Submitted URL: http://bad.cards/
Effective URL: https://bad.cards/
Submission: On April 05 via api from US — Scanned from DE

Summary

This website contacted 26 IPs in 3 countries across 16 domains to perform 85 HTTP transactions. The main IP is 2606:4700:20::681a:e02, located in United States and belongs to CLOUDFLARENET, US. The main domain is bad.cards.
TLS certificate: Issued by E1 on February 16th 2024. Valid for: 3 months.
This is the only time bad.cards was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2606:4700:20:... 13335 (CLOUDFLAR...)
13 151.101.66.133 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 65.9.95.88 16509 (AMAZON-02)
3 151.101.2.133 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 65.9.95.108 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
11 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:6ea0:c70... 60068 (CDN77 _)
1 151.101.194.133 54113 (FASTLY)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 65.9.95.66 16509 (AMAZON-02)
1 18.239.94.78 16509 (AMAZON-02)
4 2a04:4e42:200... 54113 (FASTLY)
1 2600:9000:212... 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
85 26
Apex Domain
Subdomains
Transfer
27 bad.cards
bad.cards
api.bad.cards
static.bad.cards
1 MB
21 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 3106
static-tracking.klaviyo.com — Cisco Umbrella Rank: 3746
fast.a.klaviyo.com — Cisco Umbrella Rank: 4188
static-forms.klaviyo.com — Cisco Umbrella Rank: 3874
a.klaviyo.com — Cisco Umbrella Rank: 3794
199 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
206 KB
4 prismic.io
images.prismic.io — Cisco Umbrella Rank: 15401
93 KB
4 refersion.com
cdn.refersion.com — Cisco Umbrella Rank: 30192
tracking.refersion.com — Cisco Umbrella Rank: 36802
pub-a5fa57787d10daadcf9f.tracking.refersion.com
32 KB
3 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1297
147 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
251 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
165 KB
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 22709
21 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
1 KB
1 cloudfront.net
d3k81ch9hvuctc.cloudfront.net
31 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7528
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
249 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3274
249 B
1 wisepops.net
wisepops.net — Cisco Umbrella Rank: 13817
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 866
7 KB
85 16
Domain Requested by
15 bad.cards bad.cards
static.cloudflareinsights.com
13 static.klaviyo.com bad.cards
static.klaviyo.com
11 api.bad.cards bad.cards
7 pagead2.googlesyndication.com bad.cards
pagead2.googlesyndication.com
4 images.prismic.io bad.cards
4 a.klaviyo.com static.klaviyo.com
3 js.stripe.com bad.cards
js.stripe.com
3 www.googletagmanager.com bad.cards
www.googletagmanager.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 tracking.refersion.com cdn.refersion.com
2 web-sdk.smartlook.com bad.cards
web-sdk.smartlook.com
2 fonts.gstatic.com fonts.googleapis.com
2 static-tracking.klaviyo.com static.klaviyo.com
2 fonts.googleapis.com bad.cards
client
1 pub-a5fa57787d10daadcf9f.tracking.refersion.com cdn.refersion.com
1 static.bad.cards bad.cards
1 d3k81ch9hvuctc.cloudfront.net bad.cards
1 www.google.de bad.cards
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 static-forms.klaviyo.com static.klaviyo.com
1 fast.a.klaviyo.com static.klaviyo.com
1 wisepops.net bad.cards
1 cdn.refersion.com bad.cards
1 static.cloudflareinsights.com bad.cards
1 www.gstatic.com bad.cards
85 26

This site contains links to these domains. Also see Links.

Domain
twitter.com
instagram.com
reddit.com
patreon.com
checkout.stripe.com
Subject Issuer Validity Valid
bad.cards
E1
2024-02-16 -
2024-05-16
3 months crt.sh
static.klaviyo.com
R3
2024-03-13 -
2024-06-11
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
cloudflareinsights.com
GTS CA 1P5
2024-03-10 -
2024-06-08
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.refersion.com
Amazon RSA 2048 M03
2024-02-26 -
2025-03-25
a year crt.sh
static-tracking.klaviyo.com
R3
2024-03-21 -
2024-06-19
3 months crt.sh
wisepops.net
GTS CA 1P5
2024-03-24 -
2024-06-22
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-02-07 -
2024-05-09
3 months crt.sh
api.bad.cards
E1
2024-02-19 -
2024-05-19
3 months crt.sh
1688964705.rsc.cdn77.org
R3
2024-02-23 -
2024-05-23
3 months crt.sh
fast.a.klaviyo.com
R3
2024-03-13 -
2024-06-11
3 months crt.sh
static-forms.klaviyo.com
R3
2024-02-20 -
2024-05-20
3 months crt.sh
*.google.de
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-06-24 -
2024-06-23
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
images.prismic.io
Certainly Intermediate R1
2024-03-28 -
2024-04-27
a month crt.sh
static.bad.cards
Amazon RSA 2048 M02
2023-11-05 -
2024-12-03
a year crt.sh
*.tracking.refersion.com
Amazon RSA 2048 M01
2023-08-12 -
2024-09-08
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh

This page contains 6 frames:

Primary Page: https://bad.cards/
Frame ID: 8E3C6064EBD51BDEFA869173DF1E9454
Requests: 77 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-cd57016cc846103d80e81e32624eef91.html
Frame ID: 4DEA12CAEB42AA9F3A93D3FDE6853805
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3525646721011012&output=html&adk=1812271804&adf=3025194257&lmt=1704939388&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbad.cards%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712348186045&bpp=2&bdt=338&idt=170&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5670791805724&frm=20&pv=2&ga_vid=1628806836.1712348186&ga_sid=1712348186&ga_hid=1648254220&ga_fc=1&u_tz=120&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C95329438%2C95329461%2C95329571&oid=2&pvsid=1454398397522672&tmod=1375906108&uas=0&nvt=1&fsapi=1&fc=1920&brdim=50%2C50%2C50%2C50%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=182
Frame ID: 4E137CA256C52C4E9845C3D6B4AADA25
Requests: 1 HTTP requests in this frame

Frame: https://pub-a5fa57787d10daadcf9f.tracking.refersion.com/r.html
Frame ID: 7712D5F897C402F5F22F7399D9FC15A8
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 5D50E6740F564D589B47C9FB9F05DA8F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A470E52DAFF9A0A875BE08BF3C34794F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Bad Cards | good games for your bad side.

Page URL History Show full URLs

  1. http://bad.cards/ HTTP 307
    https://bad.cards/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • klaviyo\.com

Page Statistics

85
Requests

99 %
HTTPS

72 %
IPv6

16
Domains

26
Subdomains

26
IPs

3
Countries

2578 kB
Transfer

5810 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bad.cards/ HTTP 307
    https://bad.cards/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bad.cards/
Redirect Chain
  • http://bad.cards/
  • https://bad.cards/
8 KB
4 KB
Document
General
Full URL
https://bad.cards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deb5d57ccba8c07150c68ec992233a5aa1e68db8ae166b647109510b2761192a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86fc373efafd2be2-FRA
content-encoding
br
content-type
text/html
date
Fri, 05 Apr 2024 20:16:25 GMT
last-modified
Thu, 11 Jan 2024 02:16:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OL5AOl2x4h2PnopVBCbp%2FoACdaTtI9kpWZn%2FgRDHp2QwAsgUyTKsN1kasra9tsQs2apSRKoZMOS4YPjwAG7FW0DjlOqIsd5g7%2BUDiHqUZFL8DhwNOAhLe8LUccOs6F42BNIV%2Fd7JyA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
6kKzv9aQtK4RzbgM9+6OKA0ls45J/bx4ykS+M17MY74+f8xpRn1Xw0XjY5ixAiiSo/zAO8lOS8w=
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5
06c0fee69673dd16e8cfb093613fd9ed
x-amz-meta-codebuild-content-sha256
35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
x-amz-request-id
P1NBE8TNH85QY68S
x-amz-version-id
CaIP5OZ4ThxfHhT9shKVkO7jiGnUTHi0

Redirect headers

Location
https://bad.cards/
Non-Authoritative-Reason
HttpsUpgrades
klaviyo.js
static.klaviyo.com/onsite/js/
4 KB
2 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff9fd0d32d5680811f5bff4d5cb431320270779077ca5cfe1a87836de89d15a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; object-src 'none'; report-uri /csp/

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; object-src 'none'; report-uri /csp/
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Fri, 05 Apr 2024 20:16:25 GMT
age
153
x-cache
HIT, HIT
content-length
1180
x-served-by
cache-lga21927-LGA, cache-fra-eddf8230074-FRA
server
nginx
x-timer
S1712348186.755281,VS0,VE1
etag
"611a8baa50f696608b563ca741103e6b"
allow
GET, OPTIONS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-language
en-us
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
content-type
application/javascript
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
1, 1
logo-small.png
bad.cards/
43 KB
44 KB
Image
General
Full URL
https://bad.cards/logo-small.png?2
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
410ef933fcf7e164fd4d087bfbf65f43d1e55d17526a6d3496698a7911474771

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:25 GMT
x-amz-version-id
qm3yrBkj0Z.ATBrPYhBIT9CvLxSxr18y
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6513
x-amz-request-id
GSVKXMF9G13CFFFW
cf-polished
origFmt=png, origSize=84701
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
content-disposition
inline; filename="logo-small.webp"
x-amz-meta-codebuild-content-md5
06c0fee69673dd16e8cfb093613fd9ed
content-length
44042
x-amz-id-2
ykrNCvd2OI1eA5JyZ2DVOKrR+2HgSQ+IM6ZRsYM09fGSC8FXqgFRiXrdtJmU/KXrK0MumTtxLvI=
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 11 Jan 2024 02:16:36 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"2cbdcb10271e7175ee6cb9774c7a44cc"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hy3axA2fglqVaa6ydbj8eKCE6hbRc5YXrnzUUZ9TweObgzF5UdnoNslY5ELuICFlzayhnDEvsM94%2Bnor7qyiYLotsH34lBRH9pZrfyr4%2BFlJLBt5vIAEZGr6gPWvDgIVDxToV38%2FxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-amz-meta-codebuild-content-sha256
35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
accept-ranges
bytes
cf-ray
86fc3740bad74d59-FRA
css2
fonts.googleapis.com/
2 KB
840 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Spline+Sans:wght@300;400;700&display=swap
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
127bb164c943645ec093dcffaf9e8e9a4c6eea16845dcdde53fcb1d150e6692a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Apr 2024 20:16:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Apr 2024 20:12:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Apr 2024 20:16:25 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
143 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a04dad0e19fce11c93e5b1664341dc181fd2b3ad321b617c8af865d40fdd9153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50845
x-xss-protection
0
server
cafe
etag
7209674149824515238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 05 Apr 2024 20:16:25 GMT
cast_receiver_framework.js
www.gstatic.com/cast/sdk/libs/caf_receiver/v3/
344 KB
90 KB
Script
General
Full URL
https://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56fd2c12fe2b5236053f10d190c3b7c89e55b7534c91a4451824b203c2a155dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:25 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91319
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 21:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Fri, 05 Apr 2024 20:16:25 GMT
main.5bc16e45.chunk.css
bad.cards/static/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://bad.cards/static/css/main.5bc16e45.chunk.css
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
275cfaaa9a9c31fe14a1c842243be14d237cb34e2871813b2a22797dd70fd297

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:25 GMT
x-amz-version-id
Wgpb93pEOIXlZ5LEOaiHHRAMmmAwpeeV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6513
x-amz-request-id
EC1G936DC72QE3DP
cf-polished
status=cannot_optimize
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5
06c0fee69673dd16e8cfb093613fd9ed
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ZVmOjwMxh0x+zexEDfmH4xBDKD/FRQf4AAvMI/aIoa8T2CHxcaQupl5YkJZ0B+ahvpeNYTZ+w/c=
last-modified
Thu, 11 Jan 2024 02:16:45 GMT
cf-bgj
minify
server
cloudflare
etag
W/"723f4df00015f5bfcd6c608ca1756910"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BH48yStluvY%2BimCo86bz0GoIQynJ7wPmfWFxDsxnCpuy%2FoO79cZgyHOx%2B0M78Bup23MDyQWXPDyTB%2BXaKXvk3%2BMPkdSL9j%2F0TPnvh8bqL57qdoq%2FYAYP87mWdZ1iMLFuSZ0%2B%2Bzh5Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-amz-meta-codebuild-content-sha256
35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray
86fc3740bad94d59-FRA
7.76afe3d5.chunk.js
bad.cards/static/js/
1 MB
380 KB
Script
General
Full URL
https://bad.cards/static/js/7.76afe3d5.chunk.js?bv=1704938194264
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58b3c1bc6754d998f93916a5299eaa865a666b89544b320acd6c45bedbc2e754

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:25 GMT
x-amz-version-id
.q4byC4eAC40v.Nie9QGfHsntX1618UY
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6513
x-amz-request-id
PAD9Y64PRXXP796Y
cf-polished
origSize=1379277
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5
06c0fee69673dd16e8cfb093613fd9ed
alt-svc
h3=":443"; ma=86400
x-amz-id-2
u6bxf5uBlmfyEKlKlkoBf0c3syT4RmXlkAtU9e5/l/YuIFkglPXt3ZDfhMv6qIbm0DXJsh9guzw=
last-modified
Thu, 11 Jan 2024 02:16:39 GMT
cf-bgj
minify
server
cloudflare
etag
W/"21c51dc888b501911966bf9973c7ff89"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7aXeHTNeRj9WYvBtK3TMbTXsZfHTvrfc14D4Pe1e%2BHgql1ZiuJ8G6zFcskyeYZVcUc12euHFp4dAPYHJn43wjOFgWqTPtEQRQ8Hy6rDTavcLMS391R0IKGUILNBskOBpZahY89PDOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray
86fc3740badc4d59-FRA
main.76afe3d5.chunk.js
bad.cards/static/js/
187 KB
49 KB
Script
General
Full URL
https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668bec4f01c3a975859c827b47a3914395dc8014717ba669ff9a824d1f0b490d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:25 GMT
x-amz-version-id
W2t3UnYVlPAFZWl82Xn8QgUo3rWZ0pOg
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6513
x-amz-request-id
GKHS0DKVYN2P1NV4
cf-polished
origSize=191461
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5
06c0fee69673dd16e8cfb093613fd9ed
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9qZmO3qlVYFm8lwQKnOA9xBRXLxV7Xoh31h0yq0djtHr3CBLIhL/LbR4sFOqk9UarLaJtaQHDPU=
last-modified
Thu, 11 Jan 2024 02:16:33 GMT
cf-bgj
minify
server
cloudflare
etag
W/"89d6aeaaa1044f1174273a1c11b3881e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mt7MOdsxHdrqPQsN5XFAJknCVG%2FI2zrUBqhL1erE49L9E50h6%2FXjE4jp5nGL5CvLSu8A8Url6ZKNEVIXhQxHWV92LtP2WwPvAI27H1lzPc%2Ba9sgJrpIFe%2BxI0Iz61CswRsT4qUjQog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray
86fc3740badd4d59-FRA
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:25 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
86fc3741c8909f22-FRA
gtm.js
www.googletagmanager.com/
123 KB
48 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M5VR86X
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b8145d963ea9563a306180e00f437bec637fcbfeb62220f20bb39b0f794c9e25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48305
x-xss-protection
0
last-modified
Fri, 05 Apr 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Apr 2024 20:16:25 GMT
refersion.js
cdn.refersion.com/
31 KB
32 KB
Script
General
Full URL
https://cdn.refersion.com/refersion.js
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-88.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9ca1f96ff7ba29afd8520b80dbff93a386d205d07c6be3025fd17c1208108b5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
.z6Ij8RKlWu7_TjQFcP9teRjS.tAjstL
Date
Fri, 05 Apr 2024 04:54:48 GMT
Via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Age
55723
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:441910979855:build/Refersion-Tracking-Build:73628c93-f755-4b3d-8d5c-a1ebdbebadc0
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-codebuild-content-md5
91ec5cf5fda69cb6cd86040e2dd38391
Content-Length
31724
Last-Modified
Wed, 22 Feb 2023 15:36:53 GMT
Server
AmazonS3
ETag
"cc3f66d9f13a349a59672074e6354f8a"
x-amz-meta-codebuild-content-sha256
42d26243f1280db4b5fe4f14da9a93e79ee5c40ecaa56e39403c9417ef85fa11
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
Iwvo-4AM7P3-MkIk2axuBMAKoFuZj8TdoFYCuXZO08FZr9gq8fqrTw==
fender_analytics.8ee3a48d91bbcbc2f4a6.js
static-tracking.klaviyo.com/onsite/js/
31 KB
32 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/fender_analytics.8ee3a48d91bbcbc2f4a6.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e56d9f0ff4291aab14a84849e87ae705ea5b5b1510f4b09b1b56b152943d0ec0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
zem0vxxqApxdCa9IYRuz9.uoEXIdR8Rl
via
1.1 varnish, 1.1 varnish
date
Fri, 05 Apr 2024 20:16:25 GMT
x-amz-request-id
23WQXE2MMR649CNJ
age
158
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
31729
x-amz-id-2
1zF8fn87IvFg2MJZ0zla3tPZ5f7A8dZR5SlScOyFERfpaii9ZpkxWL6F8I32Jw/8I7HJf8vCXK+zRmpCAUUt2lCD5b0X1aWI8XAidBKU2bU=
x-served-by
cache-lga21936-LGA, cache-fra-eddf8230034-FRA
last-modified
Mon, 01 Apr 2024 18:44:38 GMT
server
AmazonS3
etag
"6a54019812c61c48794d3e0e96705d52"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
b192f6f4e541671d3524661dfb849f1973088be3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
6, 133
static.500134348b1f0969ffe3.js
static-tracking.klaviyo.com/onsite/js/
2 KB
1 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
2L_.X11dgB5ItJdIxOLpsdUl7RuAaHwi
via
1.1 varnish, 1.1 varnish
content-encoding
br
date
Fri, 05 Apr 2024 20:16:25 GMT
x-amz-request-id
F82JVRQFRQE0D0ND
age
158
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
1029
x-amz-id-2
XmO+iStmg5njyuMH7vXkQdM03SQBJDOIcVKuFvHQmczFeeUes7JtthO+XbG+RcAUTnJlfLyP1tUWCT8PTcmHv+9kgXg+SY0S
x-served-by
cache-lga21976-LGA, cache-fra-eddf8230034-FRA
last-modified
Wed, 27 Mar 2024 10:30:34 GMT
server
AmazonS3
etag
"64de10774c3382fe4adddab07ea17f0d"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
2825b63e6933b08d1be25eea4d99ad73625b8faa
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
3169, 131
runtime.cd0390bc8834d4734474.js
static.klaviyo.com/onsite/js/
20 KB
9 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/runtime.cd0390bc8834d4734474.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bddb12725635bd402420c6b997100f34ec54ba23c17ab0f5a938884d206bb85b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
6AxkjEF4Io2Xk3NeeBr9cGONnNQ61i1a
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Fri, 05 Apr 2024 20:16:25 GMT
x-amz-request-id
PHG5X13D61XDCTDK
age
158
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
8222
x-amz-id-2
JiKFSBL/W3oQSz8fxT+ZNtXPxlMSUnB1RAy1Y6JfR4gsvrATA5oGAp9/Vpm93Ta2ul8eZilB/xw=
x-served-by
cache-lga21963-LGA, cache-fra-eddf8230074-FRA
last-modified
Fri, 05 Apr 2024 16:41:14 GMT
server
AmazonS3
etag
"e0837319bda95a06788979a2e28623fc"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
47c31726158dd75e381ee5f104cd5a5e09778bc0
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
103, 159
sharedUtils.f9545b047531d295d153.js
static.klaviyo.com/onsite/js/
44 KB
18 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.f9545b047531d295d153.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0db7e9ecb5521298403292e544c9d589ca605178345ec608b920ade214bc5d9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
0E5iv79jKIfl363bn.V8l8ym.UbmDXzG
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Fri, 05 Apr 2024 20:16:25 GMT
x-amz-request-id
EEGZ7PNT1AHJ99YK
age
158
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
17955
x-amz-id-2
12XOAgASWKL+x1JiahjKPRnsjPVUy3OmRpJd0ifHBv/SGURC8JolyBs4LQakMP0YgGUQu1Wg7iQ=
x-served-by
cache-lga21955-LGA, cache-fra-eddf8230074-FRA
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"d735299a5562e91df2c84100415085e9"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
16, 145
vendors~signup_forms~onsite-triggering.ba8577cded4f82f41b4c.js
static.klaviyo.com/onsite/js/
20 KB
8 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms~onsite-triggering.ba8577cded4f82f41b4c.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ebed3b028151175ddbdb2ac46ca52fc7a72d55359bc957c9b9c2705c1448719

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
vJM4obSNKo7d1l_Qj32_Kc12tVwTdbDL
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Fri, 05 Apr 2024 20:16:25 GMT
x-amz-request-id
737HJ4AY9023RMEF
age
158
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
7593
x-amz-id-2
wJbd0xMmn9gvcDA2dW2fAlTqb0P1uhB+WJoMbh+GSyEce14q8k/DZ2m0xyYBU8qPAh7brEdeRa8=
x-served-by
cache-lga21920-LGA, cache-fra-eddf8230074-FRA
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"22aed99ec57b7723369b1e2785344f4d"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
3, 106
vendors~signup_forms.e707d6d405eecdf67185.js
static.klaviyo.com/onsite/js/
12 KB
5 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms.e707d6d405eecdf67185.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb8d8f1ac92076838afbc5d039b1f60ad83c1dcb38911112059afeae7dc4583d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
NyoJ.PbPtdqkfw1ok_ITaKHbGZHmBL_7
via
1.1 varnish, 1.1 varnish
content-encoding
br
date
Fri, 05 Apr 2024 20:16:25 GMT
x-amz-request-id
KCS2Y2MF4W7NGSM2
age
158
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
4477
x-amz-id-2
ksRJyborcvEKcUVMwra4MYAvr6CNXX5LGoiU/7d5OoOi8oZ0PKEn+I+JUEdhZq6SAqRi02O+Yjw=
x-served-by
cache-lga21965-LGA, cache-fra-eddf8230074-FRA
last-modified
Tue, 05 Mar 2024 10:16:16 GMT
server
AmazonS3
etag
"05af735bb01844f826e4e4e8be8d4529"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
d0ac5e70721923ec18d069e26d6e5553132c8a55
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
15784, 104
default~signup_forms~onsite-triggering.f802a18932c79492ad38.js
static.klaviyo.com/onsite/js/
30 KB
10 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.f802a18932c79492ad38.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
381b37762970831071baa2916dcb4008f0039de83e6db97e20085b3c61daff54

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hkhLs7snry3bW.iw6vDwpMmSK4exV12i
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Fri, 05 Apr 2024 20:16:25 GMT
x-amz-request-id
EEGR8HV5Z9Q4JTEF
age
158
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
9596
x-amz-id-2
Nk2zcsSBCfVYzMmlXCoL07OC9m0gyM1yDBAqEQ3NgMnRHjU7j8yVXKwPMrx576I+hbYMUL/KA6w=
x-served-by
cache-lga21950-LGA, cache-fra-eddf8230074-FRA
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"d34d9221f78489a21a7b023ac739adae"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
81, 102
signup_forms.e907cf146b8fbff6c714.js
static.klaviyo.com/onsite/js/
14 KB
6 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/signup_forms.e907cf146b8fbff6c714.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=U5krLA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6352f53b0044b69d6b0221ec9eb003c9580f0cf2a948eb5b7a62c07274d8da03

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
LyuaLAJ2VJRTB59gqgqtocHzM.ThyCYZ
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Fri, 05 Apr 2024 20:16:25 GMT
x-amz-request-id
A4X0VA9Z98V8BRZD
age
158
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
5550
x-amz-id-2
1Pl5PRFqo/F7Vt8PqfeY9BO3X43n/EiNAg4fUS/FUtRpy1f7qU+BKT+NOHCHv7DVzfx4b42auk7DTfbCJL1dIQNyySsm6qWqrK5fqDxZXis=
x-served-by
cache-lga21954-LGA, cache-fra-eddf8230074-FRA
last-modified
Fri, 05 Apr 2024 02:03:57 GMT
server
AmazonS3
etag
"cf0fdbdea33b233d8b202bf38a6b11d0"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
1ed2f21b04a2b6bd7961927550d0ac149c38354d
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
56, 113
loader.js
wisepops.net/
0
0
Script
General
Full URL
https://wisepops.net/loader.js?v=2&h=zkQm27zoAD
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2246
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FvDUX5Ish7NaQS6J80uAOMCmgxHhUmOaCaOaViRRRLMxzOHrxzQOQdIELf0qYFBMhGDN5f0DbY4C%2FqhmcQWddWYET7DBaCFpyloTZEEXVk4vdp153XPurDPvU1yD5qbbKWWm7vzD%2F3B%2BJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1800, s-maxage=3600
cf-ray
86fc3741fecf9a21-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50845
x-xss-protection
0
server
cafe
etag
8187638363202101943
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 05 Apr 2024 20:16:25 GMT
js
www.googletagmanager.com/gtag/
321 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/7.76afe3d5.chunk.js?bv=1704938194264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b60b7ef70b0e4e2073a9d7b201b49e0da3b6d4f6118f734c05cf34e548ad850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 Apr 2024 20:16:25 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50844
x-xss-protection
0
server
cafe
etag
5485391936237969627
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 05 Apr 2024 20:16:25 GMT
v3
js.stripe.com/
600 KB
147 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/7.76afe3d5.chunk.js?bv=1704938194264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-108.prg50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9202078f8f1ee61be302823d733cba0a78021842ad10e8343bc7d44f54b01ea5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
br
via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
58
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
last-modified
Fri, 05 Apr 2024 17:48:40 GMT
server
Cloudfront
etag
W/"243d6a4b0cdf5955b586c687459f9f1e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
ZPeXigXYkz2UbTCqkpAei6RM-GwzWQdu1SGBnC1mzDO1BcAP_UNkAw==
logo.svg
bad.cards/
27 KB
12 KB
Image
General
Full URL
https://bad.cards/logo.svg
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f29ae1e4ea8c2af076975dda7f1d30b835973963e68f94ae3d347247e3192d2a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-version-id
tvZ6F_0HofwhbEBZKgWDk3oWFHgPqxjW
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6514
x-amz-request-id
EC1V4PXRX4GXJ4Y3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5
06c0fee69673dd16e8cfb093613fd9ed
alt-svc
h3=":443"; ma=86400
x-amz-id-2
MMFAW9T6wa4leVxWjSgVH3/qm8MowjzmHgGXq4U91ztbfsd4KI5mBoPWEZDLBIBW6f1Kehn/tCA=
last-modified
Thu, 11 Jan 2024 02:16:46 GMT
server
cloudflare
etag
W/"ce686602e46d8ce390da2835b7381d12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0z4hsBpptmOW3A8RcYAmCMaf7s%2BcetdTp6YMgZRhC8ExvK7KpGXLmYezGKpM%2BMwOC6suk6CtOA47wENNaj9rpEK%2BC1inlMLllyoDAK1pJonswfz0g0Y5DhpiTgbwATm9rlezIQT%2Fgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-amz-meta-codebuild-content-sha256
35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray
86fc37427d0d4d59-FRA
logo_arc.svg
bad.cards/
53 KB
16 KB
Image
General
Full URL
https://bad.cards/logo_arc.svg
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3779eac43cd022cc885fac931dc7264461205946e9cd0714877fcafe5cbc18dd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-version-id
ypKJ2ZrWD_6qcJHUkf3iA6_5rGXiurSE
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6513
x-amz-request-id
KQRVEQ1YH7G3TEPP
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5
06c0fee69673dd16e8cfb093613fd9ed
alt-svc
h3=":443"; ma=86400
x-amz-id-2
7UzGF/QtGokkNgfX3vgni8HkbQQ6+jDjJ1s6l/Dy9VWLSTpOwKC/k+9AVKhvcvPuQqjfbphPSeg=
last-modified
Thu, 11 Jan 2024 02:16:29 GMT
server
cloudflare
etag
W/"23913e44ce3cac92f14b931b1b35239c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qsKn0kX9DQFVgak%2Fk7Oszngk385%2BBTfJ7GVGz7clOB0gYadwijqkaPPcH9vzFhSkCHhNNy9e%2FiFDAlrdWZQrI0039wYDPXTFsHJwmEJ%2F1dEWt7o3CDYHKA73mzUW5GYJaZO0jSnkDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-amz-meta-codebuild-content-sha256
35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray
86fc37427d0f4d59-FRA
Stacion-Regular.45ccf7d7.woff2
bad.cards/static/media/
17 KB
18 KB
Font
General
Full URL
https://bad.cards/static/media/Stacion-Regular.45ccf7d7.woff2
Requested by
Host: bad.cards
URL: https://bad.cards/static/css/main.5bc16e45.chunk.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6433bb29063bf8ef44e9e8ca2037b3098cb815a7edc999d89508b5fd33f7aff9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/static/css/main.5bc16e45.chunk.css
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-version-id
iUzjAp9LuK.gPiN.mZoWMcpeRiIyN256
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2906
x-amz-request-id
EC1HTJXQ4MZAMPMV
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5
06c0fee69673dd16e8cfb093613fd9ed
content-length
17856
x-amz-id-2
LghTJ5Dm0BypbXFJVWuhOnSMwT0HfGu5WgQ5LqSacKBauBKPl5o9QUJ2T7OMvDEnn0+neKul2pM=
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 11 Jan 2024 02:16:40 GMT
server
cloudflare
etag
"5d224e4161755db286840003ed42e7b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=237%2BLDuIeqou8qgfhQidnYOxgGqKzNqKbcsZjWGb8xROSwhiPXbcu8E%2BfKhKLc64HEMHg0IWlBR6eY223I3xn7QVhB%2Fnc3tmTxA2RA7xENyucJRcJns9szMzYw9y%2FLaHrfSpNtfuQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
x-amz-meta-codebuild-content-sha256
35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
accept-ranges
bytes
cf-ray
86fc37429d2e4d59-FRA
GinJus-Regular.39fa2588.woff2
bad.cards/static/media/
15 KB
15 KB
Font
General
Full URL
https://bad.cards/static/media/GinJus-Regular.39fa2588.woff2
Requested by
Host: bad.cards
URL: https://bad.cards/static/css/main.5bc16e45.chunk.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f981d45f43f1c90fd39472e1ed4648205e69ffecbab12cc93eb057ca87276dce

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/static/css/main.5bc16e45.chunk.css
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-version-id
PTXQDYwq88fgCyGt0lqVrsRqlfBQhd1w
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2906
x-amz-request-id
JHYSZ9KR8FW94GGZ
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5
06c0fee69673dd16e8cfb093613fd9ed
content-length
14900
x-amz-id-2
h8LLgTH1/fawczBjS2x0hscuesMtphbI62c4q8MWzxC5Jh+Wxi+mv8VyyKFkekolke3F8wGFaZE=
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 11 Jan 2024 02:16:43 GMT
server
cloudflare
etag
"5666a64ba782c7af26eb499815c058b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z1Y88T5l48X1KhPt0SRNO6uH1FI%2FSKoiAG6JPiOIyjRtB8V93wIEwBNwjMGyjXPEclO5BRzPxDTQWPPQ0%2FTZ7bjt7yLp1q4twvYIDWJWXSBbKftUXVuln4%2BhqyqqJhoveGK%2FGgpGMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
x-amz-meta-codebuild-content-sha256
35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
accept-ranges
bytes
cf-ray
86fc37429d304d59-FRA
_6_7ED73Uf-2WfU2LzycEbAimC0.woff2
fonts.gstatic.com/s/splinesans/v10/
56 KB
57 KB
Font
General
Full URL
https://fonts.gstatic.com/s/splinesans/v10/_6_7ED73Uf-2WfU2LzycEbAimC0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Spline+Sans:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e77f48d11c58959d5129845bf10ce5cc3fbcfb502b8c0fa690946011927d48a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 01:36:26 GMT
x-content-type-options
nosniff
age
326400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57612
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:59:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Apr 2025 01:36:26 GMT
get-auth-urls
api.bad.cards/auth/
978 B
979 B
Fetch
General
Full URL
https://api.bad.cards/auth/get-auth-urls
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5902b67d28fe517d70224df925277f1d518dc44d1033844e9e0ccb3f353a8be4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"3d2-2A3g8Efh8eM5H7V9SAsg2WXVs40"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Met1fbHTQIF4r0ZjFtlII%2FRXl0wHEk578ThAxETUj9OheoCrrUEmNVgiZw5hWF7uEUHoFfo2sabwraoZDGF2fNgB30vrRhPRjT%2F14iwlFyyhw5EnRWY5DKqglC2zQxDfUdO2mvmWBBcK118%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bad.cards
access-control-allow-credentials
true
cf-ray
86fc3742efd18f36-FRA
alt-svc
h3=":443"; ma=86400
data
api.bad.cards/api/user/
118 B
605 B
Fetch
General
Full URL
https://api.bad.cards/api/user/data?authTypes=patreon
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a832dc33fd579bba19294511e037b6fa99f01e211eddc9fd11b355bb5c1fbfd8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"76-8ocUVIEYJo7HzaWn50eEi3HQvlo"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xzr4sxf7DVpLErCPnA%2FL1kYFAo54eQs9dYWekxugYSH3Vqd%2FKqN0fe1DuiuHit4lmGu%2BrnuvpW5CeNfFOWu72RS3wb%2FguVVH4OYuJbojrDQMtUWMRRF5MNP5gvuyMIivV6R5NkljZqsiL30%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bad.cards
access-control-allow-credentials
true
cf-ray
86fc3742efe38f36-FRA
alt-svc
h3=":443"; ma=86400
get-auth-urls
api.bad.cards/auth/
978 B
1 KB
Fetch
General
Full URL
https://api.bad.cards/auth/get-auth-urls
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5902b67d28fe517d70224df925277f1d518dc44d1033844e9e0ccb3f353a8be4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"3d2-2A3g8Efh8eM5H7V9SAsg2WXVs40"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opO%2FkN%2BoMVR%2FIPI%2BTO3lIvaforcBCR%2BnfXAYSptZR8tpi%2BUq8aWa7gRPipAOENuIDYaLBf92r8sXbW%2B8KbDUefQY7j3uwQpRsfI93AT9BlJqpyrAbl5Tf0XST%2FGK1QWhxkzKIOweHjdscRs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bad.cards
access-control-allow-credentials
true
cf-ray
86fc3742efdf8f36-FRA
alt-svc
h3=":443"; ma=86400
homepage-faq
api.bad.cards/api/content/
9 KB
4 KB
Fetch
General
Full URL
https://api.bad.cards/api/content/homepage-faq
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
efb0dc0e4239ea59c90a3d465578a66bff9d9372cba852d5fdaa7a4c46ecbb72

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"22b2-I7v20HWurRkInIquKbFZzvbUCOs"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kqLWpvf8q3Z%2F0W8BIZANJjm0FyNmLQaugIaatlhqOm2XDb5FbnLzqE66tX2JuA1qjfEl9Noo%2FQ%2F%2FE721T3w5c6SBIbBxtp%2FUNhzq0w6q7oUbKUvGHS7dTprIdW0uC13d3qC590s0TUwF%2FGI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bad.cards
cache-control
max-age=295
access-control-allow-credentials
true
cf-ray
86fc3742efe48f36-FRA
alt-svc
h3=":443"; ma=86400
upsells
api.bad.cards/api/content/
4 KB
2 KB
Fetch
General
Full URL
https://api.bad.cards/api/content/upsells
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
726558ff0910cbe12ec98afcec56d49b360a0cfd8c803931f579b1889096788d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"e08-3gEjGlWLWqQvOa8UPQD3ZtrMB8I"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nvCsSXE287kfIQ7HJR3W5tjRn1n3rR98lp8%2FsBzkRwlrrMxVoIH8yuZPPYzPdjpobr%2BHSVWVjKF9WO2Gu7EWp3kOHhESmiIdrdwdOSKMmySxjbdT0SZuQSQCPKGitJz%2Betymc1WNnvyEdo8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bad.cards
cache-control
max-age=252
access-control-allow-credentials
true
cf-ray
86fc3742efdd8f36-FRA
alt-svc
h3=":443"; ma=86400
homepage-faq
api.bad.cards/api/content/
9 KB
4 KB
Fetch
General
Full URL
https://api.bad.cards/api/content/homepage-faq
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
efb0dc0e4239ea59c90a3d465578a66bff9d9372cba852d5fdaa7a4c46ecbb72

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"22b2-I7v20HWurRkInIquKbFZzvbUCOs"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=crzvhJMujsRIOspUtpwiEPWo6R1%2FrvtRQX8bP%2Fbi5LArndXeXTQ%2FWasz%2FMtyqZczhFkEO2uqFpAXXVmtcc4Xo4Ucd20STwMMWKgjO7S0BomjfLCPRLQM7O89oq%2F40Ki%2BgksH7aX0DIu4fsc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bad.cards
cache-control
max-age=300
access-control-allow-credentials
true
cf-ray
86fc3742efd48f36-FRA
alt-svc
h3=":443"; ma=86400
homepage-faq
api.bad.cards/api/content/
9 KB
4 KB
Fetch
General
Full URL
https://api.bad.cards/api/content/homepage-faq
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
efb0dc0e4239ea59c90a3d465578a66bff9d9372cba852d5fdaa7a4c46ecbb72

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"22b2-I7v20HWurRkInIquKbFZzvbUCOs"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WnFfcl%2FMTx64fGO0RkuwpC3T53JFvy03xwThWoPLh%2BoVrnybCpyKk1Ea30iTIzKOia1dAies4Xy8XZsGC9sea0dizo4zTvWmDxwcWBdwG0ma6w2WzWqtqW1dvC2MqWFUjV7WfoEGYtPYG1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bad.cards
cache-control
max-age=177
access-control-allow-credentials
true
cf-ray
86fc3742efd78f36-FRA
alt-svc
h3=":443"; ma=86400
register
api.bad.cards/api/user/
341 B
1 KB
Fetch
General
Full URL
https://api.bad.cards/api/user/register
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d81664a317af1e92c1c73910e468b785ea0a216bf94ae5b118f405e0ec4de47d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"155-kfODw3obYmgDafutug1GZn6xE2k"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AhqdxSyz%2B6e2bDGNMVckz%2BGQy11Md5anKqnMSjn5o%2F9GYyjy02a95qrqrcEPhLcAkgbGwQPFpEowA4pwa%2FuJxgj%2FQ636vF8%2FrNuZOYYKumwPWmcbD%2FSiv6iHbIwfpQNvQGZMhlPGtrk1RJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bad.cards
access-control-allow-credentials
true
cf-ray
86fc3742efd68f36-FRA
alt-svc
h3=":443"; ma=86400
packlist
api.bad.cards/api/product/
51 KB
12 KB
Fetch
General
Full URL
https://api.bad.cards/api/product/packlist
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3efc750dc0d6c4e1387bd4e2aaf82f5c985a16175d991a3cf51cd2cd1fbb7e39

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"cc0f-5ba592HubvV63NztK0tmcviirfU"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yifsWVFQFB3A%2FHb04f6HJTCfkR4OrBGtDWiXx4gBGR9tGKPgFBPiiw%2Fqs8DZEbCQ62tlnNMSVigPMgrFYRlLUQnlnHcAh7DfEEIMZykF3WUZ5mMxeVzq6LM0KQ4d4T9hXc1%2Fly3oih0e6RU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bad.cards
cache-control
max-age=15
access-control-allow-credentials
true
cf-ray
86fc3742efda8f36-FRA
alt-svc
h3=":443"; ma=86400
recorder.js
web-sdk.smartlook.com/
6 KB
2 KB
Script
General
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/7.76afe3d5.chunk.js?bv=1704938194264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
940d2763649c3b1e083d8eacf0fdc090739ac6cba62e35b41ad8b7231f19cb7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 05 Apr 2024 20:16:26 GMT
strict-transport-security
max-age=31536000, max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
x-77-cache
HIT
x-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
356
x-accel-date
1712347830
x-77-nzt
EgwB1GY4tAH3ZAEAAAwBJRPCMQH3AAAAAA
x-accel-expires
@1712348430
x-77-age
356
last-modified
Thu, 04 Apr 2024 14:07:14 GMT
server
CDN77-Turbo
etag
W/"660eb412-17d1"
x-77-nzt-ray
6d204d11358f5f131a5c1066085e6e03
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/
406 KB
138 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3525646721011012&plah=bad.cards&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9273b17678b1844a9388b1077b748e017772a47ea330a4af6810e390bb0aca10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141028
x-xss-protection
0
server
cafe
etag
9123843154624848812
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 Apr 2024 20:16:26 GMT
onsite
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/
1018 B
2 KB
XHR
General
Full URL
https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=U5krLA
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.e707d6d405eecdf67185.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b04730f497e464c0e7e3d447e727c7cca49b1646d5460c748a06ca34c5886b77
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
Strict-Transport-Security max-age=900

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
via
1.1 varnish, 1.1 varnish
date
Fri, 05 Apr 2024 20:16:26 GMT
strict-transport-security
max-age=900
age
5661058
x-cache
HIT, HIT
content-length
1018
x-served-by
cache-bos4665-BOS, cache-fra-eddf8230035-FRA
server
nginx
allow
GET, HEAD, OPTIONS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
max-age=10
access-control-allow-credentials
true
vary
Cookie
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
474, 1
full-forms
static-forms.klaviyo.com/forms/api/v7/U5krLA/
28 KB
6 KB
XHR
General
Full URL
https://static-forms.klaviyo.com/forms/api/v7/U5krLA/full-forms
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.e707d6d405eecdf67185.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7e8f43ea6f9a843c7ec115ab499426387e8eef347f706d43dbe1cae08085bba

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
yq2CBIHe2OSl_e8P9BsWCvXX3XVAn33V
content-encoding
gzip
via
1.1 varnish
date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-request-id
0NKMFB088FQNBHAD
age
652543
x-amz-server-side-encryption
AES256
x-cache
HIT
client-geo-continent
EU
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
full-forms/shared full-forms/U5krLA custom-fonts/U5krLA
content-length
5059
x-amz-id-2
hT1YKs4C5ZEw+HF3uYc25buMIqLxVLUwm/ggMnapdwcei0Bq5WcI5yU5sKwFWofsFMf+H8llqtg=
x-served-by
cache-fra-eddf8230067-FRA
client-geo-country
DE
last-modified
Tue, 12 Dec 2023 03:06:06 GMT
server
AmazonS3
x-timer
S1712348186.101434,VS0,VE2
etag
"c603517c0b11a6a6fa049652e8fd9231"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
client-geo-continent, client-geo-country
cache-control
max-age=5
accept-ranges
bytes
x-cache-hits
1
js
www.googletagmanager.com/gtag/
321 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5VR86X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7efb4f446e75cf945807f315730d565f838a7c0d7bbfcb516fc76c1b3bab655
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104202
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 Apr 2024 20:16:26 GMT
collect
region1.analytics.google.com/g/
0
249 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-N3BGZ4J7BJ&gtm=45je4430v897685322za200&_p=1712348185719&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1628806836.1712348186&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dp=%2F&sid=1712348186&sct=1&seg=0&dl=https%3A%2F%2Fbad.cards%2F&dt=Bad%20Cards%20%7C%20good%20games%20for%20your%20bad%20side.&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&tfd=718
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Apr 2024 20:16:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bad.cards
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
249 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N3BGZ4J7BJ&cid=1628806836.1712348186&gtm=45je4430v897685322za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Apr 2024 20:16:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bad.cards
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N3BGZ4J7BJ&cid=1628806836.1712348186&gtm=45je4430v897685322za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=285371018
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Apr 2024 20:16:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/
840 B
511 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Spline+Sans:ital,wght@0,400&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c689c6e9629e3d89c91d49a7b2b64fc9c5f1852a92dd49fc7b096bc5f41849c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Apr 2024 20:16:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Apr 2024 20:16:26 GMT
vendors~reviews~atlas~ClientStore.dd9d02dd9fc376e8dd48.js
static.klaviyo.com/onsite/js/
22 KB
22 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/vendors~reviews~atlas~ClientStore.dd9d02dd9fc376e8dd48.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.cd0390bc8834d4734474.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa03b89682a1f628e945d75327d8d602161b73c35d7159a34e6b2d01af15e4ca

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
6C7lhrktKU3u5IPHM9roxTdlytw_UIq1
via
1.1 varnish, 1.1 varnish
date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-request-id
EVGK2G6WVYBHFBMX
age
158
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
22024
x-amz-id-2
ZNXFuhVpyvWw+YlG1FVFvMcv/ezQyDW80ExPp0nCFcHiYSVUQyuwAG8HyBcCYcNBOs6t2yiexT1vT26dOv5BEg==
x-served-by
cache-lga21937-LGA, cache-fra-eddf8230074-FRA
last-modified
Thu, 14 Mar 2024 14:17:13 GMT
server
AmazonS3
etag
"2f5438508c293a1ad8e8f5b6a6cbd520"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
b9ab7fc041edc96b1db41415ddc0804f502da536
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
6117, 21
ClientStore.09a4a4a2be17d2e8f40e.js
static.klaviyo.com/onsite/js/
66 KB
21 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/ClientStore.09a4a4a2be17d2e8f40e.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.cd0390bc8834d4734474.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34796d1a8932f6c6156e23a5a1de1685e1c04d1005328efad9a9d444a1ce357f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
nrsrDvxlPfUN81vD3xytMy6xoczZo_7W
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-request-id
YAC6B26PH0XQBTTN
age
158
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
20806
x-amz-id-2
rwZnRL70OaURwZMmX4OlfFnda/bIym8LO9F00SWCUhTQhEZAhfMGoeoznr8SRtdyKrAGznsDH4Q=
x-served-by
cache-lga21933-LGA, cache-fra-eddf8230074-FRA
last-modified
Fri, 05 Apr 2024 02:03:57 GMT
server
AmazonS3
etag
"35ae8ef66e6c1b6473031251bf9b7cf0"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
1ed2f21b04a2b6bd7961927550d0ac149c38354d
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
28, 27
init.d85a71feef9721c17040.js
web-sdk.smartlook.com/es6/
62 KB
18 KB
Script
General
Full URL
https://web-sdk.smartlook.com/es6/init.d85a71feef9721c17040.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6039596f0aa6059428c88854822b7defd844baf6ab97b9bad6cbea79d2f0483e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 05 Apr 2024 20:16:26 GMT
strict-transport-security
max-age=31536000, max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
x-77-cache
HIT
x-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
50238
x-accel-date
1712297948
x-77-nzt
EgwB1GY4tAH3PsQAAAwBJRPCNAH3AAAAAA
x-accel-expires
@1743833948
x-77-age
50238
last-modified
Thu, 04 Apr 2024 14:07:14 GMT
server
CDN77-Turbo
etag
W/"660eb412-f9a8"
x-77-nzt-ray
6d204d11358f5f131a5c10664aa22108
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
track-analytics
a.klaviyo.com/onsite/ Frame
0
0
Preflight
General
Full URL
https://a.klaviyo.com/onsite/track-analytics?company_id=U5krLA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bad.cards
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
allow
POST, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
86fc37439e439ba0-FRA
content-encoding
gzip
content-language
en-us
content-security-policy
base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-type
text/html; charset=utf-8
date
Fri, 05 Apr 2024 20:16:26 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Language, Cookie, Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
track-analytics
a.klaviyo.com/onsite/ Frame
0
0
Preflight
General
Full URL
https://a.klaviyo.com/onsite/track-analytics?company_id=U5krLA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bad.cards
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
allow
POST, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
86fc37439e419ba0-FRA
content-encoding
gzip
content-language
en-us
content-security-policy
base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-type
text/html; charset=utf-8
date
Fri, 05 Apr 2024 20:16:26 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Language, Cookie, Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
532.380ba39a81ba3a5f4c4c.css
static.klaviyo.com/onsite/js/
70 KB
9 KB
Stylesheet
General
Full URL
https://static.klaviyo.com/onsite/js/532.380ba39a81ba3a5f4c4c.css
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.cd0390bc8834d4734474.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62b32ad610c9e0bd6308091412c892eae952772be58874adcb79a52e0304db5c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
BllI1rOVMN6TPsBk8xfZwusEc2GaorNq
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-request-id
ENY4PTDHBBHEF7NG
age
158
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
9320
x-amz-id-2
u6pBm1ZX/iGz4bmv3euSkRjDyuPGseO2JBUUqg1VaERh2DCriXAm9QbH9tpIv0Rje1BJTE6jyFY=
x-served-by
cache-lga21922-LGA, cache-fra-eddf8230074-FRA
last-modified
Wed, 03 Apr 2024 02:24:06 GMT
server
AmazonS3
etag
"c8117e8da5b6084b3dd3c91918c496f3"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
55, 28
styles.ccf9eb43fb94f6b4efde.js
static.klaviyo.com/onsite/js/
13 KB
4 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/styles.ccf9eb43fb94f6b4efde.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.cd0390bc8834d4734474.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7570cd8f44031f13f92a393607bab34cedde1d42d3513dfeb8c1e9c693390f0b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
u4YOvN.DBhziRupMNLHlSlohoVjRmp1y
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-request-id
EEGXP0XW5HRRBVY3
age
158
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
4092
x-amz-id-2
uuuLX3jxbT5jsxJejSDwGq8C5/2Zi1Magv6m4goQvJr8BDlHFmYqf92WbJAQXkSF5HoqBJ41b6Y=
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230074-FRA
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"c6c30853a63ebd4a4189fa8dcd359f29"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
36, 28
vendors~Render.17e69248498a31b75f43.js
static.klaviyo.com/onsite/js/
12 KB
12 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/vendors~Render.17e69248498a31b75f43.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.cd0390bc8834d4734474.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb2dbdb316742cbcfe3896917218500775bbe6291a077efac20da890072a0efc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
kijpk2WZNVfPTyGCY6.J.92jHPddWjgZ
via
1.1 varnish, 1.1 varnish
date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-request-id
F38H880TGF0D47CV
age
158
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
12329
x-amz-id-2
UkniJ9Phs+FYnRA6+OUNNsckzqs8pttS01O1TaD4LQGo1t1YDBMF8UVscegAUT4gK9e+byAflo8=
x-served-by
cache-lga21935-LGA, cache-fra-eddf8230074-FRA
last-modified
Mon, 01 Apr 2024 17:28:54 GMT
server
AmazonS3
etag
"88f918f93d174ae883fc6a975f68365b"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
2f519958db1b2158d428b66121692dd10ad6c977
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
123, 28
Render.f4f179584bdecc818dc0.js
static.klaviyo.com/onsite/js/
119 KB
34 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/Render.f4f179584bdecc818dc0.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.cd0390bc8834d4734474.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57a59ee12ac24448c991e60ee6c48237a0222c21259c06c7d4cb11adc8350a20

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
4BHL3gJGqnsGNMsyqVchCxYWAqeCHphS
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-request-id
NW18ZMYKK55DAPX7
age
787
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
34331
x-amz-id-2
FQ1OkowX9t4Ng9WVA2WhyJ904XTRb8ssWniozulapn3cqui+qPlL6p6WSNXeczfBCtwwBMXIJkI=
x-served-by
cache-lga13623-LGA, cache-fra-eddf8230074-FRA
last-modified
Fri, 05 Apr 2024 02:03:57 GMT
server
AmazonS3
etag
"5f883795ec8cb72cfe623a6dd6b90f58"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
1ed2f21b04a2b6bd7961927550d0ac149c38354d
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
2, 29
track-analytics
a.klaviyo.com/onsite/
50 B
363 B
XHR
General
Full URL
https://a.klaviyo.com/onsite/track-analytics?company_id=U5krLA
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.e707d6d405eecdf67185.js?cb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
accept
application/json
Referer
https://bad.cards/
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
content-length
50
server
cloudflare
allow
POST, OPTIONS
vary
Accept-Language, Cookie, Accept-Encoding
content-language
en-us
access-control-allow-origin
*
access-control-allow-methods
POST
content-type
application/json
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
86fc37448f139ba0-FRA
access-control-allow-headers
x-robots-tag
noindex, nofollow
track-analytics
a.klaviyo.com/onsite/
50 B
337 B
XHR
General
Full URL
https://a.klaviyo.com/onsite/track-analytics?company_id=U5krLA
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.e707d6d405eecdf67185.js?cb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
accept
application/json
Referer
https://bad.cards/
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-length
50
server
cloudflare
allow
POST, OPTIONS
vary
Accept-Language, Cookie, Accept-Encoding
content-language
en-us
access-control-allow-origin
*
access-control-allow-methods
POST
content-type
application/json
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
86fc37447f0d9ba0-FRA
access-control-allow-headers
x-robots-tag
noindex, nofollow
_6_sED73Uf-2WfU2LzycEZousNzn1a1lKWRpOFnoFdHk.woff2
fonts.gstatic.com/s/splinesans/v10/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/splinesans/v10/_6_sED73Uf-2WfU2LzycEZousNzn1a1lKWRpOFnoFdHk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Spline+Sans:ital,wght@0,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03daf0d3ed3ef8e1b33495ad462a4611b216bde64fdd0b4c9fdf45b412f6434e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://bad.cards
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 22:36:00 GMT
x-content-type-options
nosniff
age
596426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18464
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:59:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Mar 2025 22:36:00 GMT
controller-with-preconnect-cd57016cc846103d80e81e32624eef91.html
js.stripe.com/v3/ Frame 4DEA
0
0
Document
General
Full URL
https://js.stripe.com/v3/controller-with-preconnect-cd57016cc846103d80e81e32624eef91.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-66.prg50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bad.cards/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
21
cache-control
max-age=60, stale-while-revalidate=900
content-length
391
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 05 Apr 2024 20:16:26 GMT
etag
"cd57016cc846103d80e81e32624eef91"
last-modified
Fri, 05 Apr 2024 17:10:56 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-id
IaX5j3GUqLwWvVvNBU4_CFeInP0Y8levd50QgDj7z5MrnivsUSx6Jg==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
ads
pagead2.googlesyndication.com/pagead/ Frame 4E13
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3525646721011012&output=html&adk=1812271804&adf=3025194257&lmt=1704939388&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbad.cards%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712348186045&bpp=2&bdt=338&idt=170&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5670791805724&frm=20&pv=2&ga_vid=1628806836.1712348186&ga_sid=1712348186&ga_hid=1648254220&ga_fc=1&u_tz=120&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C95329438%2C95329461%2C95329571&oid=2&pvsid=1454398397522672&tmod=1375906108&uas=0&nvt=1&fsapi=1&fc=1920&brdim=50%2C50%2C50%2C50%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=182
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3525646721011012&plah=bad.cards&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bad.cards/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Apr 2024 20:16:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=jss123%20jss126&ign=false&pw=1600&ph=1113&x=0&y=1043.4
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Apr 2024 20:16:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e7440689-4276-493a-bf01-b9c7a2697021.png
d3k81ch9hvuctc.cloudfront.net/company/U5krLA/images/
30 KB
31 KB
Image
General
Full URL
https://d3k81ch9hvuctc.cloudfront.net/company/U5krLA/images/e7440689-4276-493a-bf01-b9c7a2697021.png
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-78.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed7ce521226b0a5bf885c2cdaaf365902cd22c95ab3f7f995ca593a0575daa70

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 09 Mar 2024 14:01:15 GMT
x-amz-version-id
v_UVNVc2ZCZlphiYgekvO83jWsBSGlCv
Via
1.1 92cfe9224b3a51aff944c5d8ac7bf798.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P3
Age
2355312
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
30680
Last-Modified
Tue, 28 Nov 2023 02:26:52 GMT
Server
AmazonS3
ETag
"338ba6e38197616a9a39ec2ead02b44a"
Content-Type
image/png
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
X-Amz-Cf-Id
HlGvu8fkrZQjvh5HTTsFABMDQ1--au8Kc3GhohNr_U0IvMG2E_S3Cg==
32900dcb-b775-457e-87d7-19fc774bf112_dbc39358-0157-4336-a563-409ae03a1baf_HighResGif.gif
images.prismic.io/allbadcards/
57 KB
58 KB
Image
General
Full URL
https://images.prismic.io/allbadcards/32900dcb-b775-457e-87d7-19fc774bf112_dbc39358-0157-4336-a563-409ae03a1baf_HighResGif.gif?auto=compress,format
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
26daaa429de0ba0f2a66941c859f1a30a9daf7a830d260a1016e0075e4604f28
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
x-content-type-options
nosniff
age
1846267
x-cache
HIT, HIT
x-imgix-id
353a31ce6e4136005e1c28f53f88b61a03525df4
cross-origin-resource-policy
cross-origin
content-length
58542
x-served-by
cache-sjc1000100-SJC, cache-fra-eddf8230137-FRA
last-modified
Fri, 15 Mar 2024 11:25:19 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
disc_pink.svg
bad.cards/discs/
11 KB
5 KB
Image
General
Full URL
https://bad.cards/discs/disc_pink.svg
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
544014704e44a2a2dbe171c90a91208a68f6e0470fbed2f3daef43645ee122ac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-version-id
wGfEMdRxR1WnZd37JOWVW4Ehsy7qxP63
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6513
x-amz-request-id
2Y6H9PS53NHYBPZG
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5
06c0fee69673dd16e8cfb093613fd9ed
alt-svc
h3=":443"; ma=86400
x-amz-id-2
mBpH7yx5Bd6yatGL22l0Qbv/CUFidmqd1mvXPB9/08d+HEPbnWY0RunBi224q0ZzX5Nawxhs6uY=
last-modified
Thu, 11 Jan 2024 02:16:47 GMT
server
cloudflare
etag
W/"5dd72d3bd684464635d54fc98c5cb579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Oek3HjXKLFkig3QaLlPfDzF9Sh%2BCriw7S5pCCmTz1oZc%2FJB8tluA3xwlgv7T9pSuxoH6m%2FV45Q3qUxtAuZdUVZn20ap156o2FOcdnLI6mIitSakxHaUGOC6pl3FHTYxjuuUlPEONw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-amz-meta-codebuild-content-sha256
35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray
86fc3744bf854d59-FRA
beta-badge-outer.svg
bad.cards/
2 KB
2 KB
Image
General
Full URL
https://bad.cards/beta-badge-outer.svg
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3c8a4e8fa41a805ab29d9a608fd6432f648677933fa767305177363dbb3571f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-version-id
IqQZZE00i9aSar2mTbtWIIS3zGJ1BUn6
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6513
x-amz-request-id
NNE3PKEVRPEWPCSG
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5
06c0fee69673dd16e8cfb093613fd9ed
alt-svc
h3=":443"; ma=86400
x-amz-id-2
I9P+ee+dgJ7VckLYJPr3bxUMFSwN8uQVFsC8bxjOBZsLLvaMaYetqEcji5Azc21MEqkCpJE5fWA=
last-modified
Thu, 11 Jan 2024 02:16:49 GMT
server
cloudflare
etag
W/"ca17eeadec10de70d61100927e2d5cb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJ1Se0%2Fs9Qkaac1lqzKKgjfdzko1qQhgfOkEAYupPUEAvAc9X0eTlPHllKGAWHx17q3AIk%2FcOhrZWt0dHoy6uiMrR0eDq5YsKYfhwaGGndbMJPhLFdIplVTyxc0Mu5ao2vt5cO8baw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-amz-meta-codebuild-content-sha256
35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray
86fc3744cf8f4d59-FRA
beta-badge-inner.svg
bad.cards/
8 KB
4 KB
Image
General
Full URL
https://bad.cards/beta-badge-inner.svg
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95926ffbdb25e8fb63a6a44396cf79efda083ec5b1861f85324d6cff216e9566

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-version-id
ZDDGzUj7Y3F_wo1yRs8Fj0ZLb5aZ7Fak
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6513
x-amz-request-id
XAY6QHEGBVW3FQYZ
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5
06c0fee69673dd16e8cfb093613fd9ed
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Z9vVAz1QL7zC7AAeMW62QK/FinKhXIWkyiQVc4XqdI6358IBQCnmEOr5+xY7Dycx+V3xt/zo+h8=
last-modified
Thu, 11 Jan 2024 02:16:34 GMT
server
cloudflare
etag
W/"7ee87f6a03b16a4660070059b50e94b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YFVGKgz%2B2MVYeJkVXrjOfMl%2B61stG%2FhnbAHGi2MAv%2FvyzcR%2BDkwcGGbGU2Tr9YOXr429uPTPMHoO6Uaw%2BIGNrx9dNiMjE6gv3%2BJdG71FtQaceh31bWTwdbSJ4hVAjWIcyYv%2Fkj98Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-amz-meta-codebuild-content-sha256
35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray
86fc3744cf904d59-FRA
2meme-all-gifs000040.mp4
static.bad.cards/tomeme/vids/
155 KB
156 KB
Media
General
Full URL
https://static.bad.cards/tomeme/vids/2meme-all-gifs000040.mp4
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9000:18:28e9:8880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a825cc978c972912e65bdc6886b656a41d85241e249667fb8ea0fe385e1f2f59

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://bad.cards/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:36:40 GMT
via
1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
last-modified
Wed, 17 Feb 2021 18:11:36 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
24406
etag
"53fbc390ba2baa460bfc7aab7e437e37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-158869/158870
accept-ranges
bytes
x-amz-cf-id
D-2M_t6YNWcvfUz85lQsndhLtAym6o8b3B-vuZg3uxb9Rq1hMHJ_eQ==
Content-Length
158870
register
api.bad.cards/api/user/
341 B
1 KB
Fetch
General
Full URL
https://api.bad.cards/api/user/register
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d81664a317af1e92c1c73910e468b785ea0a216bf94ae5b118f405e0ec4de47d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"155-kfODw3obYmgDafutug1GZn6xE2k"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kU7Ne6D5QxU1V5GoM98Y0fG6U3erD%2BELFp%2BHFrAX%2B9pYmFKpHblfYF%2Bu3BIhAvhqSnenn44KYaGxxjsWljDQNJx2r2vZW3HgOu2wfx5yYLBxufVanetaqDaZ8xrl7NIeEPgQRdO54LH3b8M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bad.cards
access-control-allow-credentials
true
cf-ray
86fc37452bc58f36-FRA
alt-svc
h3=":443"; ma=86400
packlist
api.bad.cards/api/product/
51 KB
12 KB
Fetch
General
Full URL
https://api.bad.cards/api/product/packlist
Requested by
Host: bad.cards
URL: https://bad.cards/static/js/main.76afe3d5.chunk.js?bv=1704938194264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3efc750dc0d6c4e1387bd4e2aaf82f5c985a16175d991a3cf51cd2cd1fbb7e39

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"cc0f-5ba592HubvV63NztK0tmcviirfU"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=66fVarlz2E9tdGkhhDm8aZHJpV5AOyVFAkaBm4EFkiXKd%2FMveRP3IkWHyOv3wmCls8Ija1LLOAIqzsGrb9fFwiZ%2BlFzvS0n0wsolPLpwv3mDNm4iXlePRbqScVZ9yzIEU7%2BC%2BVlUlSEc69M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bad.cards
cache-control
max-age=6
access-control-allow-credentials
true
cf-ray
86fc37452bc78f36-FRA
alt-svc
h3=":443"; ma=86400
b85dbaa4-e2e9-4be9-b02d-0cec7cd83c92_Backer+%281%29.png
images.prismic.io/allbadcards/
14 KB
14 KB
Image
General
Full URL
https://images.prismic.io/allbadcards/b85dbaa4-e2e9-4be9-b02d-0cec7cd83c92_Backer+%281%29.png?auto=compress,format
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
13b6dc079dea139b1faa4b44e482f9ea6f9a733a33b56d0465d35d0f4665ead6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
x-content-type-options
nosniff
age
49549
x-cache
HIT, HIT
x-imgix-id
ca46171b9b4b63247eadf6ddda3a3928a647f34e
cross-origin-resource-policy
cross-origin
content-length
14117
x-served-by
cache-sjc1000146-SJC, cache-fra-eddf8230137-FRA
last-modified
Fri, 05 Apr 2024 06:30:37 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
a1c688e9-d8d5-44aa-aaea-3c3c3bb16b87_Star+Backer+%281%29.png
images.prismic.io/allbadcards/
11 KB
12 KB
Image
General
Full URL
https://images.prismic.io/allbadcards/a1c688e9-d8d5-44aa-aaea-3c3c3bb16b87_Star+Backer+%281%29.png?auto=compress,format
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
0c04b9547b7987c73e0af8862ae553422d809ccb9f9d4c5643952ec5597d1275
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
x-content-type-options
nosniff
age
1586192
x-cache
HIT, HIT
x-imgix-id
009111a272f7428a5b5dd6498a721d430d7f66b4
cross-origin-resource-policy
cross-origin
content-length
11675
x-served-by
cache-sjc1000114-SJC, cache-fra-eddf8230137-FRA
last-modified
Mon, 18 Mar 2024 11:39:54 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
ad6f72ae-ce08-43a0-bc00-2a578c69e447_Super+Backer+%281%29.png
images.prismic.io/allbadcards/
10 KB
10 KB
Image
General
Full URL
https://images.prismic.io/allbadcards/ad6f72ae-ce08-43a0-bc00-2a578c69e447_Super+Backer+%281%29.png?auto=compress,format
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
86482ba9c114f57815a83a7474a49ca65670367cfea7bbba004991e7f84b2f39
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
x-content-type-options
nosniff
age
340956
x-cache
HIT, HIT
x-imgix-id
926f2a5663e61af023d6ac68de00cd66be961a22
cross-origin-resource-policy
cross-origin
content-length
10244
x-served-by
cache-sjc10028-SJC, cache-fra-eddf8230137-FRA
last-modified
Mon, 01 Apr 2024 21:33:50 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
bad_cards_fill.webm
bad.cards/
670 KB
671 KB
Media
General
Full URL
https://bad.cards/bad_cards_fill.webm
Requested by
Host: bad.cards
URL: https://bad.cards/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0fa6b780967f67a13f45dec19174215745b2adb190f4a76da7c3a72245af4be

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://bad.cards/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-version-id
DXBLVlDkldmVgPQVLCLnggrgSa3v9dzh
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6513
x-amz-request-id
QZSGCRW06FJ7J967
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
Content-Range
bytes 0-685844/685845
x-amz-meta-codebuild-content-md5
06c0fee69673dd16e8cfb093613fd9ed
alt-svc
h3=":443"; ma=86400
x-amz-id-2
TnD9qyx8FWXw9W2yLusT5xNxCqjr0YnbtAYYeBFAmheCwTBH7tvSGXuwmI1Lg5nB05pl14pXrsM=
Content-Length
685845
last-modified
Thu, 11 Jan 2024 02:16:43 GMT
server
cloudflare
etag
"5f5078e19e8bc799b2c5919afe158394"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zlyUkWXJNpzhdeL%2FszmGB2uImu%2F3hLILiCyoF5EhGavZFgW9ClwFYqvfMhcEQ7PdK4BgKXmQw9w6kqy3NB2A0bSkzyOoUwUSrREc7FMuzvxhRk2U9AJZ7ZcUOWyYLRzdo82UVhbK7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/webm
x-amz-meta-codebuild-content-sha256
35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray
86fc374538224d59-FRA
start
tracking.refersion.com/
7 B
379 B
XHR
General
Full URL
https://tracking.refersion.com/start
Requested by
Host: cdn.refersion.com
URL: https://cdn.refersion.com/refersion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:212d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d01709fcd599118652e3b27bd0ca97c802f832183d01f76a034755f2bc62fa3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://bad.cards/
Key
pub_a5fa57787d10daadcf9f
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:27 GMT
via
1.1 6fec3be7392a89a67d860f663eba31b2.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-cf-pop
CDG50-C2
x-amzn-requestid
29de859e-861d-462a-8b7b-2ef9e796377f
x-cache
Error from cloudfront
x-amz-apigw-id
VxNUQF8goAMECNg=
content-length
7
server
cloudflare
x-amzn-trace-id
Root=1-66105c1a-282d39f04325541443510361;Parent=491699b1180834f6;Sampled=0;lineage=473d8242:0
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
86fc37470b48bbec-FRA
access-control-allow-headers
Refersion-Public-Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-cf-id
yCDOQcIpx56zfvYRdXu17E0d8R0qXyKTrGl0XK_FA5VW_oQ-sDugoA==
start
tracking.refersion.com/ Frame
0
0
Preflight
General
Full URL
https://tracking.refersion.com/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:212d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://bad.cards
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
86fc37462a34bbec-FRA
content-length
0
content-type
application/json
date
Fri, 05 Apr 2024 20:16:26 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
via
1.1 6fec3be7392a89a67d860f663eba31b2.cloudfront.net (CloudFront)
x-amz-apigw-id
VxNUNFwHIAMEY0Q=
x-amz-cf-id
b1T3HnaPZmo-HatvzAT-HPwzWqNR4Zxdyr90-VJAbueIU4VnX-SJFw==
x-amz-cf-pop
CDG50-C2
x-amzn-requestid
89e9ca09-eadd-487d-af45-a7a35eaa05ae
x-cache
Miss from cloudfront
r.html
pub-a5fa57787d10daadcf9f.tracking.refersion.com/ Frame 7712
0
0
Document
General
Full URL
https://pub-a5fa57787d10daadcf9f.tracking.refersion.com/r.html
Requested by
Host: cdn.refersion.com
URL: https://cdn.refersion.com/refersion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-88.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://bad.cards/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
72441
content-length
474
content-type
text/html
date
Fri, 05 Apr 2024 00:09:06 GMT
etag
"4ee1a4f461751e9918a36adb0409d3f7"
last-modified
Wed, 22 Feb 2023 15:36:53 GMT
server
AmazonS3
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
x-amz-cf-id
IGCvuMGag_ZU6dieopCL8MAdht7NI-wgOqoqDZmBpXh5g2YvesGKUw==
x-amz-cf-pop
PRG50-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:441910979855:build/Refersion-Tracking-Build:73628c93-f755-4b3d-8d5c-a1ebdbebadc0
x-amz-meta-codebuild-content-md5
91ec5cf5fda69cb6cd86040e2dd38391
x-amz-meta-codebuild-content-sha256
42d26243f1280db4b5fe4f14da9a93e79ee5c40ecaa56e39403c9417ef85fa11
x-amz-server-side-encryption
AES256
x-amz-version-id
Rv5XbA_iUkUdnH6Uf8VNfQGmC__6yAr7
x-cache
Hit from cloudfront
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 5D50
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-66.prg50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bad.cards/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
420
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 05 Apr 2024 20:09:51 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 29 Mar 2024 21:24:14 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-id
6WnDm0FtJMKzsqfEj5tfLu7law3-d0PD6iS-mZOF9erUAVzk-e7gng==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240403&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3525646721011012&plah=bad.cards&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
397ff37d36ac939ddebc583da3d9099680a98a44155f0a8c468a3cd741a859ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12380
x-xss-protection
0
rum
bad.cards/cdn-cgi/
0
136 B
XHR
General
Full URL
https://bad.cards/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://bad.cards
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
86fc37470a0f4d59-FRA
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3525646721011012&plah=bad.cards&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 05 Apr 2024 20:16:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A470
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bad.cards/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
19857
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Apr 2024 14:45:29 GMT
expires
Sat, 05 Apr 2025 14:45:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
favicon.ico
bad.cards/icons/AllBadCards/
15 KB
4 KB
Other
General
Full URL
https://bad.cards/icons/AllBadCards/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
278df73e41d3266716b653c71e03c799430144cb40baea4ef07f41fa074c2939

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bad.cards/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:16:26 GMT
x-amz-version-id
u9nwsaHeTm9._Ob2p9BEhwLVvWKApzFq
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2898
x-amz-request-id
9N58YF7MXHCE23CH
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4656506c-32cf-4484-a27c-b8e23729a364
x-amz-meta-codebuild-content-md5
06c0fee69673dd16e8cfb093613fd9ed
alt-svc
h3=":443"; ma=86400
x-amz-id-2
xxgXZpROVHn2tbV/weOXqGUBc/h0RQsRaD6G1mpvDU5wq4e1n1Rai6MBGV3hF/qJIPgApzFC2uU=
last-modified
Thu, 11 Jan 2024 02:16:38 GMT
server
cloudflare
etag
W/"cd819b33bac6ad54b38e56aaa6d4a188"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jJvjz2fpQOCX0C7rQAHdQNJ5o3%2FFUC9fMXY3dV3WyJLNvtUwgD4TT4rulxsePMHkUQDgoV81ZIIardfgxjr7BkO1%2FOGOzOxlZd3yUfsP5Wr%2FSffAYX9sDEdt7kGsjTcQYQ9sknTKMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
x-amz-meta-codebuild-content-sha256
35169df129af9046fae5cc6e364469079bc31bd4414d5a1d8295d2706c4f5be3
cf-ray
86fc37484b904d59-FRA
sodar
pagead2.googlesyndication.com/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240403&jk=1454398397522672&bg=!2dql2pXNAAanmIpSh5g7ADQBe5WfOJP6f3JHMMab8Xj48Ihx2n4A0EdeTdb7zTWODuUKR4bpltb5pGo24pVlUyfjpoQuAgAAACVSAAAAAWgBB34ANUiPxSaJH05REsQz8WA6fz3MN_9DGxRKiFH4OperQ_bdw1m8Zl3mxxW1ISVYqVg-99xpbEETmQKH-sm6QQrRpes_a7xxRmJlxn-If-DQXP6EdC6tUHBmv7E6ih8GFgT4swJ_--b0hXgJ2MEBCHZiI5GM1bvvpSDRAzQYHVIP2NoT2CNhgjrtNxaJsfPgp3XawPMpVNplXVFQMmJ4fcELCnYOSYCj6mcG9syBVQoPynLkWb-P8uQmfuPmkrV5C0eyVBPGhIsV9SF5FcoU3FEY3V1zgf5IlEgQEaroMepqWY457nvFRXSwGzL60QJqjrY0HH-rM_pdYoLOFvQaUw37bdGB7d_PD59dcJd-LMYjWLD_T5Au029deVilSurfkTn3J1-Ywb7A4PW51VekRTc331GCArpG5_d91LP2CwXmGDjz1851_HBT0uwM06uhsHCWfZHetGHvPU54TIf2ndHYMQG8gGenPTScRNYsdR8Z1v0mhf5kY7UrQMJkI-55o5U3HLsb5HlPhSr2H-rOKuJmdMvOB71ziiMPefdnwK5Ioz2g9MPHSFsvKYuc2lbXO6MAiI3939PKwCgdZPKhrdoZY0xsz1V7_nI53qcLwQL4z4rhy3LzWXOO_HfO3hny1G52UPaz_Gf5RiyuJz_06Fv0sMCnXhbZmdN7r9_4skxoq5pUGhxF3-xqgVa72_0F2ezDhY_5np9VmpUhrjOIuDelCio1dUKl5bbr8Y-n6MsKxMzFtECP4jXZ1oFkzp1djULEzlGRc8Ub8VO8TziP41wGgJ-pmhgfY2fgiMqxrW8bX6zHqntiE1cLTBxyqhkNcEWvUvopYkm3_2SzfFwDUw8rbLI92hYQgJDofeEMo9QbETue9D3XNafB7G_bErc8LW36l1hxTy-Gi4hfwAKcbq9QaMRerpLgOFC3YPaPgXlaLAk

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| dataLayer string| TrackingSystemObject object| _learnq string| __klKey function| wisepops object| caf_ object| cast object| closure_lm_19011 object| webpackJsonpclient function| force-smartlook-init object| smartlook-client number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| gtag object| freestar function| smartlook boolean| smartlook-initialized object| __cfBeacon object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| google_tag_manager object| webpackChunk_klaviyo_onsite_modules object| XdUtils object| xdLocalStorage object| r object| _klOnsite object| klaviyo object| __core-js_shared__ object| core string| google_user_agent_client_hint object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkStripeJSouter function| noop function| Stripe object| webpackChunk_smartlook_recorder function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

8 Cookies

Domain/Path Name / Value
bad.cards/ Name: __kla_id
Value: eyJjaWQiOiJabVF6TkdZMlkyVXRaREpsWVMwME5HTXlMV0UxTnpndE1UQm1PVGd5WTJKaVkyVTMiLCIkcmVmZXJyZXIiOnsidHMiOjE3MTIzNDgxODYsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vYmFkLmNhcmRzLyJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTcxMjM0ODE4NiwidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly9iYWQuY2FyZHMvIn19
.bad.cards/ Name: _ga_N3BGZ4J7BJ
Value: GS1.1.1712348186.1.0.1712348186.60.0.0
.bad.cards/ Name: _ga
Value: GA1.1.1628806836.1712348186
.bad.cards/ Name: player
Value: Vlg1czY0VHJzN3VIN0NaWFY1S1p2OjJjNzAxMjEyNjdmOTBjNDRhNDI3NTY0ZjYyODBhNDYyNGM4MWZkZjRjM2VhNTkxYmI2NTMwODEyYmMwY2Q5M2U4NmViZDU4OTZhNzcyNThmMjQ1ZWQ3MmJiNDY1NzA0MWU1NjQyZjE0OGVlZTgxNzUxY2VhYjRmZGViNWMyMDc2
.bad.cards/ Name: email-opt-in
Value: false
m.stripe.com/ Name: m
Value: 41cfa432-4aa8-4c7e-a120-3d3e10d288e413d002
.bad.cards/ Name: __stripe_mid
Value: 43566650-89c3-49b8-8a98-42faae16741f13dec4
.bad.cards/ Name: __stripe_sid
Value: 943f15e6-3597-4ab3-88b4-c74a69e9c8460527f5

3 Console Messages

Source Level URL
Text
network error URL: https://wisepops.net/loader.js?v=2&h=zkQm27zoAD
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://tracking.refersion.com/start
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://bad.cards/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.klaviyo.com
api.bad.cards
bad.cards
cdn.refersion.com
d3k81ch9hvuctc.cloudfront.net
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
images.prismic.io
js.stripe.com
pagead2.googlesyndication.com
pub-a5fa57787d10daadcf9f.tracking.refersion.com
region1.analytics.google.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.bad.cards
static.cloudflareinsights.com
static.klaviyo.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tracking.refersion.com
web-sdk.smartlook.com
wisepops.net
www.google.de
www.googletagmanager.com
www.gstatic.com
pagead2.googlesyndication.com
151.101.194.133
151.101.2.133
151.101.66.133
18.239.94.78
2001:4860:4802:34::36
2600:9000:2127:9000:18:28e9:8880:93a1
2606:4700:20::681a:e02
2606:4700:20::681a:f02
2606:4700:20::ac43:4b99
2606:4700:4400::6812:212d
2606:4700::6810:4f49
2606:4700::6812:3bb
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:81d::200a
2a00:1450:4001:827::2003
2a00:1450:4001:830::2001
2a00:1450:400c:c00::9c
2a02:6ea0:c700::22
2a04:4e42:200::720
65.9.95.108
65.9.95.66
65.9.95.88
03daf0d3ed3ef8e1b33495ad462a4611b216bde64fdd0b4c9fdf45b412f6434e
0b60b7ef70b0e4e2073a9d7b201b49e0da3b6d4f6118f734c05cf34e548ad850
0c04b9547b7987c73e0af8862ae553422d809ccb9f9d4c5643952ec5597d1275
0ebed3b028151175ddbdb2ac46ca52fc7a72d55359bc957c9b9c2705c1448719
127bb164c943645ec093dcffaf9e8e9a4c6eea16845dcdde53fcb1d150e6692a
13b6dc079dea139b1faa4b44e482f9ea6f9a733a33b56d0465d35d0f4665ead6
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1e77f48d11c58959d5129845bf10ce5cc3fbcfb502b8c0fa690946011927d48a
26daaa429de0ba0f2a66941c859f1a30a9daf7a830d260a1016e0075e4604f28
275cfaaa9a9c31fe14a1c842243be14d237cb34e2871813b2a22797dd70fd297
278df73e41d3266716b653c71e03c799430144cb40baea4ef07f41fa074c2939
34796d1a8932f6c6156e23a5a1de1685e1c04d1005328efad9a9d444a1ce357f
3779eac43cd022cc885fac931dc7264461205946e9cd0714877fcafe5cbc18dd
381b37762970831071baa2916dcb4008f0039de83e6db97e20085b3c61daff54
397ff37d36ac939ddebc583da3d9099680a98a44155f0a8c468a3cd741a859ad
3efc750dc0d6c4e1387bd4e2aaf82f5c985a16175d991a3cf51cd2cd1fbb7e39
410ef933fcf7e164fd4d087bfbf65f43d1e55d17526a6d3496698a7911474771
4d01709fcd599118652e3b27bd0ca97c802f832183d01f76a034755f2bc62fa3
544014704e44a2a2dbe171c90a91208a68f6e0470fbed2f3daef43645ee122ac
56fd2c12fe2b5236053f10d190c3b7c89e55b7534c91a4451824b203c2a155dc
57a59ee12ac24448c991e60ee6c48237a0222c21259c06c7d4cb11adc8350a20
58b3c1bc6754d998f93916a5299eaa865a666b89544b320acd6c45bedbc2e754
5902b67d28fe517d70224df925277f1d518dc44d1033844e9e0ccb3f353a8be4
6039596f0aa6059428c88854822b7defd844baf6ab97b9bad6cbea79d2f0483e
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b32ad610c9e0bd6308091412c892eae952772be58874adcb79a52e0304db5c
6352f53b0044b69d6b0221ec9eb003c9580f0cf2a948eb5b7a62c07274d8da03
6433bb29063bf8ef44e9e8ca2037b3098cb815a7edc999d89508b5fd33f7aff9
668bec4f01c3a975859c827b47a3914395dc8014717ba669ff9a824d1f0b490d
726558ff0910cbe12ec98afcec56d49b360a0cfd8c803931f579b1889096788d
7570cd8f44031f13f92a393607bab34cedde1d42d3513dfeb8c1e9c693390f0b
86482ba9c114f57815a83a7474a49ca65670367cfea7bbba004991e7f84b2f39
9202078f8f1ee61be302823d733cba0a78021842ad10e8343bc7d44f54b01ea5
9273b17678b1844a9388b1077b748e017772a47ea330a4af6810e390bb0aca10
940d2763649c3b1e083d8eacf0fdc090739ac6cba62e35b41ad8b7231f19cb7c
95926ffbdb25e8fb63a6a44396cf79efda083ec5b1861f85324d6cff216e9566
a04dad0e19fce11c93e5b1664341dc181fd2b3ad321b617c8af865d40fdd9153
a7efb4f446e75cf945807f315730d565f838a7c0d7bbfcb516fc76c1b3bab655
a825cc978c972912e65bdc6886b656a41d85241e249667fb8ea0fe385e1f2f59
a832dc33fd579bba19294511e037b6fa99f01e211eddc9fd11b355bb5c1fbfd8
aa03b89682a1f628e945d75327d8d602161b73c35d7159a34e6b2d01af15e4ca
b04730f497e464c0e7e3d447e727c7cca49b1646d5460c748a06ca34c5886b77
b0db7e9ecb5521298403292e544c9d589ca605178345ec608b920ade214bc5d9
b7e8f43ea6f9a843c7ec115ab499426387e8eef347f706d43dbe1cae08085bba
b8145d963ea9563a306180e00f437bec637fcbfeb62220f20bb39b0f794c9e25
bb8d8f1ac92076838afbc5d039b1f60ad83c1dcb38911112059afeae7dc4583d
bddb12725635bd402420c6b997100f34ec54ba23c17ab0f5a938884d206bb85b
c3c8a4e8fa41a805ab29d9a608fd6432f648677933fa767305177363dbb3571f
c689c6e9629e3d89c91d49a7b2b64fc9c5f1852a92dd49fc7b096bc5f41849c2
cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709
d0fa6b780967f67a13f45dec19174215745b2adb190f4a76da7c3a72245af4be
d81664a317af1e92c1c73910e468b785ea0a216bf94ae5b118f405e0ec4de47d
d9ca1f96ff7ba29afd8520b80dbff93a386d205d07c6be3025fd17c1208108b5
deb5d57ccba8c07150c68ec992233a5aa1e68db8ae166b647109510b2761192a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56d9f0ff4291aab14a84849e87ae705ea5b5b1510f4b09b1b56b152943d0ec0
ed7ce521226b0a5bf885c2cdaaf365902cd22c95ab3f7f995ca593a0575daa70
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb0dc0e4239ea59c90a3d465578a66bff9d9372cba852d5fdaa7a4c46ecbb72
f29ae1e4ea8c2af076975dda7f1d30b835973963e68f94ae3d347247e3192d2a
f981d45f43f1c90fd39472e1ed4648205e69ffecbab12cc93eb057ca87276dce
fb2dbdb316742cbcfe3896917218500775bbe6291a077efac20da890072a0efc
ff9fd0d32d5680811f5bff4d5cb431320270779077ca5cfe1a87836de89d15a6