www.dacardworld.com Open in urlscan Pro
2606:4700:10::6814:d298 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Submission Tags: phishing malicious Search All
Submission: On February 28 via api (February 28th 2020, 9:16:13 am UTC) from US

Summary HTTP 66 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 20 domains to perform 66 HTTP transactions. The main IP is 2606:4700:10::6814:d298, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dacardworld.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 13th 2019. Valid for: 10 months.

This is the only time www.dacardworld.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2606:4700:10:... 2606:4700:10::6814:d298	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.37.33.211 23.37.33.211	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
3	13.225.73.25 13.225.73.25	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.181.175.45 195.181.175.45	60068 (CDN77) (CDN77)
1	72.246.168.118 72.246.168.118	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
2	2.18.232.75 2.18.232.75	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.45.98.207 23.45.98.207	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.216.21.61 52.216.21.61	16509 (AMAZON-02) (AMAZON-02)
1	23.67.141.171 23.67.141.171	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:21f... 2600:9000:21f3:1200:18:1fcd:349:ca21	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1	54.86.129.194 54.86.129.194	14618 (AMAZON-AES) (AMAZON-AES)
66	21

31 2606:4700:10::6814:d298 (United States)

ASN13335 (CLOUDFLARENET, US)

www.dacardworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.37.33.211 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-33-211.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.73.25 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-25.fra2.r.cloudfront.net

medals.bizrate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.45 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-195-181-175-45.datapacket.com

rec.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.168.118 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-118.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.75 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-75.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.45.98.207 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-98-207.deploy.static.akamaitechnologies.com

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.21.61 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.67.141.171 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-67-141-171.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:1200:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.129.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-129-194.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	dacardworld.com www.dacardworld.com	200 KB
5	typekit.net use.typekit.net p.typekit.net	93 KB
4	paypal.com www.paypal.com t.paypal.com	8 KB
3	google.de www.google.de	329 B
3	google.com 1 redirects www.google.com	397 B
3	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	bizrate.com medals.bizrate.com
2	facebook.com 1 redirects www.facebook.com	556 B
2	paypalobjects.com www.paypalobjects.com	18 KB
2	facebook.net connect.facebook.net	143 KB
1	chartbeat.net ping.chartbeat.net	168 B
1	atdmt.com cx.atdmt.com	435 B
1	chartbeat.com static.chartbeat.com	14 KB
1	chimpstatic.com chimpstatic.com	509 B
1	amazonaws.com s3.amazonaws.com	3 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	smartlook.com rec.smartlook.com	9 KB
1	cloudflare.com cdnjs.cloudflare.com	29 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
66	20

	Domain	Requested by
31	www.dacardworld.com	www.dacardworld.com
4	use.typekit.net	www.dacardworld.com
3	t.paypal.com	www.dacardworld.com
3	www.google.de	www.dacardworld.com
3	www.google.com	1 redirects www.dacardworld.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.dacardworld.com
3	medals.bizrate.com	www.dacardworld.com
2	www.facebook.com	1 redirects www.dacardworld.com
2	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	connect.facebook.net	www.dacardworld.com connect.facebook.net
1	ping.chartbeat.net
1	cx.atdmt.com
1	static.chartbeat.com	www.dacardworld.com
1	chimpstatic.com	www.dacardworld.com
1	s3.amazonaws.com	www.dacardworld.com
1	stats.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	www.paypal.com	www.dacardworld.com
1	rec.smartlook.com	www.dacardworld.com
1	p.typekit.net	www.dacardworld.com
1	cdnjs.cloudflare.com	www.dacardworld.com
1	www.googletagmanager.com	www.dacardworld.com
66	23

This site contains links to these domains. Also see Links.

Domain
facebook.com
instagram.com
twitter.com
dave-and-adams.workable.com
www.surveymonkey.com
www.bizrate.com

Subject Issuer	Validity	Valid
dacardworld.com CloudFlare Inc ECC CA-2	`2019-12-13` - `2020-10-09`	10 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.bizrate.com Sectigo RSA Organization Validation Secure Server CA	`2019-04-01` - `2021-03-31`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
1610534878.rsc.cdn77.org Let's Encrypt Authority X3	`2020-02-25` - `2020-05-25`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
wildcardsan.us15.list-manage.com DigiCert SHA2 Secure Server CA	`2019-11-21` - `2021-02-19`	a year	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2019-04-10` - `2020-04-10`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-01-20` - `2020-04-19`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Frame ID: 3648C48C6BA16589C475C5364B17D2E6
Requests: 65 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html?frameId=2ffdba19-57e2-47cc-b780-df6e7dca0ca1&propertyId=N4AYNR5ENXFWY-1&flow=visitor-info&variant=analytics&mrid=N4AYNR5ENXFWY&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
Frame ID: 2098BFF2301AB17AD2F4CEF718F44FE6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Page Statistics

66
Requests

100 %
HTTPS

55 %
IPv6

20
Domains

23
Subdomains

21
IPs

6
Countries

577 kB
Transfer

1468 kB
Size

7
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/dacardworld

Search URL Search Domain Scan URL

URL: https://instagram.com/dacardworld

Search URL Search Domain Scan URL

URL: https://twitter.com/dacardworld

Search URL Search Domain Scan URL

URL: https://dave-and-adams.workable.com/
Title: Now Hiring

Search URL Search Domain Scan URL

URL: https://www.surveymonkey.com/s/85TWXFJ
Title: Leave Us feedback

Search URL Search Domain Scan URL

URL: https://www.bizrate.com/ratings_guide/merchant_detail__mid--77500.html?rf=sur

Search URL Search Domain Scan URL

URL: https://www.bizrate.com/?rf=sur

Search URL Search Domain Scan URL

URL: http://www.bizrate.com/boutique/2012circleofexcellence.html?rf=sur
Title:

Search URL Search Domain Scan URL

URL: http://www.bizrate.com/ratings_guide/merchant_detail__mid--77500.html?rf=sur
Title: See detailed store ratings

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1210181467&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dacardworld.com%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26locale.x%3Den_US%26ulOnboardRedirect%3Dtrue&ul=en-us&de=UTF-8&dt=Sorry%2C%20I%20could%27t%20find%20that%20page%20%7C%20DA%20Card%20World&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=oGBAAQAB~&jid=1581477022&gjid=1842169079&cid=918812420.1582881355&tid=UA-80490-1&_gid=1395177534.1582881355&_r=1&gtm=2ou2j0&z=230410784 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80490-1&cid=918812420.1582881355&jid=1581477022&_gid=1395177534.1582881355&gjid=1842169079&_v=j81&z=230410784 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80490-1&cid=918812420.1582881355&jid=1581477022&_v=j81&z=230410784 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80490-1&cid=918812420.1582881355&jid=1581477022&_v=j81&z=230410784&slf_rd=1&random=2623506369

Request Chain 62

https://www.facebook.com/tr/?id=954330831296646&ev=Microdata&dl=https%3A%2F%2Fwww.dacardworld.com%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26locale.x%3Den_US%26ulOnboardRedirect%3Dtrue&rl=&if=false&ts=1582881355738&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sorry%2C%20I%20could%27t%20find%20that%20page%20%7C%20DA%20Card%20World%22%7D&cd[OpenGraph]=%7B%22twitter%3Aaccount_id%22%3A%2214882506%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1582881355223.840127190&it=1582881355117&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://cx.atdmt.com/?c=5817100512555484797&f=AYwhc46IsHdJl6DsSSfnXpZqUYx-9CNgJHFjst3POVxDfsyOm9myu75y6uhXZi8XlT9tD_yjrh-2KuZX8Iulcjsa&id=954330831296646&l=3&v=0

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request hermes Show response
www.dacardworld.com/webapps/ 81 KB
16 KB 346ms
299ms Document
text/html 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a22df95b8b6dc959f2132125b3609ecd1b4e89e96d8cac8eb8503d50bdef1766

Request headers

:method: GET
:authority: www.dacardworld.com
:scheme: https
:path: /webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 404
date: Fri, 28 Feb 2020 09:15:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=de72a9e466423315dace884f890893e341582881354; expires=Sun, 29-Mar-20 09:15:54 GMT; path=/; domain=.dacardworld.com; HttpOnly; SameSite=Lax; Secure _dacw_session=qj4ejruoo76ljlrftth70snboq; expires=Fri, 13-Mar-2020 09:15:54 GMT; Max-Age=1209600; path=/
vary: Accept-Encoding Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: </js/modernizr/modernizr.min.js?v=9167dcdd>; rel=preload; as=script, </js/dacardworld/dacardworld.core.min.js?v=9b42117a>; rel=preload; as=script, </js/lazysizes/lazysizes.min.js?v=542d8b04>; rel=preload; as=script, </js/foundation/jquery.foundation.min.js?v=16cb942d>; rel=preload; as=script, </js/dacardworld/jquery.dacardworld.accordion.min.js?v=6f858667>; rel=preload; as=script, </js/dacardworld/jquery.dacardworld.navigation.min.js?v=06cdbbb0>; rel=preload; as=script, </js/dacardworld/jquery.dacardworld.additem.min.js?v=00e35300>; rel=preload; as=script, <https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/jquery.min.js>; rel=preconnect; as=script, </js/app.min.js?v=6b97ed82>; rel=preload; as=script, </js/dacardworld.min.js?v=49aff750>; rel=preload; as=script, </css/app.min.css?v=59bd6266>; rel=preload; as=style, <https://use.typekit.net/wwz6xjj.css>; rel=preconnect; as=style, </images/layout/daveandadams-primary-logo@2x.png?v=ff64bcd6>; rel=preload; as=image, </images/logos/dacw_live_logo_small.png?v=c788121a>; rel=preload; as=image, </images/spinner.gif>; rel=preload; as=image, </images/sprites/dacardworld-sprite-s397590caaa.png>; rel=preload; as=image, </images/sprites/icons-s46489232df.png>; rel=preload; as=image, </images/layout/daily-deals@2x.png?v=e557804c>; rel=preload; as=image, </images/layout/free-gifts-100@2x.png?v=881f998e>; rel=preload; as=image, </images/layout/free-shipping-199@2x.png?v=d7ad7f47>; rel=preload; as=image
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56c14bf25a2fc272-FRA
content-encoding: br
cf-h2-pushed: </js/modernizr/modernizr.min.js?v=9167dcdd>,</js/dacardworld/dacardworld.core.min.js?v=9b42117a>,</js/lazysizes/lazysizes.min.js?v=542d8b04>,</js/foundation/jquery.foundation.min.js?v=16cb942d>,</js/dacardworld/jquery.dacardworld.accordion.min.js?v=6f858667>,</js/dacardworld/jquery.dacardworld.navigation.min.js?v=06cdbbb0>,</js/dacardworld/jquery.dacardworld.additem.min.js?v=00e35300>,</js/app.min.js?v=6b97ed82>,</js/dacardworld.min.js?v=49aff750>,</css/app.min.css?v=59bd6266>,</images/layout/daveandadams-primary-logo@2x.png?v=ff64bcd6>,</images/logos/dacw_live_logo_small.png?v=c788121a>,</images/spinner.gif>,</images/sprites/dacardworld-sprite-s397590caaa.png>,</images/sprites/icons-s46489232df.png>,</images/layout/daily-deals@2x.png?v=e557804c>,</images/layout/free-gifts-100@2x.png?v=881f998e>,</images/layout/free-shipping-199@2x.png?v=d7ad7f47>

GET
H2 200 modernizr.min.js Show response
www.dacardworld.com/js/modernizr/ 6 KB
2 KB 39ms
0ms Script
application/javascript 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dacardworld.com/js/modernizr/modernizr.min.js?v=9167dcdd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f5b5475639c96f30ad0ef88f517ca720c422d3651422d4fac47ba31a0452761

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1966
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:54:18 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c40ea-1668"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 56c14bf43eb9c272-FRA

GET
H2 200 dacardworld.core.min.js Show response
www.dacardworld.com/js/dacardworld/ 346 B
413 B 33ms
0ms Script
application/javascript 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dacardworld.com/js/dacardworld/dacardworld.core.min.js?v=9b42117a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

450661333ff98f885e2cfe5d8cc7803773abcfe15296b53e39a084436b5eac5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1966
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:54:37 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c40fd-15a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 56c14bf43ebcc272-FRA

GET
H2 200 lazysizes.min.js Show response
www.dacardworld.com/js/lazysizes/ 7 KB
3 KB 54ms
0ms Script
application/javascript 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dacardworld.com/js/lazysizes/lazysizes.min.js?v=542d8b04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ed214f2c388acb24bb56fc2028ba2624912f24da566c3eacf095552c5e687c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1966
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:54:54 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c410e-1bef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 56c14bf43ebdc272-FRA

GET
H2 200 jquery.foundation.min.js Show response
www.dacardworld.com/js/foundation/ 17 KB
5 KB 30ms
0ms Script
application/javascript 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dacardworld.com/js/foundation/jquery.foundation.min.js?v=16cb942d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aff0234344ea4270c944fb98008a64286a7df8e3ab328a13a1b6ba27c2bbaf1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1966
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:54:32 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c40f8-42cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 56c14bf43ebec272-FRA

GET
H2 200 jquery.dacardworld.accordion.min.js Show response
www.dacardworld.com/js/dacardworld/ 546 B
318 B 58ms
23ms Script
application/javascript 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dacardworld.com/js/dacardworld/jquery.dacardworld.accordion.min.js?v=6f858667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97224ca9dd085ec5458dbb11eae7584d4e8362e0c9b62375912f5b4788d930ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1966
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:54:37 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c40fd-222"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 56c14bf43ebfc272-FRA

GET
H2 200 jquery.dacardworld.navigation.min.js Show response
www.dacardworld.com/js/dacardworld/ 388 B
297 B 35ms
0ms Script
application/javascript 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dacardworld.com/js/dacardworld/jquery.dacardworld.navigation.min.js?v=06cdbbb0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3cd8ae9e2af83eb36fbad573ee6b36243f976019ba88e5def01f3bc666a527e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1966
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:54:53 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c410d-184"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 56c14bf43ec0c272-FRA

GET
H2 200 jquery.dacardworld.additem.min.js Show response
www.dacardworld.com/js/dacardworld/ 3 KB
1 KB 47ms
0ms Script
application/javascript 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dacardworld.com/js/dacardworld/jquery.dacardworld.additem.min.js?v=00e35300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a700c99a74b7aa554497d935b9be245af4fcf329b22b500bb9177a0bfb912e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1966
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:54:47 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c4107-d7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 56c14bf43ec1c272-FRA

GET
H2 200 app.min.js Show response
www.dacardworld.com/js/ 1 KB
621 B 56ms
0ms Script
application/javascript 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dacardworld.com/js/app.min.js?v=6b97ed82

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b3d4f6d6c50a6fbd6ec6006c51f2593b182e4edfad151b6472093ecc5d3a9e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1966
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:55:02 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c4116-577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 56c14bf43ec2c272-FRA

GET
H2 200 dacardworld.min.js Show response
www.dacardworld.com/js/ 918 B
329 B 50ms
0ms Script
application/javascript 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dacardworld.com/js/dacardworld.min.js?v=49aff750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29acca31d0522872c376facb5f81c453a92da3412d444805eae6f5a48c7dda4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2785
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:54:18 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c40ea-396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 56c14bf43ec3c272-FRA

GET
H2 200 app.min.css
www.dacardworld.com/css/ 146 KB
29 KB 36ms
0ms Stylesheet
text/css 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dacardworld.com/css/app.min.css?v=59bd6266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1564ed9ec2c12ce47b428198419abe485302a312c30194c9547d48b686b83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1966
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:55:46 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c4142-24778"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=86400
cf-ray: 56c14bf43ec4c272-FRA

GET
H2 200 daveandadams-primary-logo@2x.png
www.dacardworld.com/images/layout/ 4 KB
4 KB 58ms
16ms Image
image/png 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/layout/daveandadams-primary-logo@2x.png?v=ff64bcd6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86de194520245164473ebdb420656a206e6dbe532fc9787b410cd2ab94e74a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6784
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding
content-length: 4160
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 20:00:15 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "5e4c424f-1040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 56c14bf43ec5c272-FRA

GET
H2 200 dacw_live_logo_small.png
www.dacardworld.com/images/logos/ 2 KB
2 KB 52ms
0ms Image
image/png 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/logos/dacw_live_logo_small.png?v=c788121a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71e5e6e7d1e2bbca264fe19a193b032ab0fc7b52c71a15e21191b1cc9aae32d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1966
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding
content-length: 2227
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:58:10 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "5e4c41d2-8b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 56c14bf43ec7c272-FRA

GET
H2 200 spinner.gif
www.dacardworld.com/images/ 3 KB
3 KB 0ms
0ms Image
image/gif 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/spinner.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1966
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding
content-length: 2608
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:59:26 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "5e4c421e-a30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 56c14bf43ec8c272-FRA

GET
H2 200 dacardworld-sprite-s397590caaa.png
www.dacardworld.com/images/sprites/ 8 KB
8 KB 0ms
0ms Image
image/png 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/sprites/dacardworld-sprite-s397590caaa.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae719cccd48c4ba1e3ee117fde0905e09430a1549cc313f6ca9572dd1e356da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4597
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding
content-length: 8313
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:59:47 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "5e4c4233-2079"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 56c14bf43ec9c272-FRA

GET
H2 200 icons-s46489232df.png
www.dacardworld.com/images/sprites/ 11 KB
11 KB 0ms
0ms Image
image/png 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/sprites/icons-s46489232df.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd9c6ea76c8a82fc4b00319ea6e6888d7ba79c5c7390483aacf4e0778bdd7989

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1966
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding
content-length: 11370
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 20:00:06 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "5e4c4246-2c6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 56c14bf43ecac272-FRA

GET
H2 200 daily-deals@2x.png
www.dacardworld.com/images/layout/ 3 KB
3 KB 0ms
0ms Image
image/png 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/layout/daily-deals@2x.png?v=e557804c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fee8935e56b5f8a3682d126841041cf8e36835d7bc9c7a157686609509a2982

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1966
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding
content-length: 2785
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 20:00:11 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "5e4c424b-ae1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 56c14bf43ecbc272-FRA

GET
H2 200 free-gifts-100@2x.png
www.dacardworld.com/images/layout/ 3 KB
3 KB 0ms
0ms Image
image/png 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/layout/free-gifts-100@2x.png?v=881f998e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daf7777b7db04f9f47567f3a0c6a322d5db66e82c7f59956480ac73689be6713

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1966
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding
content-length: 3302
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 20:00:16 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "5e4c4250-ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 56c14bf43eccc272-FRA

GET
H2 200 free-shipping-199@2x.png
www.dacardworld.com/images/layout/ 4 KB
4 KB 0ms
0ms Image
image/png 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/layout/free-shipping-199@2x.png?v=d7ad7f47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51b6d61c04c9e10222a171e2fad98fbb12594d256f47943fc1b2e196e409e3b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1966
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding
content-length: 3662
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 20:00:15 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "5e4c424f-e4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 56c14bf43ecdc272-FRA

GET
H2 200 wwz6xjj.css
use.typekit.net/ 6 KB
1 KB 91ms
27ms Stylesheet
text/css 23.37.33.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/wwz6xjj.css

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-33-211.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e45d0af4092f3821e72f10613e8de71cb354b8db4d2195d0043ea801c8f76dc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
access-control-allow-origin: *
date: Fri, 28 Feb 2020 09:15:55 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
status: 200
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 895

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-80490-1

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

650496a0f29f1dea3868d6b3b1e7952efc535e60ef222982c0fa9b5cf2684cac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28621
x-xss-protection: 0
last-modified: Fri, 28 Feb 2020 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Feb 2020 09:15:55 GMT

GET
H2 200 top-bar-phone.svg
www.dacardworld.com/images/layout/ 1 KB
634 B 190ms
190ms Image
image/svg+xml 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/layout/top-bar-phone.svg

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbbd653e0e6da3ef7e2afc867af7c4d10823394bdd7ac34feaf9a678d5fb4e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 20:00:17 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c4251-403"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 56c14bf4f87dc272-FRA

GET
H2 200 top-bar-truck.svg
www.dacardworld.com/images/layout/ 1 KB
620 B 175ms
173ms Image
image/svg+xml 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/layout/top-bar-truck.svg

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c00825de71f362d0e74d08979a763c594c3f526c050f38e298dbbe54f124e39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 20:00:19 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c4253-416"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 56c14bf5492ac272-FRA

GET
H2 200 top-bar-gift.svg
www.dacardworld.com/images/layout/ 1 KB
817 B 177ms
175ms Image
image/svg+xml 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/layout/top-bar-gift.svg

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9303b576fd7659d6090a41b90a8aae9a59d77560702ce001722c3ed371a17b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 20:00:14 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c424e-5ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 56c14bf5492cc272-FRA

GET
H2 200 top-bar-question.svg
www.dacardworld.com/images/layout/ 608 B
432 B 491ms
490ms Image
image/svg+xml 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/layout/top-bar-question.svg

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e60800c5515fb1387756898bc7343e30cdc375cfbcbfc12acaf56a7f39a0f8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 20:00:11 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c424b-260"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 56c14bf5492ec272-FRA

GET
H2 200 nav-profile-icon.svg
www.dacardworld.com/images/layout/ 3 KB
1 KB 203ms
202ms Image
image/svg+xml 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/layout/nav-profile-icon.svg

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

445a4e320b01f06e67a5e1c1a42cab00e97a86cc9274d390d82c23b232c0594f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 20:00:19 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c4253-a03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 56c14bf54930c272-FRA

GET
H2 200 77500_medal.min.js Show response
www.dacardworld.com/js/bizrate/ 13 KB
3 KB 195ms
194ms Script
application/javascript 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dacardworld.com/js/bizrate/77500_medal.min.js?v=9ba61b4b

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2493867c17190e05e8a92888d7b6f82a9147e641e873019f8385b1b5cdffdfc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:54:15 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5e4c40e7-32da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 56c14bf4afc3c272-FRA

GET
H/1.1 403
Forbidden 77500_medal.gif
medals.bizrate.com/medals/dynamic/ 0
0 154ms
20ms Image
text/html 13.225.73.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medals.bizrate.com/medals/dynamic/77500_medal.gif
Requested by: Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.25 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-25.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H/1.1 403
Forbidden 77500_coe.gif
medals.bizrate.com/awards/vertical/ 0
0 161ms
19ms Image
text/html 13.225.73.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medals.bizrate.com/awards/vertical/77500_coe.gif
Requested by: Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.25 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-25.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 UpperDeck-AIR.png
www.dacardworld.com/images/logos/ 6 KB
6 KB 190ms
189ms Image
image/png 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/logos/UpperDeck-AIR.png

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b20a76cf313d09b2fdf11677d95f81fd7e45798654074aa957e45d9fceb4d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding
content-length: 5733
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:58:10 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "5e4c41d2-1665"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 56c14bf54932c272-FRA

GET
H2 200 Panini-AIR.png
www.dacardworld.com/images/logos/ 3 KB
3 KB 201ms
199ms Image
image/png 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/logos/Panini-AIR.png

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d1b737438aa8154b2064d8bf147600d00726b433b95b0156f00d0864833745

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding
content-length: 3341
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:59:22 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "5e4c421a-d0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 56c14bf54934c272-FRA

GET
H2 200 Wizards-AIR.png
www.dacardworld.com/images/logos/ 5 KB
5 KB 192ms
190ms Image
image/png 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/logos/Wizards-AIR.png

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3609072dd5b22b268a8017d87fe0bb43a9d724e82092967a7c8d7efbc642e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding
content-length: 4640
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 19:59:22 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "5e4c421a-1220"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 56c14bf54936c272-FRA

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/ 84 KB
29 KB 15ms
15ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Origin: https://www.dacardworld.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 28 Feb 2020 09:15:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 10462700
cf-ray: 56c14bf4ab86324c-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:21:00 GMT
server: cloudflare
etag: W/"5afd497c-14e55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 17 Feb 2021 09:15:54 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.003

GET
H2 200 p.css
p.typekit.net/ 5 B
168 B 23ms
22ms Stylesheet
text/css 23.37.33.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=wwz6xjj&ht=tk&f=15498.15501.15505.15508.15509.15510.26840.26842&a=596780&app=typekit&e=css
Requested by: Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-33-211.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
last-modified: Thu, 24 Oct 2019 12:27:07 GMT
server: nginx
access-control-allow-origin: *
etag: "5db1989b-5"
content-type: text/css
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5
expires: Wed, 12 Feb 2020 04:30:50 GMT

GET
H2 200 recorder.js Show response
rec.smartlook.com/ 29 KB
9 KB 87ms
25ms Script
application/javascript 195.181.175.45
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://rec.smartlook.com/recorder.js

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.45 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-45.datapacket.com

Software

CDN77-Turbo /

Resource Hash

43edc93275b9ebca895ab57e6461e9370385779d0951bf754f80c74280be2393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
content-encoding: br
last-modified: Mon, 17 Feb 2020 08:41:38 GMT
server: CDN77-Turbo
access-control-allow-origin: *
x-edge-location: frankfurtDE
etag: W/"5e4a51c2-7544"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=600
x-edge-ip: 195.181.175.44
strict-transport-security: max-age=31536000
x-age: 165

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 15 KB
6 KB 79ms
34ms Script
application/x-javascript 72.246.168.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=f18697b2-b988-11e7-97e8-a7687f5afacc

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-168-118.deploy.static.akamaitechnologies.com

Software

Resource Hash

843eab9f6781c1e58ed6e7fb9d2ecfc6e147e3c393e813d775ca76f1d2a07692

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-u5HnupGwAdSIKFEnqU2ntNtLq1E7dVgpnSFQWXuEfwWu48ix' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline'; form-action 'self' https://.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-u5HnupGwAdSIKFEnqU2ntNtLq1E7dVgpnSFQWXuEfwWu48ix' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"3a9c-g07dqdZQS1pIWD1p0tsaGpFDuMg"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 28 Feb 2020 09:15:55 GMT
paypal-debug-id: 5718a18c10c5f
strict-transport-security: max-age=63072000
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 5128
x-xss-protection: 1; mode=block

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: private
x-fb-debug: G8v57JKVTt4XfLHN4tT34Kq8uF/a+0gkGfYWyvv5rev0RWrkGQeKdg+8KnQoFhczsbRDWsgHSWiBrhuCjegLIg==
x-fb-trip-id: 1850256238
date: Fri, 28 Feb 2020 09:15:55 GMT, Fri, 28 Feb 2020 09:15:55 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 social-icons-mono-se7cd3b4b4f.png
www.dacardworld.com/images/sprites/ 1 KB
1 KB 471ms
471ms Image
image/png 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/sprites/social-icons-mono-se7cd3b4b4f.png

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

732150092e02be087e5f843a4c3fbc398781b111e20971c0d23518fd673c14b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/css/app.min.css?v=59bd6266
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding
content-length: 1070
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 20:00:10 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "5e4c424a-42e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 56c14bf55942c272-FRA

GET
H2 200 l
use.typekit.net/af/acc12d/00000000000000003b9ad05b/27/ 30 KB
30 KB 67ms
23ms Font
application/font-woff2 23.37.33.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/acc12d/00000000000000003b9ad05b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-33-211.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b09fcb51a0f3532d3bb84648809ebfa8c14b6c584447699484c2e25ac9b1b77c

Request headers

Referer: https://use.typekit.net/wwz6xjj.css
Origin: https://www.dacardworld.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
server: nginx
access-control-allow-origin: *
etag: "88c2d678a434632263f607a8b797884429b7d1f1"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 30936

GET
H2 200 warehouse_404.jpg
www.dacardworld.com/images/layout/ 78 KB
78 KB 205ms
205ms Image
image/jpeg 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dacardworld.com/images/layout/warehouse_404.jpg

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c979d8d5786a71ee13577af4c7356d5c3a6b8a42ba2f8a2fbdaedba9bdcc7fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/css/app.min.css?v=59bd6266
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
x-whom: dacardworld-api-00, dacardworld-primary
vary: Accept-Encoding
content-length: 79899
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 18 Feb 2020 20:00:15 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "5e4c424f-1381b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 56c14bf5594ec272-FRA

GET
H2 200 dacardworld.woff2
www.dacardworld.com/fonts/ 3 KB
3 KB 24ms
23ms Font
font/woff2 2606:4700:10::6814:d298
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dacardworld.com/fonts/dacardworld.woff2?mtb0zq

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d298 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34450891eebca152a18a27fc9da7466fada58ebe22a1a34ed8b862246d9d22ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dacardworld.com/css/app.min.css?v=59bd6266
Origin: https://www.dacardworld.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5588
status: 200
x-whom: dacardworld-live-07, dacardworld-primary
vary: Accept-Encoding
content-length: 3236
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Mon, 10 Feb 2020 22:24:27 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "5e41d81b-ca4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 56c14bf55952c272-FRA

GET
H2 200 l
use.typekit.net/af/5e9c68/00000000000000003b9ad05f/27/ 30 KB
31 KB 83ms
41ms Font
application/font-woff2 23.37.33.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5e9c68/00000000000000003b9ad05f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-33-211.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8af0ff05fa8447dd898b65dbebba08997b09c04f147dc784fde587f455221e1d

Request headers

Referer: https://use.typekit.net/wwz6xjj.css
Origin: https://www.dacardworld.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
server: nginx
access-control-allow-origin: *
etag: "88bf15fe0d8c2c81286f93fd28de9187b0d55fc2"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 31228

GET
H2 200 l
use.typekit.net/af/5be6ad/00000000000000003b9ad05d/27/ 31 KB
31 KB 95ms
53ms Font
application/font-woff2 23.37.33.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5be6ad/00000000000000003b9ad05d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-33-211.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f4d76bf771a725bef98ce55b34b6133e57ec025960be5ece7ba18a83751a8a98

Request headers

Referer: https://use.typekit.net/wwz6xjj.css
Origin: https://www.dacardworld.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
server: nginx
access-control-allow-origin: *
etag: "d8da753c9daf254346924988f37536aad8bdb2a8"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 31288

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-80490-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5024
date: Fri, 28 Feb 2020 07:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Fri, 28 Feb 2020 09:52:11 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 33ms
32ms Script
text/javascript 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-80490-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
server: cafe
etag: 9478280665056484852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Feb 2020 09:15:55 GMT

GET
H2 200 954330831296646 Show response
connect.facebook.net/signals/config/ 448 KB
113 KB 63ms
63ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/954330831296646?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c48c3e5ace103da146e48b059e61716dd54ff81c92ef2581fe082f67bb4017a0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: AqR/RIXhx47LVUWURBYPYN2xGTgjFsCNat685ClIDV5hXlgsMykCJ5XFmQMklvtRGhPR7EGRHXEEgde5fvCXkQ==
x-fb-trip-id: 1850256238
date: Fri, 28 Feb 2020 09:15:55 GMT, Fri, 28 Feb 2020 09:15:55 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1210181467&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dacardworld.com%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26lo...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80490-1&cid=918812420.1582881355&jid=1581477022&_gid=1395177534.1582881355&gjid=1842169079&_v=j81&z=230410784
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80490-1&cid=918812420.1582881355&jid=1581477022&_v=j81&z=230410784
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80490-1&cid=918812420.1582881355&jid=1581477022&_v=j81&z=230410784&slf_rd=1&random=2623506369

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80490-1&cid=918812420.1582881355&jid=1581477022&_v=j81&z=230410784&slf_rd=1&random=2623506369

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:15:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:15:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80490-1&cid=918812420.1582881355&jid=1581477022&_v=j81&z=230410784&slf_rd=1&random=2623506369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 7ms
6ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&aip=1&a=1210181467&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.dacardworld.com%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26locale.x%3Den_US%26ulOnboardRedirect%3Dtrue&ul=en-us&de=UTF-8&dt=Sorry%2C%20I%20could%27t%20find%20that%20page%20%7C%20DA%20Card%20World&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=membership_dimension&_u=oGBAAQAB~&jid=&gjid=&cid=918812420.1582881355&tid=UA-80490-1&_gid=1395177534.1582881355&gtm=2ou2j0&cd1=Standard&z=2100313383

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 23 Jan 2020 10:42:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3105225
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071932224/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071932224/?random=1582881355149&cv=9&fst=1582881355149&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou2j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dacardworld.com%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26locale.x%3Den_US%26ulOnboardRedirect%3Dtrue&tiba=Sorry%2C%20I%20could%27t%20find%20that%20page%20%7C%20DA%20Card%20World&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2944261a9114622f9f4210d9c9036a61a698ea63dd44f23103bad4627d2405cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1127
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071932224/ 3 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071932224/?random=1582881355150&cv=9&fst=1582881355150&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou2j0&sendb=1&ig=1&data=event%3Dmembership_dimension%3Bmembership%3DStandard%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fwww.dacardworld.com%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26locale.x%3Den_US%26ulOnboardRedirect%3Dtrue&tiba=Sorry%2C%20I%20could%27t%20find%20that%20page%20%7C%20DA%20Card%20World&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a425cb5c743a73ca4c41e16e8eb94c4334809f891f18bcb1fdeb4fb358f37e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1156
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 66 KB
18 KB 76ms
24ms Script
application/x-javascript 2.18.232.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=f18697b2-b988-11e7-97e8-a7687f5afacc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.75 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c9dc1e8b49eb87c548ec7d2cac255a9500e596cd06735084e70b7c74d87f1bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:15:55 GMT
x-pad: avoid browser bug
x-content-type-options: nosniff
last-modified: Fri, 28 Jun 2019 04:35:07 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 17728
expires: Fri, 28 Feb 2020 09:15:55 GMT

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
813 B 220ms
176ms Image
image/gif 23.45.98.207
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics%3A%3AN4AYNR5ENXFWY-1&page=muse%3Athird-party%3Aanalytics%3A%3AN4AYNR5ENXFWY-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=f18697b2-b988-11e7-97e8-a7687f5afacc&fltp=analytics&mrid=N4AYNR5ENXFWY&flag_consume=yes&pt=Sorry%2C%20I%20could%27t%20find%20that%20page%20%7C%20DA%20Card%20World&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1582881355167&g=-60&completeurl=https%3A%2F%2Fwww.dacardworld.com%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26locale.x%3Den_US%26ulOnboardRedirect%3Dtrue
Requested by: Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.98.207 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-98-207.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.7 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 28 Feb 2020 09:15:55 GMT
Server: akka-http/10.1.7
P3P: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Fri, 28 Feb 2020 09:15:55 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1071932224/ 42 B
110 B 22ms
22ms Image
image/gif 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071932224/?random=1582881355149&cv=9&fst=1582880400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou2j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dacardworld.com%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26locale.x%3Den_US%26ulOnboardRedirect%3Dtrue&tiba=Sorry%2C%20I%20could%27t%20find%20that%20page%20%7C%20DA%20Card%20World&async=1&fmt=3&is_vtc=1&random=1322569352&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:15:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1071932224/ 42 B
110 B 19ms
19ms Image
image/gif 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1071932224/?random=1582881355149&cv=9&fst=1582880400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou2j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dacardworld.com%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26locale.x%3Den_US%26ulOnboardRedirect%3Dtrue&tiba=Sorry%2C%20I%20could%27t%20find%20that%20page%20%7C%20DA%20Card%20World&async=1&fmt=3&is_vtc=1&random=1322569352&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:15:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1071932224/ 42 B
110 B 23ms
23ms Image
image/gif 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071932224/?random=1582881355150&cv=9&fst=1582880400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou2j0&sendb=1&data=event%3Dmembership_dimension%3Bmembership%3DStandard%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fwww.dacardworld.com%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26locale.x%3Den_US%26ulOnboardRedirect%3Dtrue&tiba=Sorry%2C%20I%20could%27t%20find%20that%20page%20%7C%20DA%20Card%20World&async=1&fmt=3&is_vtc=1&random=1599448189&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:15:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1071932224/ 42 B
110 B 21ms
21ms Image
image/gif 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1071932224/?random=1582881355150&cv=9&fst=1582880400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou2j0&sendb=1&data=event%3Dmembership_dimension%3Bmembership%3DStandard%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fwww.dacardworld.com%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26locale.x%3Den_US%26ulOnboardRedirect%3Dtrue&tiba=Sorry%2C%20I%20could%27t%20find%20that%20page%20%7C%20DA%20Card%20World&async=1&fmt=3&is_vtc=1&random=1599448189&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:15:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK goal.min.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ 3 KB
3 KB 421ms
110ms Script
application/javascript 52.216.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/goal.min.js
Requested by: Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.21.61 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 95988cd724c335017a45083d6113304f8ff09502a3aa961b804f8ae03f4c3ada

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 09:15:56 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:37 GMT
Server: AmazonS3
x-amz-request-id: E5367B9F11BF7B9C
ETag: "db78cc3fefd4dc191250a00cf7b530a3"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 2699
x-amz-id-2: sM/EAx5aQ4fXac3JG9uVt6kw5SSWGMePFLA+1aRXtACrHtqCMpk0lKn42jXFfBYXwAg6RU+L3Rc=

GET
H/1.1 200
OK 388525982a440f9f38c06ce4b.js Show response
chimpstatic.com/mcjs-connected/js/users/69475d2b79ee4bc978209f15a/ 50 B
509 B 74ms
30ms Script
application/javascript 23.67.141.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/69475d2b79ee4bc978209f15a/388525982a440f9f38c06ce4b.js
Requested by: Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.67.141.171 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-67-141-171.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 09:15:55 GMT
Last-Modified: Mon, 04 Mar 2019 16:52:22 GMT
Server: AmazonS3
x-amz-request-id: 4323923D1F33690B
ETag: "104d46a3208b40e8ded389332f5a78a3"
Content-Type: application/javascript
Cache-Control: max-age=42
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50
x-amz-id-2: KmRbzrgQfe2FdANO79wJ9rRY65Y/Im0BIUQJBS6P9xearK8LUEwfdJefsWozhi4lomHgCC2UxM8=
Expires: Fri, 28 Feb 2020 09:16:37 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 10ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=954330831296646&ev=PageView&dl=https%3A%2F%2Fwww.dacardworld.com%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26locale.x%3Den_US%26ulOnboardRedirect%3Dtrue&rl=&if=false&ts=1582881355224&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22360232974691049%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22609639919541661%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1582881355223.840127190&it=1582881355117&coo=false&rqm=GET

Requested by

Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-asan /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:15:55 GMT, Fri, 28 Feb 2020 09:15:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-asan
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Fri, 28 Feb 2020 09:15:55 GMT

GET
H2 200 index.html
www.paypalobjects.com/muse/analytics/ Frame 2098 0
0 46ms
45ms Document
text/html 2.18.232.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html?frameId=2ffdba19-57e2-47cc-b780-df6e7dca0ca1&propertyId=N4AYNR5ENXFWY-1&flow=visitor-info&variant=analytics&mrid=N4AYNR5ENXFWY&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.75 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.paypalobjects.com
:scheme: https
:path: /muse/analytics/index.html?frameId=2ffdba19-57e2-47cc-b780-df6e7dca0ca1&propertyId=N4AYNR5ENXFWY-1&flow=visitor-info&variant=analytics&mrid=N4AYNR5ENXFWY&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true

Response headers

status: 200
server: Apache
last-modified: Fri, 22 Nov 2019 01:27:26 GMT
accept-ranges: bytes
content-type: text/html
content-encoding: gzip
x-akamai-transformed: 9 - 0 pmb=mRUM,1
expires: Fri, 28 Feb 2020 09:15:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 28 Feb 2020 09:15:55 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
813 B 240ms
239ms Image
image/gif 23.45.98.207
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AN4AYNR5ENXFWY-1&page=muse%3Aoffer%3A%3A%3AN4AYNR5ENXFWY-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=f18697b2-b988-11e7-97e8-a7687f5afacc&es=visitorInfoFlowStarted&mrid=N4AYNR5ENXFWY&pt=Sorry%2C%20I%20could%27t%20find%20that%20page%20%7C%20DA%20Card%20World&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1582881355458&g=-60&completeurl=https%3A%2F%2Fwww.dacardworld.com%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26locale.x%3Den_US%26ulOnboardRedirect%3Dtrue
Requested by: Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.98.207 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-98-207.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.7 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 28 Feb 2020 09:15:55 GMT
Server: akka-http/10.1.7
P3P: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Fri, 28 Feb 2020 09:15:55 GMT

GET
H/1.1 403
Forbidden 77500_medal_summary.gif
medals.bizrate.com/medals/summary/ 0
0 20ms
19ms Image
text/html 13.225.73.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medals.bizrate.com/medals/summary/77500_medal_summary.gif
Requested by: Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.25 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-25.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 31ms
7ms Script
application/x-javascript 2600:9000:21f3:1200:18:1fcd:349:ca21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.dacardworld.com
URL: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:1200:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 08:52:27 GMT
content-encoding: gzip
last-modified: Tue, 29 Oct 2019 02:24:02 GMT
server: nginx
age: 1408
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: YllX80SeytivISBTw0jZlocj3EKuzwrTQ4Ni93Y9GFnQ-__gkOhF9Q==
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
expires: Fri, 28 Feb 2020 10:52:27 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=954330831296646&ev=Microdata&dl=https%3A%2F%2Fwww.dacardworld.com%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26locale.x%3Den_US%26ulOnboardRe...
https://cx.atdmt.com/?c=5817100512555484797&f=AYwhc46IsHdJl6DsSSfnXpZqUYx-9CNgJHFjst3POVxDfsyOm9myu75y6uhXZi8XlT9tD_yjrh-2KuZX8Iulcjsa&id=954330831296646&l=3&v=0

42 B
435 B

51ms
39ms

Image
image/gif

2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=5817100512555484797&f=AYwhc46IsHdJl6DsSSfnXpZqUYx-9CNgJHFjst3POVxDfsyOm9myu75y6uhXZi8XlT9tD_yjrh-2KuZX8Iulcjsa&id=954330831296646&l=3&v=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 28 Feb 2020 09:15:55 GMT, Fri, 28 Feb 2020 09:15:55 GMT, Fri, 28 Feb 2020 09:15:55 GMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
alt-svc: h3-24=":443"; ma=3600
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:15:55 GMT, Fri, 28 Feb 2020 09:15:55 GMT
server: proxygen-asan
location: https://cx.atdmt.com/?c=5817100512555484797&f=AYwhc46IsHdJl6DsSSfnXpZqUYx-9CNgJHFjst3POVxDfsyOm9myu75y6uhXZi8XlT9tD_yjrh-2KuZX8Iulcjsa&id=954330831296646&l=3&v=0
content-type: text/plain
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-24=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 310ms
103ms Image
image/gif 54.86.129.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=dacardworld.com&p=%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26locale.x%3Den_US%26ulOnboardRedirect%3Dtrue&u=DgRC9cDK_cH6CLD803&d=dacardworld.com&g=17355&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1225&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1129&t=DrJtCNBjFohpI5L_ADRB_FdBTyFws&V=118&i=Sorry%2C%20I%20could%27t%20find%20that%20page%20%7C%20DA%20Card%20World&tz=-60&sn=1&sv=DEri3rfc53LBEMbWxC_4IxmB65QHy&sd=1&im=0e030400&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.129.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-129-194.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
pragma: no-cache
date: Fri, 28 Feb 2020 09:15:56 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
845 B 198ms
198ms Image
image/gif 23.45.98.207
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AN4AYNR5ENXFWY-1&page=muse%3Aoffer%3A%3A%3AN4AYNR5ENXFWY-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=f18697b2-b988-11e7-97e8-a7687f5afacc&es=visitorInfo&mrid=N4AYNR5ENXFWY&pt=Sorry%2C%20I%20could%27t%20find%20that%20page%20%7C%20DA%20Card%20World&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1582881356054&g=-60&completeurl=https%3A%2F%2Fwww.dacardworld.com%2Fwebapps%2Fhermes%3Ftoken%3DEC-16P62171DM597801L%26country.x%3DUS%26locale.x%3Den_US%26ulOnboardRedirect%3Dtrue
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.98.207 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-98-207.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.7 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.dacardworld.com/webapps/hermes?token=EC-16P62171DM597801L&country.x=US&locale.x=en_US&ulOnboardRedirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 28 Feb 2020 09:15:56 GMT
Server: akka-http/10.1.7
P3P: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
HTTP_X_PP_AZ_LOCATOR: slcb.slc
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Fri, 28 Feb 2020 09:15:56 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypalobjects.com/	1970-01-19 07:45:40	Name: paypal-offers--country Value: BE
.dacardworld.com/	1970-01-19 09:50:57	Name: _fbp Value: fb.1.1582881355223.840127190
.dacardworld.com/	1970-01-20 01:12:33	Name: _ga Value: GA1.2.918812420.1582881355
.dacardworld.com/	1970-01-19 07:42:47	Name: _gid Value: GA1.2.1395177534.1582881355
www.dacardworld.com/	1970-01-19 08:01:30	Name: _dacw_session Value: qj4ejruoo76ljlrftth70snboq
.dacardworld.com/	1970-01-19 07:41:21	Name: _gat_gtag_UA_80490_1 Value: 1
.dacardworld.com/	1970-01-19 08:24:33	Name: __cfduid Value: de72a9e466423315dace884f890893e341582881354

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
chimpstatic.com
connect.facebook.net
cx.atdmt.com
googleads.g.doubleclick.net
medals.bizrate.com
p.typekit.net
ping.chartbeat.net
rec.smartlook.com
s3.amazonaws.com
static.chartbeat.com
stats.g.doubleclick.net
t.paypal.com
use.typekit.net
www.dacardworld.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
13.225.73.25
172.217.22.34
195.181.175.45
2.18.232.75
23.37.33.211
23.45.98.207
23.67.141.171
2600:9000:21f3:1200:18:1fcd:349:ca21
2606:4700:10::6814:d298
2606:4700::6811:4104
2a00:1450:4001:819::2002
2a00:1450:4001:81b::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:81f::2004
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
52.216.21.61
54.86.129.194
72.246.168.118
00d1b737438aa8154b2064d8bf147600d00726b433b95b0156f00d0864833745
0b20a76cf313d09b2fdf11677d95f81fd7e45798654074aa957e45d9fceb4d6d
0b3d4f6d6c50a6fbd6ec6006c51f2593b182e4edfad151b6472093ecc5d3a9e7
0c00825de71f362d0e74d08979a763c594c3f526c050f38e298dbbe54f124e39
0d3609072dd5b22b268a8017d87fe0bb43a9d724e82092967a7c8d7efbc642e5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f5b5475639c96f30ad0ef88f517ca720c422d3651422d4fac47ba31a0452761
1fee8935e56b5f8a3682d126841041cf8e36835d7bc9c7a157686609509a2982
2493867c17190e05e8a92888d7b6f82a9147e641e873019f8385b1b5cdffdfc4
2944261a9114622f9f4210d9c9036a61a698ea63dd44f23103bad4627d2405cd
29acca31d0522872c376facb5f81c453a92da3412d444805eae6f5a48c7dda4b
34450891eebca152a18a27fc9da7466fada58ebe22a1a34ed8b862246d9d22ae
43edc93275b9ebca895ab57e6461e9370385779d0951bf754f80c74280be2393
445a4e320b01f06e67a5e1c1a42cab00e97a86cc9274d390d82c23b232c0594f
450661333ff98f885e2cfe5d8cc7803773abcfe15296b53e39a084436b5eac5d
51b6d61c04c9e10222a171e2fad98fbb12594d256f47943fc1b2e196e409e3b4
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
650496a0f29f1dea3868d6b3b1e7952efc535e60ef222982c0fa9b5cf2684cac
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e60800c5515fb1387756898bc7343e30cdc375cfbcbfc12acaf56a7f39a0f8b
71e5e6e7d1e2bbca264fe19a193b032ab0fc7b52c71a15e21191b1cc9aae32d5
732150092e02be087e5f843a4c3fbc398781b111e20971c0d23518fd673c14b7
7ed214f2c388acb24bb56fc2028ba2624912f24da566c3eacf095552c5e687c5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843eab9f6781c1e58ed6e7fb9d2ecfc6e147e3c393e813d775ca76f1d2a07692
86de194520245164473ebdb420656a206e6dbe532fc9787b410cd2ab94e74a48
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a700c99a74b7aa554497d935b9be245af4fcf329b22b500bb9177a0bfb912e2
8af0ff05fa8447dd898b65dbebba08997b09c04f147dc784fde587f455221e1d
95988cd724c335017a45083d6113304f8ff09502a3aa961b804f8ae03f4c3ada
97224ca9dd085ec5458dbb11eae7584d4e8362e0c9b62375912f5b4788d930ac
a22df95b8b6dc959f2132125b3609ecd1b4e89e96d8cac8eb8503d50bdef1766
a425cb5c743a73ca4c41e16e8eb94c4334809f891f18bcb1fdeb4fb358f37e5a
ae719cccd48c4ba1e3ee117fde0905e09430a1549cc313f6ca9572dd1e356da9
aff0234344ea4270c944fb98008a64286a7df8e3ab328a13a1b6ba27c2bbaf1a
b09fcb51a0f3532d3bb84648809ebfa8c14b6c584447699484c2e25ac9b1b77c
c48c3e5ace103da146e48b059e61716dd54ff81c92ef2581fe082f67bb4017a0
c979d8d5786a71ee13577af4c7356d5c3a6b8a42ba2f8a2fbdaedba9bdcc7fdd
c9dc1e8b49eb87c548ec7d2cac255a9500e596cd06735084e70b7c74d87f1bcc
cd9c6ea76c8a82fc4b00319ea6e6888d7ba79c5c7390483aacf4e0778bdd7989
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
daf7777b7db04f9f47567f3a0c6a322d5db66e82c7f59956480ac73689be6713
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cd8ae9e2af83eb36fbad573ee6b36243f976019ba88e5def01f3bc666a527e
e45d0af4092f3821e72f10613e8de71cb354b8db4d2195d0043ea801c8f76dc0
e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d76bf771a725bef98ce55b34b6133e57ec025960be5ece7ba18a83751a8a98
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
f9303b576fd7659d6090a41b90a8aae9a59d77560702ce001722c3ed371a17b7
fbbd653e0e6da3ef7e2afc867af7c4d10823394bdd7ac34feaf9a678d5fb4e34
fc1564ed9ec2c12ce47b428198419abe485302a312c30194c9547d48b686b83e
ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

www.dacardworld.com Open in urlscan Pro 2606:4700:10::6814:d298 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

55 %IPv6

20 Domains

23 Subdomains

21 IPs

6 Countries

577 kBTransfer

1468 kBSize

7 Cookies

9 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dacardworld.com Open in urlscan Pro
2606:4700:10::6814:d298 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

55 %
IPv6

20
Domains

23
Subdomains

21
IPs

6
Countries

577 kB
Transfer

1468 kB
Size

7
Cookies

66 HTTP transactions
0 data transactions