzruZSnjakAsSKcwkbY%2BAoSzZlNXkrRi3TaSaRkz4RZ2CxBe3JR3eI7XXBy3Ht4%2BDv2b1hE7UTjius3bBzB6I3IfVzDlPVEExub8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
cache-control: max-age=300
access-control-allow-credentials: true
cf-ray: 86abdf239f5b1e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 register Show response
api.bad.cards/api/user/ 341 B
1 KB 462ms
358ms Fetch
application/json 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/user/register
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8b689242a75bf8510b5e8ee3d2d8e85306ca4077d29f86e517fedb3d74288311

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"155-mh96gcAiICssZMuuL6Fr6/DJnQY"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=phnBVa1weHGtMm50p54XoFJqpnOhd94aIL%2FGOQLihtBkj5Ttgn%2FEoSM3MYNb4Q3lSAx%2BjjT2LGj8JUzjh3uv3m3NpaFcfiL%2F9y9rzpc%2BwCVWK%2FEZKh0ln%2FpzbiVCgfk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
access-control-allow-credentials: true
cf-ray: 86abdf239f601e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 packlist Show response
api.bad.cards/api/product/ 51 KB
12 KB 691ms
587ms Fetch
application/json 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/product/packlist
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3efc750dc0d6c4e1387bd4e2aaf82f5c985a16175d991a3cf51cd2cd1fbb7e39

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"cc0f-5ba592HubvV63NztK0tmcviirfU"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UPJDTthvq9kw%2FJYIFHKcdSPJq%2BLL16q2a2dhFaGzSJsaxHKMLbajCa3n16YNUaZz8AzTQ8E%2BkQR06VJfp8%2FN5KrK3uBlxwSTGLbcqChgHlzdY4bVIIKCqhtl%2FX0Mg04%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
cache-control: max-age=15
access-control-allow-credentials: true
cf-ray: 86abdf239f611e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 recorder.js Show response
web-sdk.smartlook.com/ 6 KB
2 KB 141ms
39ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/recorder.js

Requested by

Host: bad.cards
URL: https://bad.cards/static/js/7.76afe3d5.chunk.js?bv=1704938194264

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

6e6603551c18da87a5162c6597a017d6e1228eeffe9fc38d192f191c64e3a0b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Mar 2024 02:15:15 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-77-cache: HIT
x-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 490
x-accel-date: 1711505225
x-77-nzt: EgwBnJIhiAH36gEAAAwBJRPCMQH3AAAAAA
x-accel-expires: @1711505824
x-77-age: 490
last-modified: Tue, 26 Mar 2024 08:12:43 GMT
server: CDN77-Turbo
etag: W/"6602837b-17d1"
x-77-nzt-ray: f6587a1d330a738333810366e6a5162e
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 1018 B
2 KB 141ms
39ms XHR
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=U5krLA

Requested by

Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.ef4116f665b9b33c638e.js?cb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b04730f497e464c0e7e3d447e727c7cca49b1646d5460c748a06ca34c5886b77

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
Strict-Transport-Security	max-age=900

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:15 GMT
strict-transport-security: max-age=900
age: 4818588
x-cache: HIT, HIT
content-length: 1018
x-served-by: cache-bos4665-BOS, cache-fra-etou8220116-FRA
server: nginx
allow: GET, HEAD, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=10
access-control-allow-credentials: true
vary: Cookie
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 474, 1

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v7/U5krLA/ 28 KB
6 KB 141ms
40ms XHR
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v7/U5krLA/full-forms
Requested by: Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.ef4116f665b9b33c638e.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7e8f43ea6f9a843c7ec115ab499426387e8eef347f706d43dbe1cae08085bba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: yq2CBIHe2OSl_e8P9BsWCvXX3XVAn33V
content-encoding: gzip
via: 1.1 varnish
date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-request-id: 2YFWFN52YSC200NK
age: 600518
x-amz-server-side-encryption: AES256
x-cache: HIT
client-geo-continent: EU
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/U5krLA custom-fonts/U5krLA
content-length: 5059
x-amz-id-2: go/xHNIYTnO+q19TtVDxh4SXI3ZwKHclTCWDmd7UKmNbtfXP7ECX0uKKNv4Z8ZNvYylTeQbRf/s=
x-served-by: cache-fra-etou8220142-FRA
client-geo-country: DE
last-modified: Tue, 12 Dec 2023 03:06:06 GMT
server: AmazonS3
x-timer: S1711505716.791808,VS0,VE1
etag: "c603517c0b11a6a6fa049652e8fd9231"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/ 407 KB
138 KB 77ms
77ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3525646721011012&plah=bad.cards&aplac=true&bust=31082078

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

63c9cd3203291e397487aa0d1fd13453444559e26c8203123bee477b4b46d442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141435
x-xss-protection: 0
server: cafe
etag: 13826565821705218717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 27 Mar 2024 02:15:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 324 KB
103 KB 59ms
59ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5VR86X

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

24185a4173d6faf10ad8414e1e588be385124c87b293784c2c356de23f97425f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105583
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Mar 2024 02:15:15 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
249 B 382ms
275ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N3BGZ4J7BJ&gtm=45je43p0v897685322za200&_p=1711505715058&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1366199529.1711505716&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dp=%2F&sid=1711505715&sct=1&seg=0&dl=https%3A%2F%2Fbad.cards%2F&dt=Bad%20Cards%20%7C%20good%20games%20for%20your%20bad%20side.&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&tfd=1483
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 02:15:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bad.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 384ms
269ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N3BGZ4J7BJ&cid=1366199529.1711505716&gtm=45je43p0v897685322za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 02:15:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bad.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 398ms
296ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N3BGZ4J7BJ&cid=1366199529.1711505716&gtm=45je43p0v897685322za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=519120232

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 02:15:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init.687ae58a826aec508f69.js Show response
web-sdk.smartlook.com/es6/ 62 KB
18 KB 63ms
63ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/es6/init.687ae58a826aec508f69.js

Requested by

Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

33049fdb38526a684cbf84c981745df52f31a50be0eb28aed3a3a956d468401e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Mar 2024 02:15:15 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-77-cache: HIT
x-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 61191
x-accel-date: 1711444524
x-77-nzt: EgwBnJIhiAH3B+8AAAwBnJIhHwH3jwEAAA
x-accel-expires: @1742980125
x-77-age: 61590
last-modified: Tue, 26 Mar 2024 08:12:43 GMT
server: CDN77-Turbo
etag: W/"6602837b-f864"
x-77-nzt-ray: f6587a1d330a73833381036629f08a30
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable

GET
H2 200 css2
fonts.googleapis.com/ 840 B
465 B 289ms
289ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Spline+Sans:ital,wght@0,400&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c689c6e9629e3d89c91d49a7b2b64fc9c5f1852a92dd49fc7b096bc5f41849c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Mar 2024 02:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 02:15:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Mar 2024 02:15:15 GMT

GET
H2 200 vendors~reviews~atlas~ClientStore.dd9d02dd9fc376e8dd48.js Show response
static.klaviyo.com/onsite/js/ 22 KB
8 KB 39ms
39ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~reviews~atlas~ClientStore.dd9d02dd9fc376e8dd48.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.ac002e97523e0e78dcff.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa03b89682a1f628e945d75327d8d602161b73c35d7159a34e6b2d01af15e4ca

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: A3NdrY7E_GayJEfK8q6sOY94C6h1u5eg
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-request-id: H0C0F12D9CG2B2T6
age: 11308
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7956
x-amz-id-2: yfjrJR1d4bppWAput1BhL1JqtOk9Jtr37zM//foDkoGeuSOteH0J/NE0o6tEMu3NDW1+JB6+tqQdhdj424U3rutOrvBiTcHyqpPPDFT6SfY=
x-served-by: cache-lga21937-LGA, cache-fra-etou8220092-FRA
last-modified: Thu, 14 Mar 2024 14:15:17 GMT
server: AmazonS3
etag: "2f5438508c293a1ad8e8f5b6a6cbd520"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 45b57a56e703881dbf8671f9858e991148697c50
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 10, 801

GET
H2 200 ClientStore.a8f9bfbacdec91740fc5.js Show response
static.klaviyo.com/onsite/js/ 66 KB
20 KB 40ms
40ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/ClientStore.a8f9bfbacdec91740fc5.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.ac002e97523e0e78dcff.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c700fb7899afe827a2f9b570df5b22ec50eb5142f1ae8ee34e8fa698814beaf7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qsjgoLy6l9okxf1EUAYM4k9t3QoNPE9W
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:15 GMT
x-amz-request-id: W5M2RMJVJHMJV654
age: 11308
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 19760
x-amz-id-2: Hk8lopVPpPh2xe3U2jZhoefnuCxd8ktq2CPJcD3nRyccGCn5txv/uZGq+rbv1EuMPjW2Werk5YKzLtRJaBKJOA==
x-served-by: cache-lga21975-LGA, cache-fra-etou8220092-FRA
last-modified: Mon, 25 Mar 2024 15:48:43 GMT
server: AmazonS3
etag: "b5ab4a6c513f72813c117516683f622f"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 154b3c2da6cc6705406b66ef6a709c6e6f975883
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 4, 907

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame F171 0
0 495ms
202ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3525646721011012&output=html&adk=1812271804&adf=3025194257&lmt=1704939388&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbad.cards%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuNTgiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuNTgiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjU4Il1dLDBd&dt=1711505715686&bpp=2&bdt=655&idt=159&shv=r20240321&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1812546392581&frm=20&pv=2&ga_vid=1366199529.1711505716&ga_sid=1711505716&ga_hid=843245834&ga_fc=1&u_tz=60&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C42531705%2C44798934%2C31082078%2C95321963%2C95328826&oid=2&pvsid=804653489761242&tmod=741575988&uas=0&nvt=1&fsapi=1&fc=1920&brdim=770%2C570%2C770%2C570%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=186

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3525646721011012&plah=bad.cards&aplac=true&bust=31082078

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bad.cards/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Mar 2024 02:15:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 275ms
275ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=jss123%20jss126&ign=false&pw=1600&ph=1113&x=0&y=1043.4

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 02:15:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controller-59712691d6b10782f5c18f081277b020.html
js.stripe.com/v3/ Frame 7FFD 0
0 294ms
41ms Document
text/html 18.66.147.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-59712691d6b10782f5c18f081277b020.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-118.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bad.cards/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 26
cache-control: max-age=60, stale-while-revalidate=900
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 02:14:51 GMT
etag: "59712691d6b10782f5c18f081277b020"
last-modified: Tue, 26 Mar 2024 21:36:02 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-cf-id: FbydFE09cKgheMnX3WCmGsdZzCyGrCru0QxE1Q6VxhpyamvqIzZ3xg==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

OPTIONS
H2 200 track-analytics
a.klaviyo.com/onsite/ Frame 0
0 270ms
163ms Preflight
text/html 2606:4700::6812:3bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=U5krLA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3bb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bad.cards
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 86abdf26cdf38fec-FRA
content-encoding: gzip
content-language: en-us
content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; object-src 'none'; report-uri /csp/
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 02:15:16 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Language, Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

OPTIONS
H2 200 track-analytics
a.klaviyo.com/onsite/ Frame 0
0 269ms
162ms Preflight
text/html 2606:4700::6812:3bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=U5krLA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3bb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bad.cards
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 86abdf26cdf28fec-FRA
content-encoding: gzip
content-language: en-us
content-security-policy: object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 02:15:16 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Language, Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

GET
H2 200 532.7b6fffa9cbdb65a8c571.css
static.klaviyo.com/onsite/js/ 67 KB
9 KB 68ms
65ms Stylesheet
text/css 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/532.7b6fffa9cbdb65a8c571.css
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.ac002e97523e0e78dcff.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29dc44564a87fc73803fe6fc9568f66eae947244610cfb64201222eda81fd663

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: yYuvgv7vp.9TTmyWYhJOP2aa5Um2.OPb
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:16 GMT
x-amz-request-id: VFEJRJXWJKXTW7RK
age: 11308
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8941
x-amz-id-2: LmKkrsQNjvtRa0HW9eIhnc0AUEYhuqgyuRxw95ak/vgaKUEX0ebd0aVJqhUBjdTk37ZkbsPx7J8=
x-served-by: cache-lga21951-LGA, cache-fra-etou8220092-FRA
last-modified: Thu, 14 Mar 2024 14:15:15 GMT
server: AmazonS3
etag: "7810f7641310298c319c21c148409eae"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 45b57a56e703881dbf8671f9858e991148697c50
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 40, 487

GET
H2 200 styles.ccf9eb43fb94f6b4efde.js Show response
static.klaviyo.com/onsite/js/ 13 KB
4 KB 46ms
44ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/styles.ccf9eb43fb94f6b4efde.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.ac002e97523e0e78dcff.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7570cd8f44031f13f92a393607bab34cedde1d42d3513dfeb8c1e9c693390f0b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: AF.bqGFceVJRC0thkWy66vxzciz4Edlt
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:16 GMT
x-amz-request-id: A5Y89784VNCG7GBT
age: 11308
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 3996
x-amz-id-2: KWQT04/iLWIo8dnj+u7texXtaDAURkoZL8ywWcXyIOzNNd73AQeUNHbsXJOObJAF7QTSEAwQBtI=
x-served-by: cache-lga21931-LGA, cache-fra-etou8220092-FRA
last-modified: Wed, 28 Feb 2024 17:55:40 GMT
server: AmazonS3
etag: "c6c30853a63ebd4a4189fa8dcd359f29"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 9886d9585773b1ccb805a0eef6d4c2d72206d9ba
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 45, 765

GET
H2 200 vendors~Render.9de7688d87b6116252f3.js Show response
static.klaviyo.com/onsite/js/ 12 KB
4 KB 66ms
65ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~Render.9de7688d87b6116252f3.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.ac002e97523e0e78dcff.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3212465f3ca80d2cd2058c1e26f2ed4a1c1777aa02528f06f7a93fea936789b6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: BqROTT6QVAjLeHMcaZ7VZbaifcoa_894
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:16 GMT
x-amz-request-id: 6EXG7V2TQZT94RM9
age: 11308
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4050
x-amz-id-2: mDAnJtwcNnLZ6e1DR31qmZhUnqvlszOwI8gb16UaQXzfV5b8vLU+obRkN5H9FoTCQQkcfAc70Axv5aOnrGwaOw==
x-served-by: cache-lga21923-LGA, cache-fra-etou8220092-FRA
last-modified: Thu, 29 Feb 2024 12:23:35 GMT
server: AmazonS3
etag: "abaa57c316b39052dff0039291ceb986"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 069fa42e7ddfc8a3c48edcf159fb3c496de7146a
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 15, 767

GET
H2 200 Render.ada7d952083a82a926d8.js Show response
static.klaviyo.com/onsite/js/ 117 KB
32 KB 97ms
96ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/Render.ada7d952083a82a926d8.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.ac002e97523e0e78dcff.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33c87f4c78ed5f6f37d7d52dd6168eee200579bbfc3a292e573847f74eee67f7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Zw6JG_.5TYSTTY7CkkuZRy9W8TwnuGHs
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 02:15:16 GMT
x-amz-request-id: 14RC6995NAFTD128
age: 11308
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 32454
x-amz-id-2: 7yc3m9z+JsYjBNFdMCEWALN55oHsd6smYdcKKBhWSehfxN5kGTNyfG8Up688eHNuG53HsDycxBVypt9DSJovDhjhEg2ySO8/AhR3/CAhWP4=
x-served-by: cache-lga21969-LGA, cache-fra-etou8220092-FRA
last-modified: Mon, 25 Mar 2024 15:48:43 GMT
server: AmazonS3
etag: "ae2d3b5cc8abd39a44dc06d3e7dbc7d3"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 154b3c2da6cc6705406b66ef6a709c6e6f975883
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 28, 954

POST
H2 202 track-analytics Show response
a.klaviyo.com/onsite/ 50 B
337 B 184ms
184ms XHR
application/json 2606:4700::6812:3bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=U5krLA

Requested by

Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.ef4116f665b9b33c638e.js?cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3bb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
accept: application/json
Referer: https://bad.cards/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; report-uri /csp/
content-length: 50
server: cloudflare
allow: POST, OPTIONS
vary: Accept-Language, Cookie, Accept-Encoding
content-language: en-us
access-control-allow-origin: *
access-control-allow-methods: POST
content-type: application/json
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 86abdf27ce338fec-FRA
access-control-allow-headers
x-robots-tag: noindex, nofollow

POST
H2 202 track-analytics Show response
a.klaviyo.com/onsite/ 50 B
363 B 181ms
180ms XHR
application/json 2606:4700::6812:3bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=U5krLA

Requested by

Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.ef4116f665b9b33c638e.js?cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3bb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
accept: application/json
Referer: https://bad.cards/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-length: 50
server: cloudflare
allow: POST, OPTIONS
vary: Accept-Language, Cookie, Accept-Encoding
content-language: en-us
access-control-allow-origin: *
access-control-allow-methods: POST
content-type: application/json
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 86abdf27ce328fec-FRA
access-control-allow-headers
x-robots-tag: noindex, nofollow

GET
H2 200 _6_sED73Uf-2WfU2LzycEZousNzn1a1lKWRpOFnoFdHk.woff2
fonts.gstatic.com/s/splinesans/v10/ 18 KB
18 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/splinesans/v10/_6_sED73Uf-2WfU2LzycEZousNzn1a1lKWRpOFnoFdHk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Spline+Sans:ital,wght@0,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03daf0d3ed3ef8e1b33495ad462a4611b216bde64fdd0b4c9fdf45b412f6434e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:45:58 GMT
x-content-type-options: nosniff
age: 66558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18464
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:59:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Mar 2025 07:45:58 GMT

POST
H2 400 start Show response
tracking.refersion.com/ 7 B
356 B 347ms
347ms XHR
application/json 2606:4700:4400::6812:212d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/start

Requested by

Host: cdn.refersion.com
URL: https://cdn.refersion.com/refersion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:212d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d01709fcd599118652e3b27bd0ca97c802f832183d01f76a034755f2bc62fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://bad.cards/
Key: pub_a5fa57787d10daadcf9f
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: b517855a-fc63-4222-b0a0-fc06ec594aef
x-cache: Error from cloudfront
x-amz-apigw-id: VREgRGAvoAMEKCw=
content-length: 7
server: cloudflare
x-amzn-trace-id: Root=1-66038134-1ec20bb159bde6534225f65c;Parent=0b6a5af73871e115;Sampled=0;lineage=473d8242:0
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 86abdf27da0d2c5a-FRA
access-control-allow-headers: Refersion-Public-Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-cf-id: TwCil1ayLHH87TSeUdSaExTrNJgxZa5v_L3K93T-U-3oeWSBGYee7A==

OPTIONS
H2 200 start
tracking.refersion.com/ Frame 0
0 249ms
157ms Preflight
application/json 2606:4700:4400::6812:212d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:212d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://bad.cards
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 86abdf26d9b02c5a-FRA
content-length: 0
content-type: application/json
date: Wed, 27 Mar 2024 02:15:16 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
x-amz-apigw-id: VREgOF-GoAMEr4g=
x-amz-cf-id: C6qth5MnFVbrqHQIorgvQ3kCwQpIEx2q9XNj7GtGPjXrGUjUFrt_Hg==
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 3fa35652-1236-4910-8992-d55fa26781d9
x-cache: Miss from cloudfront

GET
H2 200 32900dcb-b775-457e-87d7-19fc774bf112_dbc39358-0157-4336-a563-409ae03a1baf_HighResGif.gif
images.prismic.io/allbadcards/ 57 KB
57 KB 207ms
60ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/allbadcards/32900dcb-b775-457e-87d7-19fc774bf112_dbc39358-0157-4336-a563-409ae03a1baf_HighResGif.gif?auto=compress,format

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

26daaa429de0ba0f2a66941c859f1a30a9daf7a830d260a1016e0075e4604f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
x-content-type-options: nosniff
age: 1003797
x-cache: HIT, HIT
x-imgix-id: 353a31ce6e4136005e1c28f53f88b61a03525df4
cross-origin-resource-policy: cross-origin
content-length: 58542
x-served-by: cache-sjc1000100-SJC, cache-mxp6965-MXP
last-modified: Fri, 15 Mar 2024 11:25:19 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 disc_pink.svg
bad.cards/discs/ 11 KB
5 KB 171ms
171ms Image
image/svg+xml 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bad.cards/discs/disc_pink.svg
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 544014704e44a2a2dbe171c90a91208a68f6e0470fbed2f3daef43645ee122ac

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
x-amz-version-id: wGfEMdRxR1WnZd37JOWVW4Ehsy7qxP63
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2Y6H9PS53NHYBPZG
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5: 06c0fee69673dd16e8cfb093613fd9ed
alt-svc: h3=":443"; ma=86400
x-amz-id-2: mBpH7yx5Bd6yatGL22l0Qbv/CUFidmqd1mvXPB9/08d+HEPbnWY0RunBi224q0ZzX5Nawxhs6uY=
last-modified: Thu, 11 Jan 2024 02:16:47 GMT
server: cloudflare
etag: W/"5dd72d3bd684464635d54fc98c5cb579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tqGroL8Zp6YbEKJmdcKz4jqZ5zDUsEaiNOm9tVKZOqc7dLjDPVSd5AxLwt1fG3%2B9TMEMzpc3cLe%2FAH3phQrJjfCl0%2F29DLbY%2BRG8kNofurc8R5QnGim3FQNPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-amz-meta-codebuild-content-sha256: 35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray: 86abdf26bf81917a-FRA

GET
H3 200 register Show response
api.bad.cards/api/user/ 341 B
1 KB 260ms
259ms Fetch
application/json 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/user/register
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8b689242a75bf8510b5e8ee3d2d8e85306ca4077d29f86e517fedb3d74288311

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"155-mh96gcAiICssZMuuL6Fr6/DJnQY"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LIY%2Fc1bliZe4R2UO61qrHNm8co3wQlxjXYD68FqAmkof5DJt2y1BiZHT4xB2B5Ry%2BJMCfmMaalttfswqhHXIyR7OSmZ5kPOhl0QHOLbKSvWgyyqGJQkZDYy2VK9egNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
access-control-allow-credentials: true
cf-ray: 86abdf26d8f61e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 packlist Show response
api.bad.cards/api/product/ 51 KB
12 KB 412ms
411ms Fetch
application/json 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/product/packlist
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3efc750dc0d6c4e1387bd4e2aaf82f5c985a16175d991a3cf51cd2cd1fbb7e39

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"cc0f-5ba592HubvV63NztK0tmcviirfU"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l4tsxNWwjPVDMaWIGC815VVy4Z8LlXLGMRjhpzGTd%2BmOOmmQYr20X7Emwvu4BIOZseUjQ8eiAygNmxf1ES9gcZmyUPUtdOa2sNifDjuIyFZUq0ivy7r5rsNUVa4Zg1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
cache-control: max-age=15
access-control-allow-credentials: true
cf-ray: 86abdf26d8f81e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 beta-badge-outer.svg
bad.cards/ 2 KB
2 KB 479ms
479ms Image
image/svg+xml 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bad.cards/beta-badge-outer.svg
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3c8a4e8fa41a805ab29d9a608fd6432f648677933fa767305177363dbb3571f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
x-amz-version-id: IqQZZE00i9aSar2mTbtWIIS3zGJ1BUn6
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NNE3PKEVRPEWPCSG
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5: 06c0fee69673dd16e8cfb093613fd9ed
alt-svc: h3=":443"; ma=86400
x-amz-id-2: I9P+ee+dgJ7VckLYJPr3bxUMFSwN8uQVFsC8bxjOBZsLLvaMaYetqEcji5Azc21MEqkCpJE5fWA=
last-modified: Thu, 11 Jan 2024 02:16:49 GMT
server: cloudflare
etag: W/"ca17eeadec10de70d61100927e2d5cb5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TKoo56IlgqYsqbIn%2FDGLcsOMHKmwOMfjQULk%2FrBr%2FzT7cY1LM0EuFEdQISZvS1IBrZaOOXCFEN1RxyWpHp6sXEMEMOfiDNUFAmjMljTkqxhT1rrwWfpxaN5Hkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-amz-meta-codebuild-content-sha256: 35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray: 86abdf26df8e917a-FRA

GET
H3 200 beta-badge-inner.svg
bad.cards/ 8 KB
4 KB 517ms
517ms Image
image/svg+xml 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bad.cards/beta-badge-inner.svg
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95926ffbdb25e8fb63a6a44396cf79efda083ec5b1861f85324d6cff216e9566

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
x-amz-version-id: ZDDGzUj7Y3F_wo1yRs8Fj0ZLb5aZ7Fak
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XAY6QHEGBVW3FQYZ
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5: 06c0fee69673dd16e8cfb093613fd9ed
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Z9vVAz1QL7zC7AAeMW62QK/FinKhXIWkyiQVc4XqdI6358IBQCnmEOr5+xY7Dycx+V3xt/zo+h8=
last-modified: Thu, 11 Jan 2024 02:16:34 GMT
server: cloudflare
etag: W/"7ee87f6a03b16a4660070059b50e94b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yM%2BQjAJjFqG5tHyAB%2Fvean1bkWUZy8oLVEQnUiUALIAp%2Be2COp2gJ28GGbrp%2BRZUbDI770hqobXrOlFA8587845Z2Vh5pfVRPcv1NHudRG1Kgo3%2BlQREK2ywnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-amz-meta-codebuild-content-sha256: 35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray: 86abdf26df8f917a-FRA

GET
H2 206 2meme-all-gifs000040.mp4
static.bad.cards/tomeme/vids/ 155 KB
156 KB 196ms
46ms Media
video/mp4 2600:9000:2491:7c00:18:28e9:8880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bad.cards/tomeme/vids/2meme-all-gifs000040.mp4
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:7c00:18:28e9:8880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a825cc978c972912e65bdc6886b656a41d85241e249667fb8ea0fe385e1f2f59

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://bad.cards/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 13:33:16 GMT
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 18:11:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 45828
etag: "53fbc390ba2baa460bfc7aab7e437e37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-158869/158870
accept-ranges: bytes
x-amz-cf-id: UdB6PSF2oQCqQXdWBO6a_4JNmT_q_hl9qTdRjpeTRd4gTTBlqhBIZw==
Content-Length: 158870

GET
H3 206 bad_cards_fill.webm
bad.cards/ 670 KB
671 KB 179ms
179ms Media
video/webm 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/bad_cards_fill.webm
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0fa6b780967f67a13f45dec19174215745b2adb190f4a76da7c3a72245af4be

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://bad.cards/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
x-amz-version-id: DXBLVlDkldmVgPQVLCLnggrgSa3v9dzh
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QZSGCRW06FJ7J967
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
Content-Range: bytes 0-685844/685845
x-amz-meta-codebuild-content-md5: 06c0fee69673dd16e8cfb093613fd9ed
alt-svc: h3=":443"; ma=86400
x-amz-id-2: TnD9qyx8FWXw9W2yLusT5xNxCqjr0YnbtAYYeBFAmheCwTBH7tvSGXuwmI1Lg5nB05pl14pXrsM=
Content-Length: 685845
last-modified: Thu, 11 Jan 2024 02:16:43 GMT
server: cloudflare
etag: "5f5078e19e8bc799b2c5919afe158394"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjEO8Z0PmCCtxamMJukdodLzILHgHqcjRYP82FMOUmSVDj%2BBVbwOKpF4YnD1HI0EkR5Dx0j%2F3NhFyFZufgx1Pfa7xtYc%2BI3Xrm5xkN2SH%2FTrBmNPHx9YDCFjLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/webm
x-amz-meta-codebuild-content-sha256: 35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray: 86abdf26ff99917a-FRA

GET
H2 200 b85dbaa4-e2e9-4be9-b02d-0cec7cd83c92_Backer+%281%29.png
images.prismic.io/allbadcards/ 14 KB
14 KB 299ms
214ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/allbadcards/b85dbaa4-e2e9-4be9-b02d-0cec7cd83c92_Backer+%281%29.png?auto=compress,format

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

13b6dc079dea139b1faa4b44e482f9ea6f9a733a33b56d0465d35d0f4665ead6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
x-content-type-options: nosniff
age: 983297
x-cache: HIT, MISS
x-imgix-id: b1370bf3039687b5394e71f0aca2029a5281102e
cross-origin-resource-policy: cross-origin
content-length: 14117
x-served-by: cache-sjc1000146-SJC, cache-mxp6965-MXP
last-modified: Fri, 15 Mar 2024 17:06:59 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 a1c688e9-d8d5-44aa-aaea-3c3c3bb16b87_Star+Backer+%281%29.png
images.prismic.io/allbadcards/ 11 KB
12 KB 138ms
54ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/allbadcards/a1c688e9-d8d5-44aa-aaea-3c3c3bb16b87_Star+Backer+%281%29.png?auto=compress,format

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

0c04b9547b7987c73e0af8862ae553422d809ccb9f9d4c5643952ec5597d1275

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
x-content-type-options: nosniff
age: 743722
x-cache: HIT, HIT
x-imgix-id: 009111a272f7428a5b5dd6498a721d430d7f66b4
cross-origin-resource-policy: cross-origin
content-length: 11675
x-served-by: cache-sjc1000114-SJC, cache-mxp6965-MXP
last-modified: Mon, 18 Mar 2024 11:39:54 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ad6f72ae-ce08-43a0-bc00-2a578c69e447_Super+Backer+%281%29.png
images.prismic.io/allbadcards/ 10 KB
10 KB 133ms
48ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/allbadcards/ad6f72ae-ce08-43a0-bc00-2a578c69e447_Super+Backer+%281%29.png?auto=compress,format

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

86482ba9c114f57815a83a7474a49ca65670367cfea7bbba004991e7f84b2f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
x-content-type-options: nosniff
age: 739470
x-cache: HIT, HIT
x-imgix-id: bca5b5f5c30f9e724ae3a1953b44dcc74c5418fa
cross-origin-resource-policy: cross-origin
content-length: 10244
x-served-by: cache-sjc10028-SJC, cache-mxp6965-MXP
last-modified: Mon, 18 Mar 2024 12:50:46 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK e7440689-4276-493a-bf01-b9c7a2697021.png
d3k81ch9hvuctc.cloudfront.net/company/U5krLA/images/ 30 KB
31 KB 136ms
39ms Image
image/png 18.66.122.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3k81ch9hvuctc.cloudfront.net/company/U5krLA/images/e7440689-4276-493a-bf01-b9c7a2697021.png
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed7ce521226b0a5bf885c2cdaaf365902cd22c95ab3f7f995ca593a0575daa70

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: v_UVNVc2ZCZlphiYgekvO83jWsBSGlCv
Date: Wed, 06 Mar 2024 07:34:38 GMT
Via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 1795239
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 30680
Last-Modified: Tue, 28 Nov 2023 02:26:52 GMT
Server: AmazonS3
ETag: "338ba6e38197616a9a39ec2ead02b44a"
Content-Type: image/png
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: 5mOk-yuEQdPQ3wyaK7uyMXiHFUIKbhi3ws_NKCvh9vWkJGp1Lnwr1w==

GET
H2 200 r.html
pub-a5fa57787d10daadcf9f.tracking.refersion.com/ Frame 23AC 0
0 139ms
39ms Document
text/html 143.204.215.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-a5fa57787d10daadcf9f.tracking.refersion.com/r.html
Requested by: Host: cdn.refersion.com
URL: https://cdn.refersion.com/refersion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-58.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://bad.cards/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 11610
content-length: 474
content-type: text/html
date: Tue, 26 Mar 2024 23:01:48 GMT
etag: "4ee1a4f461751e9918a36adb0409d3f7"
last-modified: Wed, 22 Feb 2023 15:36:53 GMT
server: AmazonS3
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-id: YhjgvxgXydpV_v0noHQx5b15aS4p77GiytJsRZhedipwPKwDgYOdoQ==
x-amz-cf-pop: FRA53-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:441910979855:build/Refersion-Tracking-Build:73628c93-f755-4b3d-8d5c-a1ebdbebadc0
x-amz-meta-codebuild-content-md5: 91ec5cf5fda69cb6cd86040e2dd38391
x-amz-meta-codebuild-content-sha256: 42d26243f1280db4b5fe4f14da9a93e79ee5c40ecaa56e39403c9417ef85fa11
x-amz-server-side-encryption: AES256
x-amz-version-id: Rv5XbA_iUkUdnH6Uf8VNfQGmC__6yAr7
x-cache: Hit from cloudfront

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 56ms
56ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240321&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8c36ba0da743ad68f434242b3f6e4954babaffa09a397c0ee8fba091715ce3d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12323
x-xss-protection: 0

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 8C2B 0
0 41ms
40ms Document
text/html 18.66.147.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-118.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bad.cards/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2432
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 01:34:44 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Tue, 19 Mar 2024 20:24:15 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-cf-id: keUC5KVxA09btdn7rJ7sUSPBq4mX6yfhgw28eVI2GaCts0vp3fauWg==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H3 204 rum Show response
bad.cards/cdn-cgi/ 0
136 B 51ms
40ms XHR
text/plain 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bad.cards/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://bad.cards
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 86abdf2a28c7917a-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 140ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 02:15:16 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3B0C 0
0 122ms
39ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bad.cards/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 31085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Mar 2024 17:37:12 GMT
expires: Wed, 26 Mar 2025 17:37:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 favicon.ico
bad.cards/icons/AllBadCards/ 15 KB
4 KB 186ms
186ms Other
image/x-icon 172.67.75.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/icons/AllBadCards/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 278df73e41d3266716b653c71e03c799430144cb40baea4ef07f41fa074c2939

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:15:17 GMT
x-amz-version-id: u9nwsaHeTm9._Ob2p9BEhwLVvWKApzFq
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9N58YF7MXHCE23CH
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5: 06c0fee69673dd16e8cfb093613fd9ed
alt-svc: h3=":443"; ma=86400
x-amz-id-2: xxgXZpROVHn2tbV/weOXqGUBc/h0RQsRaD6G1mpvDU5wq4e1n1Rai6MBGV3hF/qJIPgApzFC2uU=
last-modified: Thu, 11 Jan 2024 02:16:38 GMT
server: cloudflare
etag: W/"cd819b33bac6ad54b38e56aaa6d4a188"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hQudiLcGTuCXTdj7ZoY57kZhnTL80VvHjLPa1e6YbJ2xs2Ltzy4FCpXMvUO%2Bs4N%2BzyQVXIgbpfc9fHQ%2BqmNJarmWBaHzs5ntkhErRz9bU5mYlCUuvAZKssT5Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
x-amz-meta-codebuild-content-sha256: 35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray: 86abdf2c69c6917a-FRA

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
70ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-3525646721011012&su=bad.cards&eid=44759876%2C44759927%2C44759842%2C31082033%2C42531705%2C44798934%2C31082078%2C95321963%2C95328826&doc=complete&pg_h=4863&pg_w=1600&pg_hs=4863&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 02:15:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240321&jk=804653489761242&bg=!-vml-bbNAAay2Dj3ktg7ADQBe5WfOKuALW0QeqmJNPoNbflwANWTOSeKwI3JWe9Qzporsfgfrt49cXAPxkekamd76PHYAgAAADNSAAAAA2gBB34ANcblLczu4TtFHGGQu2d_aNB-L00yfaJ6MKey7hTMasTqFyect1z7LP_qmhvCXj3dx8rIOH8pmQLOJhatBXh4EgrzXtZ2E3Eq8GHAz0sa6eqS4IyPFQbL-BmZcXvWfYWkAmSLPMJJOdeFBZHMI8v8dhVktwPzUZf_4JTlC0GV8ZH45As55ngdA6Erw6nyHQ_kJUoE10O0mve7fSsTQjVqfMSU_emJnsUCdQnWlMid6A0OSyytw_6qkzfvovdmeiA6cjCh3Fc5x7flMYoyusUB4C-Oaf-V8at57fj0nQ2Mo1DNa2D6KZSaC9jMrJgPBQIyfcQjp0CfLaebGc3sfDOfpd7Z_wcDQH4rFTWzLHOtt0x0gLrxtHHKebfChP0ubVH8k9ja1TE2lDAcFDeJ6R0Awi3biFaCqFh7UBbOGTr3MFwxFYRbcuFQ-GCaVtuv97h4e8te8KuqEx8lknYl0CrtABUO5wPBMG1_uQoCwvlFCDHOsLDycREmVas0auqWBXgsScwm1ilKRqTXHe2spM84BOYtYvPhkVHMwVkXcCGObCypE9b5wmvHSIfC0KsKpNMzF-QHMLPYYd2eElws6n5B_R2KsdQ7Ul84IcDwpkceg1H3j2A9yqsALAc_jlAoekw8-BvsMfJpy9JddhWN2rbWxoInUvCQFuU0h3A3Zx6G5gHv5x6qRcBFQm_5A-Kdupm3KnWsoOAYudNv4ABYcHZ_nI9zBO0djLOUDNGcWHBAI1811bGbhl8MKiSCHQbR-Hd2Yt5eHavcfgKxEKs8GtpK9r06TQg5ZjognbF4RSjOL7ecU82yn4t2nhLohR47ljBC79iTurolx6SS-2pJV664v6Zxp7O7AWtbXM1_3jBAlo6HhrmbrTrdlMYiimELUw97QuBr-yETLl48D8MOroD5FMxLD3wLfQKjYAZgPExZCH_qAEitoIk0-uXPbrStfGDL8MKbmemK2AjD6eQndDjzdrQbrm3ev4nki7O6CXCQnOJb20fTo1YP3lRuKWepGBn2Xrx3u-YuQQ

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bad.cards/	1970-01-21 05:01:05	Name: __kla_id Value: eyJjaWQiOiJZMkV5T1RVNFkyTXRPV0psWXkwMFpHTTRMV0UxTURJdE5tSTJORE5tWWpBM1l6VmsiLCIkcmVmZXJyZXIiOnsidHMiOjE3MTE1MDU3MTYsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vYmFkLmNhcmRzLyJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTcxMTUwNTcxNiwidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly9iYWQuY2FyZHMvIn19
.bad.cards/	1970-01-21 05:01:05	Name: _ga_N3BGZ4J7BJ Value: GS1.1.1711505715.1.0.1711505715.60.0.0
.bad.cards/	1970-01-21 05:01:05	Name: _ga Value: GA1.1.1366199529.1711505716
.bad.cards/	1970-01-21 05:01:05	Name: player Value: emlBc1h2UW5CNWNOUlJQMV95WXhZOjEzMDNlOWQxMDFiNTdhYjUzODI5NWUwOTE2OGQyNjc2ZGU0MjIzMWViN2M0MmQyZmE4N2VjNWUzMjhiMzBmNjIxNGNmYWJmYTljYWQzZTg0NzEzNzM5YTViZGUxZjVmMTZhY2U1ZmFmMGMxNmIxNjJiYzA4MjIzOWNkYTFlNmIx
.bad.cards/	1970-01-21 05:01:05	Name: email-opt-in Value: false
m.stripe.com/	1970-01-21 05:01:05	Name: m Value: 1c64c904-b71b-4b18-9426-8137c70fe320eb6d79
.bad.cards/	1970-01-21 04:10:41	Name: __stripe_mid Value: a315377a-b0af-4476-baf2-ab6389afddc06f88f9
.bad.cards/	1970-01-20 19:25:07	Name: __stripe_sid Value: 80265b9a-54cb-4532-aab5-121a4af2cef63b6b87

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wisepops.net/loader.js?v=2&h=zkQm27zoAD Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://tracking.refersion.com/start Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://bad.cards/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.klaviyo.com
api.bad.cards
bad.cards
cdn.refersion.com
d3k81ch9hvuctc.cloudfront.net
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
images.prismic.io
js.stripe.com
pagead2.googlesyndication.com
pub-a5fa57787d10daadcf9f.tracking.refersion.com
region1.analytics.google.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.bad.cards
static.cloudflareinsights.com
static.klaviyo.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tracking.refersion.com
web-sdk.smartlook.com
wisepops.net
www.google.de
www.googletagmanager.com
www.gstatic.com
pagead2.googlesyndication.com
142.250.185.131
142.250.185.136
142.250.185.66
143.204.215.56
143.204.215.58
151.101.194.133
151.101.2.133
151.101.66.133
172.67.75.226
18.66.122.61
18.66.147.115
18.66.147.118
2001:4860:4802:34::36
2600:9000:2491:7c00:18:28e9:8880:93a1
2606:4700:20::ac43:4b99
2606:4700:4400::6812:212d
2606:4700::6810:4f49
2606:4700::6812:3bb
2a00:1450:4001:800::2003
2a00:1450:4001:812::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:827::2001
2a00:1450:4001:82a::200a
2a00:1450:400c:c00::9a
2a02:6ea0:c700::17
2a04:4e42:200::720
002813a2b4c02c892fdc1f8958c5b1b7e1f8a6f3510ff61659494cafd8e7db9e
03daf0d3ed3ef8e1b33495ad462a4611b216bde64fdd0b4c9fdf45b412f6434e
0c04b9547b7987c73e0af8862ae553422d809ccb9f9d4c5643952ec5597d1275
127bb164c943645ec093dcffaf9e8e9a4c6eea16845dcdde53fcb1d150e6692a
13b6dc079dea139b1faa4b44e482f9ea6f9a733a33b56d0465d35d0f4665ead6
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1e77f48d11c58959d5129845bf10ce5cc3fbcfb502b8c0fa690946011927d48a
1e8ff7c362f70415bad137f8dfc71381b3859938058ea93497ce49431ca5041e
24185a4173d6faf10ad8414e1e588be385124c87b293784c2c356de23f97425f
26daaa429de0ba0f2a66941c859f1a30a9daf7a830d260a1016e0075e4604f28
275cfaaa9a9c31fe14a1c842243be14d237cb34e2871813b2a22797dd70fd297
278df73e41d3266716b653c71e03c799430144cb40baea4ef07f41fa074c2939
29dc44564a87fc73803fe6fc9568f66eae947244610cfb64201222eda81fd663
3212465f3ca80d2cd2058c1e26f2ed4a1c1777aa02528f06f7a93fea936789b6
33049fdb38526a684cbf84c981745df52f31a50be0eb28aed3a3a956d468401e
33c87f4c78ed5f6f37d7d52dd6168eee200579bbfc3a292e573847f74eee67f7
3779eac43cd022cc885fac931dc7264461205946e9cd0714877fcafe5cbc18dd
381b37762970831071baa2916dcb4008f0039de83e6db97e20085b3c61daff54
3efc750dc0d6c4e1387bd4e2aaf82f5c985a16175d991a3cf51cd2cd1fbb7e39
410ef933fcf7e164fd4d087bfbf65f43d1e55d17526a6d3496698a7911474771
4b815979d86effe554c2c612fb559b096c95f4de32c796f64554f6db8efef34e
4d01709fcd599118652e3b27bd0ca97c802f832183d01f76a034755f2bc62fa3
544014704e44a2a2dbe171c90a91208a68f6e0470fbed2f3daef43645ee122ac
56fd2c12fe2b5236053f10d190c3b7c89e55b7534c91a4451824b203c2a155dc
58b3c1bc6754d998f93916a5299eaa865a666b89544b320acd6c45bedbc2e754
5902b67d28fe517d70224df925277f1d518dc44d1033844e9e0ccb3f353a8be4
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63c9cd3203291e397487aa0d1fd13453444559e26c8203123bee477b4b46d442
6433bb29063bf8ef44e9e8ca2037b3098cb815a7edc999d89508b5fd33f7aff9
668bec4f01c3a975859c827b47a3914395dc8014717ba669ff9a824d1f0b490d
6e6603551c18da87a5162c6597a017d6e1228eeffe9fc38d192f191c64e3a0b1
726558ff0910cbe12ec98afcec56d49b360a0cfd8c803931f579b1889096788d
7570cd8f44031f13f92a393607bab34cedde1d42d3513dfeb8c1e9c693390f0b
86482ba9c114f57815a83a7474a49ca65670367cfea7bbba004991e7f84b2f39
883e0ed227576bf0db14075ebf49c6a68553e98522f75e5e6d5994cd0657ed5e
8b689242a75bf8510b5e8ee3d2d8e85306ca4077d29f86e517fedb3d74288311
8c36ba0da743ad68f434242b3f6e4954babaffa09a397c0ee8fba091715ce3d6
8d5fbdfed9ac3a0b1fd7f941450d1f2a704b96b1c0a713434f72572bf8a49059
95926ffbdb25e8fb63a6a44396cf79efda083ec5b1861f85324d6cff216e9566
a825cc978c972912e65bdc6886b656a41d85241e249667fb8ea0fe385e1f2f59
a832dc33fd579bba19294511e037b6fa99f01e211eddc9fd11b355bb5c1fbfd8
aa03b89682a1f628e945d75327d8d602161b73c35d7159a34e6b2d01af15e4ca
aee309d1262067162bb9407c310a72adf5e80457479766a16c26041802bed3f2
af77cf353141fb692463a7b527e4b3b372faa57efc1ada671f021c6755b39ce2
b04730f497e464c0e7e3d447e727c7cca49b1646d5460c748a06ca34c5886b77
b7e8f43ea6f9a843c7ec115ab499426387e8eef347f706d43dbe1cae08085bba
bb8d8f1ac92076838afbc5d039b1f60ad83c1dcb38911112059afeae7dc4583d
c33ac6bac0d25dcb6f29eca048dfb3fcc7e0e50ef3df9aecb3f5375f7b1300b9
c3c8a4e8fa41a805ab29d9a608fd6432f648677933fa767305177363dbb3571f
c42a0750c74351d5015f3c382fe36c25aa97ec0580768e76b6f0a9d1220bed17
c689c6e9629e3d89c91d49a7b2b64fc9c5f1852a92dd49fc7b096bc5f41849c2
c700fb7899afe827a2f9b570df5b22ec50eb5142f1ae8ee34e8fa698814beaf7
cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709
d0fa6b780967f67a13f45dec19174215745b2adb190f4a76da7c3a72245af4be
d32eb598d06797c30eb0ab0f472c07bb6798f03654f4829a964a70d5c4dec9da
d9ca1f96ff7ba29afd8520b80dbff93a386d205d07c6be3025fd17c1208108b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed7ce521226b0a5bf885c2cdaaf365902cd22c95ab3f7f995ca593a0575daa70
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb0dc0e4239ea59c90a3d465578a66bff9d9372cba852d5fdaa7a4c46ecbb72
f29ae1e4ea8c2af076975dda7f1d30b835973963e68f94ae3d347247e3192d2a
f5478093cbd10c6f050a10a8b06ea68f587a3b237718cd1a1b1f9b8b37ccff4a
f981d45f43f1c90fd39472e1ed4648205e69ffecbab12cc93eb057ca87276dce

bad.cards Open in urlscan Pro 172.67.75.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

99 %HTTPS

54 %IPv6

16 Domains

26 Subdomains

27 IPs

3 Countries

2538 kBTransfer

5826 kBSize

8 Cookies

5 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bad.cards Open in urlscan Pro
172.67.75.226 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

99 %
HTTPS

54 %
IPv6

16
Domains

26
Subdomains

27
IPs

3
Countries

2538 kB
Transfer

5826 kB
Size

8
Cookies

86 HTTP transactions
0 data transactions