bad.cards Open in urlscan Pro
2606:4700:20::ac43:4be2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bad.cards/
Effective URL:
https://bad.cards/
Submission: On November 14 via api (November 14th 2023, 11:13:24 pm UTC) from US — Scanned from DE

Summary HTTP 81 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 14 domains to perform 81 HTTP transactions. The main IP is 2606:4700:20::ac43:4be2, located in United States and belongs to CLOUDFLARENET, US. The main domain is bad.cards.
TLS certificate: Issued by E1 on October 21st 2023. Valid for: 3 months.

This is the only time bad.cards was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2606:4700:20:... 2606:4700:20::681a:e02	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700:20:... 2606:4700:20::ac43:4be2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	143.204.215.56 143.204.215.56	16509 (AMAZON-02) (AMAZON-02)
8	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
9	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:600:18:28e9:8880:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:440... 2606:4700:4400::ac40:9ad3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:8e:... 2a04:4e42:8e::720	54113 (FASTLY) (FASTLY)
2	2600:9000:25e... 2600:9000:25e8:a200:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	34.213.255.230 34.213.255.230	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
81	23

10 2606:4700:20::681a:e02 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bad.cards	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.bad.cards	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::ac43:4be2 (United States)

ASN13335 (CLOUDFLARENET, US)

bad.cards	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.215.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-56.fra53.r.cloudfront.net

cdn.refersion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pub-a5fa57787d10daadcf9f.tracking.refersion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

web-sdk.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:600:18:28e9:8880:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.bad.cards	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::ac40:9ad3 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.refersion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:8e::720 (United States)

ASN54113 (FASTLY, US)

images.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:25e8:a200:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.255.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-255-230.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	bad.cards 1 redirects bad.cards api.bad.cards static.bad.cards	1 MB
18	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 r.stripe.com — Cisco Umbrella Rank: 3546 m.stripe.com — Cisco Umbrella Rank: 1249	462 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	226 KB
7	refersion.com cdn.refersion.com — Cisco Umbrella Rank: 29186 tracking.refersion.com — Cisco Umbrella Rank: 36346 pub-a5fa57787d10daadcf9f.tracking.refersion.com	37 KB
3	prismic.io images.prismic.io — Cisco Umbrella Rank: 11821	55 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	5 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	232 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	smartlook.com web-sdk.smartlook.com — Cisco Umbrella Rank: 21232	22 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	230 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6862	408 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	840 B
81	14

	Domain	Requested by
15	bad.cards	1 redirects bad.cards static.cloudflareinsights.com
9	api.bad.cards	bad.cards
9	pagead2.googlesyndication.com	bad.cards pagead2.googlesyndication.com tpc.googlesyndication.com
8	js.stripe.com	bad.cards js.stripe.com
5	r.stripe.com	js.stripe.com
4	tracking.refersion.com	cdn.refersion.com
4	q.stripe.com	bad.cards
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	images.prismic.io	bad.cards
3	www.googletagmanager.com	bad.cards www.googletagmanager.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	web-sdk.smartlook.com	bad.cards web-sdk.smartlook.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdn.refersion.com	bad.cards pub-a5fa57787d10daadcf9f.tracking.refersion.com
1	www.google.com	tpc.googlesyndication.com
1	m.stripe.com	m.stripe.network
1	pub-a5fa57787d10daadcf9f.tracking.refersion.com	cdn.refersion.com
1	static.bad.cards	bad.cards
1	www.google.de	bad.cards
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.cloudflareinsights.com	bad.cards
1	www.gstatic.com	bad.cards
1	fonts.googleapis.com	bad.cards
81	25

This site contains links to these domains. Also see Links.

Domain
twitter.com
instagram.com
reddit.com
patreon.com

Subject Issuer	Validity	Valid
bad.cards E1	`2023-10-21` - `2024-01-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.refersion.com Amazon RSA 2048 M01	`2023-03-13` - `2024-04-09`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
api.bad.cards E1	`2023-10-24` - `2024-01-22`	3 months	crt.sh
1688964705.rsc.cdn77.org R3	`2023-10-05` - `2024-01-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
static.bad.cards Amazon RSA 2048 M02	`2023-11-05` - `2024-12-03`	a year	crt.sh
images.prismic.io GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-10` - `2024-04-10`	a year	crt.sh
*.tracking.refersion.com Amazon RSA 2048 M01	`2023-08-12` - `2024-09-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://bad.cards/
Frame ID: 46892EEEC87568E597BBC29C488E676C
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: EF564DE53CD5DE69B5E350315B97DEB0
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-7c6abe730384ece17ff9567f296fef91.html
Frame ID: AFB8859076FE6F89FDF11A3514176978
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3525646721011012&output=html&adk=1812271804&adf=3025194257&lmt=1699857540&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbad.cards%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700003598649&bpp=3&bdt=779&idt=253&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7610657727781&frm=20&pv=2&ga_vid=267858050.1700003599&ga_sid=1700003599&ga_hid=1679796981&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31078297%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=3334160547850505&tmod=1268231704&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=301
Frame ID: D207C62FA798897CDA60D3272824086D
Requests: 1 HTTP requests in this frame

Frame: https://pub-a5fa57787d10daadcf9f.tracking.refersion.com/r.html
Frame ID: 7B1467C440A868B64E50F0754875B7B4
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 8E1A10025B71C301A5AD4A9F6262CD1B
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D03FA72EA9BECCC83E1AEBB7C8B91B5A
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0FE2875C01D4CABE237CA02B61B71BC6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0464CBFDC55899550A6918A5EE634988
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bad Cards | good games for your bad side.

Page URL History Show full URLs

http://bad.cards/ HTTP 301
https://bad.cards/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

81
Requests

100 %
HTTPS

83 %
IPv6

14
Domains

25
Subdomains

23
IPs

3
Countries

2671 kB
Transfer

6577 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://twitter.com/playbadcards/

Search URL Search Domain Scan URL

URL: https://instagram.com/playbadcards?igshid=YmMyMTA2M2Y=

Search URL Search Domain Scan URL

URL: https://reddit.com/r/allbadcards

Search URL Search Domain Scan URL

URL: http://patreon.com/allbadcards/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bad.cards/ HTTP 301
https://bad.cards/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bad.cards/
Redirect Chain

http://bad.cards/
https://bad.cards/

7 KB
4 KB

296ms
275ms

Document
text/html

2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c40d668a266e8a66880d6eca00f99d1673f8b4743968c96c0446538dc1c2efd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8262f1b4f9ec65d0-FRA
content-encoding: br
content-type: text/html
date: Tue, 14 Nov 2023 23:13:17 GMT
last-modified: Mon, 13 Nov 2023 06:39:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJm7fw9mkxEA8662kHMx5xQb46sxeOSPbkdCHr5wbUO4YFkLjoo74BEUsn6xMtbuGH%2BrPBPobiPpL18fh3MqonC7eBbbgZ4%2Fr%2BIprlTDp2Up8dLD7hwpgjIJbcu6OSBlIhvophDe6A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: m8E8YoFQv8z46Ojv+F1dNXPrca0oC9swu7swbCC+X2gNFPcjoFymYlux1DCqQUouOJ07cSIedsU=
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4f7c131f-b88f-45c7-8ad6-97c5038d94dc
x-amz-meta-codebuild-content-md5: e5feb51efded39c3aa109aaad8fc6ebb
x-amz-meta-codebuild-content-sha256: e1dd9a9b5bd3b026a01fc7608db17d3c15031c0a0c450ff398e521c0a81b6e5c
x-amz-request-id: SMT4F971W8A3NT8H
x-amz-version-id: h4qkoqD5RE1By0ob3uwhbOeVPvU8JqfH

Redirect headers

CF-RAY: 8262f1b4ac6b4dbb-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 14 Nov 2023 23:13:17 GMT
Expires: Wed, 15 Nov 2023 00:13:17 GMT
Location: https://bad.cards/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gfu9l%2BPQ%2FN17yvoSJ2xxzfylRlDlPEutNOHXK35S9xkT95IicVL6ytiB8xywp8NR9xLw8JltenDZqlLrdjm7zcAn07MnMJrMXsJ2ep7A7r%2Fm8uYYf%2B5pWI8XceN2VEX704kJEk2Qgw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo-small.png
bad.cards/ 43 KB
44 KB 143ms
141ms Image
image/webp 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bad.cards/logo-small.png?2
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 410ef933fcf7e164fd4d087bfbf65f43d1e55d17526a6d3496698a7911474771

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
x-amz-version-id: V5c9gBVip47dTzbNZ9vu0yo7aX7aOQFN
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BRNZGZJBGTGWBCF6
cf-polished: origFmt=png, origSize=84701
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4f7c131f-b88f-45c7-8ad6-97c5038d94dc
content-disposition: inline; filename="logo-small.webp"
x-amz-meta-codebuild-content-md5: e5feb51efded39c3aa109aaad8fc6ebb
content-length: 44042
x-amz-id-2: Hdu9urAmJurywHqppmz7f4gcQQ6uXVFBPnGP45Qq8+NuQivIuRFUg+8CfAYX3+gCbKio4358XOE=
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Nov 2023 06:39:08 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "2cbdcb10271e7175ee6cb9774c7a44cc"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhHsIrZYPy9wgHM%2F7imnI8%2FpQrk4DjbOYuyoAafUSIDkGJ0L8frADvh1nxiWWdGmaMXiKOIa2DeJTjB4L1T4EZZUVN4oE3k%2FcvNDHyEfNiBpkNt8laFfPCApQqsJUA6PEh0Xs3emCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-amz-meta-codebuild-content-sha256: e1dd9a9b5bd3b026a01fc7608db17d3c15031c0a0c450ff398e521c0a81b6e5c
accept-ranges: bytes
cf-ray: 8262f1b6bb1865d0-FRA

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
840 B 178ms
62ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Spline+Sans:wght@300;400;700&display=swap

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c47376f789419bcfe259e750d057d24e0e6714d18fe6baf4d2bba980abee3e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 23:13:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Nov 2023 23:13:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
52 KB 211ms
82ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8887b54060687ff8bf4347b4f88a39b5b6520dab72c36ae75b829b7b6a137a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52730
x-xss-protection: 0
server: cafe
etag: 7761527493472130393
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:13:18 GMT

GET
H2 200 cast_receiver_framework.js Show response
www.gstatic.com/cast/sdk/libs/caf_receiver/v3/ 617 KB
173 KB 210ms
94ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

440391b37860122098225ebe33f0845780d5a6038b433e7c75b1810fcfb17773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176314
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 21:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Tue, 14 Nov 2023 23:13:18 GMT

GET
H2 200 main.5bc16e45.chunk.css
bad.cards/static/css/ 2 KB
1 KB 148ms
147ms Stylesheet
text/css 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/css/main.5bc16e45.chunk.css
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 275cfaaa9a9c31fe14a1c842243be14d237cb34e2871813b2a22797dd70fd297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
x-amz-version-id: uwvdVm9qWBxSfpm5o2LwTWysvguXH0hs
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EYT61MJC17YYFF1Y
cf-polished: status=cannot_optimize
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4f7c131f-b88f-45c7-8ad6-97c5038d94dc
x-amz-meta-codebuild-content-md5: e5feb51efded39c3aa109aaad8fc6ebb
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Xy1j/0QvmnY7SFoUSr61d6Sz+2KyejIiF4qMgycSUfG+YGf3NIdlpgXbfbAf3LIyB6O0bYyq//k=
last-modified: Mon, 13 Nov 2023 06:39:13 GMT
cf-bgj: minify
server: cloudflare
etag: W/"723f4df00015f5bfcd6c608ca1756910"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBDjqpA8NnvLqxrvDlTL%2Fo84xRmPZ31SZnUxM0ye%2BFaaO%2FHaFkPOTnixmtXBjV4892U8SXgRAr%2B5NTaiXPFQMLV3x9gTiCMrn6OJBfmDSrtGexdZHeVpS%2FVTfO9%2B3l%2FI%2FKtp1x2ecA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-amz-meta-codebuild-content-sha256: e1dd9a9b5bd3b026a01fc7608db17d3c15031c0a0c450ff398e521c0a81b6e5c
cf-ray: 8262f1b6bb1465d0-FRA

GET
H2 200 7.45530f1b.chunk.js Show response
bad.cards/static/js/ 1 MB
361 KB 137ms
136ms Script
application/x-javascript 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/js/7.45530f1b.chunk.js?bv=1699857062312
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec04d160ac358ff7fd3d11b6ad4633944d973a5fa51e0532c44aeff633599da0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
x-amz-version-id: VO5soFsVK8JYdA5EWbvKK8W9tuT7lc1A
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Z9XBNQMP8BVCJ41Z
cf-polished: origSize=1313712
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4f7c131f-b88f-45c7-8ad6-97c5038d94dc
x-amz-meta-codebuild-content-md5: e5feb51efded39c3aa109aaad8fc6ebb
alt-svc: h3=":443"; ma=86400
x-amz-id-2: XaV8UJCn+x6VfR+hDqnbHsUs0rKNwy+HrfgDeg7lYZiykYaXXmTZn9DvKTq+dzRSXIE03DThSwY=
last-modified: Mon, 13 Nov 2023 06:38:54 GMT
cf-bgj: minify
server: cloudflare
etag: W/"e8cd7058628d58b52a16288fac2e9e2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7pMCu7U6VPenSiAjGkOjOlAHT0y4Pzl7Pq3a%2FCDgv%2FslvKxEC1bQU2aqnHpIsrwyP9uaf8wJ%2FBBidxCthmbBH7HYPGjF3ISerTO%2FZl40PJEzMBXmi2fEXu9RApmZ9MtwBVEaLCz1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: e1dd9a9b5bd3b026a01fc7608db17d3c15031c0a0c450ff398e521c0a81b6e5c
cf-ray: 8262f1b6bb1565d0-FRA

GET
H2 200 main.45530f1b.chunk.js Show response
bad.cards/static/js/ 181 KB
47 KB 148ms
147ms Script
application/x-javascript 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/js/main.45530f1b.chunk.js?bv=1699857062312
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b92eb9797455058e958ff0ceb23a9c7f56fbc2ad060b2534b2634b2e3f6a6c75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
x-amz-version-id: ltpKI5h0OoIIVeNlHGH7Jd22XNDdJlxL
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6CH1QGEWETXQPDW3
cf-polished: origSize=185237
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4f7c131f-b88f-45c7-8ad6-97c5038d94dc
x-amz-meta-codebuild-content-md5: e5feb51efded39c3aa109aaad8fc6ebb
alt-svc: h3=":443"; ma=86400
x-amz-id-2: qw4zdaaBapJRnqY0j9tAtMvbjJfFxbG251qTv5wSxMW1/MLim3t4AHx9Ee42c8DR9kmG7gMD17c=
last-modified: Mon, 13 Nov 2023 06:38:55 GMT
cf-bgj: minify
server: cloudflare
etag: W/"415e1119e9b64455691bcdd0ad0f7328"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfTy4pRHx7sgi9%2BgNVfH24%2F8xaczXwSgCkC8NZPT4dUs%2BkuBaqzOKf1s7FvY%2FO8ahcxQI2lyaCmPmQAIsPpZ2LgXtAxkyXuoBavuJaqX5vPeHenD9Ct6aT5Bss6ZvXuuMTM7Ri%2FXmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: e1dd9a9b5bd3b026a01fc7608db17d3c15031c0a0c450ff398e521c0a81b6e5c
cf-ray: 8262f1b6bb1765d0-FRA

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 90ms
44ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8262f1b9ccebbbec-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
44 KB 175ms
63ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5VR86X

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e5fe7bc9562e738195c745bfbf369d21d21381f264d99959026226ca837dbdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44345
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Nov 2023 23:13:18 GMT

GET
H/1.1 200
OK refersion.js Show response
cdn.refersion.com/ 31 KB
32 KB 69ms
8ms Script
application/x-javascript 143.204.215.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.refersion.com/refersion.js
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-56.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9ca1f96ff7ba29afd8520b80dbff93a386d205d07c6be3025fd17c1208108b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: .z6Ij8RKlWu7_TjQFcP9teRjS.tAjstL
Date: Tue, 14 Nov 2023 13:37:47 GMT
Via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Age: 34534
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:441910979855:build/Refersion-Tracking-Build:73628c93-f755-4b3d-8d5c-a1ebdbebadc0
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-codebuild-content-md5: 91ec5cf5fda69cb6cd86040e2dd38391
Content-Length: 31724
Last-Modified: Wed, 22 Feb 2023 15:36:53 GMT
Server: AmazonS3
ETag: "cc3f66d9f13a349a59672074e6354f8a"
x-amz-meta-codebuild-content-sha256: 42d26243f1280db4b5fe4f14da9a93e79ee5c40ecaa56e39403c9417ef85fa11
Content-Type: application/x-javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: BWhAMdETGHSFYqbHFRYWBnajINSIEND6S3ePAeXk5S0gC6ImCju2zQ==

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 198ms
90ms Fetch
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bad.cards
URL: https://bad.cards/static/js/main.45530f1b.chunk.js?bv=1699857062312

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52732
x-xss-protection: 0
server: cafe
etag: 5186480118388995366
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:13:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
94 KB 116ms
116ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ

Requested by

Host: bad.cards
URL: https://bad.cards/static/js/7.45530f1b.chunk.js?bv=1699857062312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1047ece65258d1486a216ba5b79ad966da4388b9e8d3674941faeba61630a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96497
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 23:13:18 GMT

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 84ms
73ms Fetch
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bad.cards
URL: https://bad.cards/static/js/main.45530f1b.chunk.js?bv=1699857062312

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52732
x-xss-protection: 0
server: cafe
etag: 10205380944418871243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:13:18 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 553 KB
153 KB 47ms
6ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: bad.cards
URL: https://bad.cards/static/js/7.45530f1b.chunk.js?bv=1699857062312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ad554a89ac5a217395a61851928b9c8499a4becd2d607a0d358393fbb42ed765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 23:13:18 GMT
via: 1.1 varnish
age: 50
x-cache: HIT
content-length: 156589
x-request-id: 370c99fa-9346-49c3-9fcc-ffeab4462b78
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Tue, 14 Nov 2023 21:34:17 GMT
server: Fastly
etag: "7037269a126d13cc06f33ce890411b1b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

GET
H3 200 logo.svg
bad.cards/ 27 KB
12 KB 140ms
139ms Image
image/svg+xml 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bad.cards/logo.svg
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f29ae1e4ea8c2af076975dda7f1d30b835973963e68f94ae3d347247e3192d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
x-amz-version-id: S2QsK6gyBHwo3zO52aloc8QSrfne2S3d
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HA50CKS2X3T7AM0P
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4f7c131f-b88f-45c7-8ad6-97c5038d94dc
x-amz-meta-codebuild-content-md5: e5feb51efded39c3aa109aaad8fc6ebb
alt-svc: h3=":443"; ma=86400
x-amz-id-2: sKugS3R+RJ8GNlZ1Oh6QB/P+es6qx10UUEIY+oytWdeNaTV9/HfscZMD9p2M6UOOgBzVjimgTC0=
last-modified: Mon, 13 Nov 2023 06:39:14 GMT
server: cloudflare
etag: W/"ce686602e46d8ce390da2835b7381d12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iz8qvjSqFfPE5OuEB5fNUngmMUpKCskf1sCM3sys%2BTvpOT2E2GB9L6y0BShtEB8lvNRYAnaNjvGEn%2Fv2FlYhWedm9hn5OCPakN6tXh9cUGM3VnUKaho7uBYv%2BvQv7E9sfKTrWUKBgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-amz-meta-codebuild-content-sha256: e1dd9a9b5bd3b026a01fc7608db17d3c15031c0a0c450ff398e521c0a81b6e5c
cf-ray: 8262f1bb29a13a73-FRA

GET
H3 200 logo_arc.svg
bad.cards/ 53 KB
16 KB 136ms
136ms Image
image/svg+xml 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bad.cards/logo_arc.svg
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3779eac43cd022cc885fac931dc7264461205946e9cd0714877fcafe5cbc18dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
x-amz-version-id: vT4TkfkAsZkUX9C1eXnPuxzi2JLXxxxc
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C0Z5G77Q0YN9GZCS
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4f7c131f-b88f-45c7-8ad6-97c5038d94dc
x-amz-meta-codebuild-content-md5: e5feb51efded39c3aa109aaad8fc6ebb
alt-svc: h3=":443"; ma=86400
x-amz-id-2: uHX2k5vHAYl7rnrjlPANSg7kGA3SopsjWhcpEG6NrnEcALMaMOM63tStSxpIi2pX0Itmfh11q7I=
last-modified: Mon, 13 Nov 2023 06:39:15 GMT
server: cloudflare
etag: W/"23913e44ce3cac92f14b931b1b35239c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yk8RDDH%2FG7UdmlF%2BQ9oAx%2BaJIuEWpEH4PJUL1vBBMnpFkjJel6F%2BKmc9%2BZhPQyYDkQMcHB20qKML%2BClduiwUnevdREHlIrenCeVWJ2YoeHwo%2Bgljw94SEMCgxT0a8%2BfWPyW%2Be7kIEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-amz-meta-codebuild-content-sha256: e1dd9a9b5bd3b026a01fc7608db17d3c15031c0a0c450ff398e521c0a81b6e5c
cf-ray: 8262f1bb29a33a73-FRA

GET
H3 200 Stacion-Regular.45ccf7d7.woff2
bad.cards/static/media/ 17 KB
18 KB 138ms
138ms Font
application/octet-stream 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/media/Stacion-Regular.45ccf7d7.woff2
Requested by: Host: bad.cards
URL: https://bad.cards/static/css/main.5bc16e45.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6433bb29063bf8ef44e9e8ca2037b3098cb815a7edc999d89508b5fd33f7aff9

Request headers

Referer: https://bad.cards/static/css/main.5bc16e45.chunk.css
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
x-amz-version-id: rnDlLfu9stZYwZqiL.msS__Y02M1SF4c
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VVHQ6D29K0W0BQE1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4f7c131f-b88f-45c7-8ad6-97c5038d94dc
x-amz-meta-codebuild-content-md5: e5feb51efded39c3aa109aaad8fc6ebb
content-length: 17856
x-amz-id-2: eTAG13OoZzv3RKsPQ814vMdhNaV1UCqLWehCOS6SmhhQFhWNF+Ws7pQqW5w36YPdoR029D78K1c=
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Nov 2023 06:39:08 GMT
server: cloudflare
etag: "5d224e4161755db286840003ed42e7b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AX3lfAoW2zd2CMdOoM4oVJN9XoUc7COhTCJv4pF1ssxNvzEuB4VvqHTAJZtW0%2F0wRWAudQPoSKv5yJB%2FpyaP4Fv2IDuXzQjtNXzQq5RS8NwC6y%2Fw4VOHZzib5RKiKSlwY504uKl6xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-amz-meta-codebuild-content-sha256: e1dd9a9b5bd3b026a01fc7608db17d3c15031c0a0c450ff398e521c0a81b6e5c
accept-ranges: bytes
cf-ray: 8262f1bb49b23a73-FRA

GET
H3 200 GinJus-Regular.39fa2588.woff2
bad.cards/static/media/ 15 KB
15 KB 24ms
23ms Font
application/octet-stream 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/media/GinJus-Regular.39fa2588.woff2
Requested by: Host: bad.cards
URL: https://bad.cards/static/css/main.5bc16e45.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f981d45f43f1c90fd39472e1ed4648205e69ffecbab12cc93eb057ca87276dce

Request headers

Referer: https://bad.cards/static/css/main.5bc16e45.chunk.css
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
x-amz-version-id: m_5H5g7mTbvstw6IMIinGBy8Vo3gqGR2
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4118
x-amz-request-id: VVHJC3BYX8YF14XK
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4f7c131f-b88f-45c7-8ad6-97c5038d94dc
x-amz-meta-codebuild-content-md5: e5feb51efded39c3aa109aaad8fc6ebb
content-length: 14900
x-amz-id-2: IbuAsgVyq3sb51IYjWFqTZ4GDoEameoPYVR8uuoYcSc4TE7BWYbmnOgrzQ151Ox0XvCBcZWJTbk=
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Nov 2023 06:39:00 GMT
server: cloudflare
etag: "5666a64ba782c7af26eb499815c058b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Km%2FvibRaQr9aZGTrd3KfTmW3WOle0PrVFt1f4JEuydROqhT%2FT4nGAiABoWcK9WLTX%2FjcLgUwtAo24oVs%2FqVhvINIWpuVJOO%2FBZKIYC3SsHhNVcM%2B8eSA%2F6RSlB9tyebk3zwPKq8ZiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-amz-meta-codebuild-content-sha256: e1dd9a9b5bd3b026a01fc7608db17d3c15031c0a0c450ff398e521c0a81b6e5c
accept-ranges: bytes
cf-ray: 8262f1bb49b43a73-FRA

GET
H2 200 _6_7ED73Uf-2WfU2LzycEbAimC0.woff2
fonts.gstatic.com/s/splinesans/v10/ 56 KB
57 KB 169ms
54ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/splinesans/v10/_6_7ED73Uf-2WfU2LzycEbAimC0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Spline+Sans:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e77f48d11c58959d5129845bf10ce5cc3fbcfb502b8c0fa690946011927d48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:07:42 GMT
x-content-type-options: nosniff
age: 428736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57612
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:59:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 00:07:42 GMT

GET
H2 200 get-auth-urls Show response
api.bad.cards/auth/ 978 B
1 KB 297ms
234ms Fetch
application/json 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/auth/get-auth-urls
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.45530f1b.chunk.js?bv=1699857062312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ae465644bf6af1e4b20c1356b261da760f186a7a3ccb556d269ef56d720637e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3d2-OA7srnWRkyM8JVSNAxIFDekgq0E"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2F4LK2Ya38cxRY84FiCgB1F6grqlkC8uKr%2F8sfrAculbnr3tNeCpsf%2F%2BxSgYmVg%2FlCWQan%2FKVGUxHPwED9CpFrnSXTMoOD8Dcim686vcRzv%2FeSwytoXvkaosNprDVX0nDccwcm49kE8HBDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
access-control-allow-credentials: true
cf-ray: 8262f1bbcb152bd7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 data Show response
api.bad.cards/api/user/ 118 B
414 B 299ms
236ms Fetch
application/json 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/user/data?authTypes=patreon
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.45530f1b.chunk.js?bv=1699857062312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 46dec2427dbfe9514a03b28b09d83174331052313395d5bbf447dc3487723a39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"76-a4V/r6LNRHyQ37/2gMwfHTLoxks"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l470WJ0EfED3cB6dj2uCiOAHNwMwXfLCXZjQWMQAPHf%2Fkd%2BAO0RdXbPnCx7R924K%2BGJYrzxNKqI9KAJW6irri003i%2Bj%2F%2BeWL72hTyIe5Zcrfi%2FmyQsH3BaBj1wC7XYJ5xsa5pqITt4zaZNc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
access-control-allow-credentials: true
cf-ray: 8262f1bbcb112bd7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 get-auth-urls Show response
api.bad.cards/auth/ 978 B
764 B 298ms
237ms Fetch
application/json 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/auth/get-auth-urls
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.45530f1b.chunk.js?bv=1699857062312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ae465644bf6af1e4b20c1356b261da760f186a7a3ccb556d269ef56d720637e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3d2-OA7srnWRkyM8JVSNAxIFDekgq0E"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FoCjHGwZL%2BK3OttJI%2BtvQmZb2xQzD%2FOJBwM%2BFScMRkbjLlsF%2BpBRqQjtOJtw54r%2BruROxMzGHSSFSUxWvQcOYgt6rkELXv6gmZP44QkzG7HJlXDe0MCj6s0mxp5Id%2FfncpQp9pgWS2cDPww%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
access-control-allow-credentials: true
cf-ray: 8262f1bbcb0f2bd7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 homepage-faq Show response
api.bad.cards/api/content/ 7 KB
3 KB 353ms
292ms Fetch
application/json 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/content/homepage-faq
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.45530f1b.chunk.js?bv=1699857062312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c42a0e0f619e90020f055dba1e1e4d4249ca5e88a36cb7f5d4822f8754a193d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1bcd-+0hJCySi5JG1/91UrckPmYr7HtE"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BdyT%2BRlFEBZlCj8%2F%2BA8sr3cbH5mPyFRRk0aOtZcSqPbAj%2BMDusrHvrbG1212Ha1yZGQbit4CetJIf9%2Fs3b4ptQGziVaYkEPgAkI3G%2BPdv7fU6fyTWwUrHsDLo7Kvan3dNg%2FrPof9wFTvew%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
cache-control: max-age=300
access-control-allow-credentials: true
cf-ray: 8262f1bbcb0d2bd7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 upsells Show response
api.bad.cards/api/content/ 3 KB
1 KB 409ms
349ms Fetch
application/json 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/content/upsells
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.45530f1b.chunk.js?bv=1699857062312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e2a8c121822d107ddb54b1779867d8a8f99443e38b07cdc98eeed2fe036fa625

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"d78-s1+u8cDqvDfreiUq3e1wkl0ChP8"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtYdCm%2BBVslz2QazEx7OFpUGInDefbmBB6tJIPgER0RujFntPh2553ow9WVr2qYMWaBno4IZd9BbnEqzplU7FqjxftHxkWUkCZ1nhXY8wyBoM7lpgxC1R2aunEUX0BMxpd%2FaVyTQyb9%2BNDc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
cache-control: max-age=300
access-control-allow-credentials: true
cf-ray: 8262f1bbcb122bd7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 homepage-faq Show response
api.bad.cards/api/content/ 7 KB
3 KB 341ms
281ms Fetch
application/json 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/content/homepage-faq
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.45530f1b.chunk.js?bv=1699857062312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c42a0e0f619e90020f055dba1e1e4d4249ca5e88a36cb7f5d4822f8754a193d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1bcd-+0hJCySi5JG1/91UrckPmYr7HtE"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDvz4zYUp1Z2azbG%2BLwfcn%2BTgvSVzwaG4uzOIw44Pz%2BqkSH8zpwcmw9fS%2Fr28HV4l%2FoZY7u13GzCUtJkVlffOQon5yHqb357ngmdUy2pO7DuLEg%2FSVrWBCv%2FTmIpuSEEZpSmdVTfppAJ5Y0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
cache-control: max-age=300
access-control-allow-credentials: true
cf-ray: 8262f1bbcb182bd7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 homepage-faq Show response
api.bad.cards/api/content/ 7 KB
3 KB 294ms
235ms Fetch
application/json 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/content/homepage-faq
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.45530f1b.chunk.js?bv=1699857062312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c42a0e0f619e90020f055dba1e1e4d4249ca5e88a36cb7f5d4822f8754a193d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1bcd-+0hJCySi5JG1/91UrckPmYr7HtE"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0iHmAKip7AKDGoBEDYJNl%2F3TPR5TisSbRG0CNAGJmHA0S%2BOLGAi9Ztrh5CJ0%2BuP97RdY3QX7jhcQQNi%2FAbFAodcdWBXrCXmibfqRoO%2Fz3QAUGSeKMqZawGmj0wwR%2FPDbI1m3QeKwB%2FPvx7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
cache-control: max-age=25
access-control-allow-credentials: true
cf-ray: 8262f1bbcb132bd7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 register Show response
api.bad.cards/api/user/ 32 B
892 B 300ms
240ms Fetch
application/json 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/user/register
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.45530f1b.chunk.js?bv=1699857062312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d0ba8f04c0c62175a06dea5489a43f34142bba4a67d1e352897f5c3790041226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"20-QZd5Jlz0hJDZv7yxcmHfaBbWftk"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYlnE%2Fg%2FI7uBKlC0cHkUJv%2Baj67xPa%2BYqXHDniVPqoaq19kxqH1luUAW8x%2F3gewpLlqOBQfMmxM%2BmY0PilawGkOwO24ItikRLpamgitDMHwC6nMjAnwVkNsDPui%2Fg4IfxpUADCbMTjhfnBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
access-control-allow-credentials: true
cf-ray: 8262f1bbcb162bd7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 32

GET
H2 200 packlist Show response
api.bad.cards/api/product/ 22 KB
6 KB 507ms
449ms Fetch
application/json 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bad.cards/api/product/packlist
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.45530f1b.chunk.js?bv=1699857062312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 364c6e60a20650f31355cab9909a27e00a69e423d725bbb52fe1c2a990e5c927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"582a-LgeqfRp43Md7ckB+IseBBFYItlk"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukQJBwLfKeJhgYdfBN%2Bd01DGqYSF5Bc8S9TxHCSAadZPUeoH989Lj6TrDT%2F6i7bFKubhkPOFU13DFurt18mtIG%2BEmyrhlmO28rFZLbJscxJEkihprl5QXClS4Eoos1tk0WGnt3MmqTzLADw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bad.cards
cache-control: max-age=15
access-control-allow-credentials: true
cf-ray: 8262f1bbcb142bd7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3525646721011012&plah=bad.cards

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3777f9dddc8c5db7056958d66d80249f1a09bf46995f53c7c3c418a5633c3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138527
x-xss-protection: 0
server: cafe
etag: 9061446362030938118
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:13:18 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame EF56 9 KB
4 KB 170ms
53ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bad.cards/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 17:19:37 GMT
etag: 16674218716276178799
expires: Tue, 28 Nov 2023 17:19:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recorder.js Show response
web-sdk.smartlook.com/ 12 KB
4 KB 58ms
7ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/recorder.js

Requested by

Host: bad.cards
URL: https://bad.cards/static/js/7.45530f1b.chunk.js?bv=1699857062312

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

3dd4619f58b8bfd682782c288339dabbe5d0133ee2cb31396de8806cbab3c734

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 14 Nov 2023 23:13:18 GMT
strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-age-lb: 325
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-accel-date: 1700003273
x-77-nzt: AsO1qhE3Nzf/RQEAANRmOAk3Nzf/AAAAAA
x-accel-expires: @1700003873
x-77-age: 325
x-cache-lb: HIT
last-modified: Mon, 30 Oct 2023 15:38:52 GMT
server: CDN77-Turbo
etag: W/"653fce0c-2fe6"
x-77-nzt-ray: 4c1562249cee6aae0eff5365629ad22b
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
94 KB 80ms
79ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5VR86X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fd20b6fcf81d7413290da42a7d09f284bc97ebfead7ecffa61421b23528f6b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96482
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 23:13:18 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
249 B 115ms
38ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N3BGZ4J7BJ&gtm=45je3b81v897685322&_p=1700003597891&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=267858050.1700003599&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&sid=1700003598&sct=1&seg=0&dl=https%3A%2F%2Fbad.cards%2F&dt=Bad%20Cards%20%7C%20good%20games%20for%20your%20bad%20side.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1317
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:13:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bad.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 160ms
53ms Ping
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N3BGZ4J7BJ&cid=267858050.1700003599&gtm=45je3b81v897685322&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:13:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bad.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 183ms
67ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N3BGZ4J7BJ&cid=267858050.1700003599&gtm=45je3b81v897685322&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1857929050

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:13:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controller-7c6abe730384ece17ff9567f296fef91.html Show response
js.stripe.com/v3/ Frame AFB8 325 B
712 B 7ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-7c6abe730384ece17ff9567f296fef91.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

522e73d2248f8a1252d4d11ff27404fbb7bbcdd98373393784d8f746a82ba14d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bad.cards/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 35
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 23:13:18 GMT
etag: "7c6abe730384ece17ff9567f296fef91"
last-modified: Tue, 14 Nov 2023 20:55:01 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 6
x-content-type-options: nosniff
x-request-id: 47f04755-61fb-424d-97fc-cc05bb1ba183
x-served-by: cache-fra-eddf8230030-FRA

GET
H2 200 init.63c25562951064ab3a09.js Show response
web-sdk.smartlook.com/es6/ 66 KB
19 KB 10ms
9ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/es6/init.63c25562951064ab3a09.js

Requested by

Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

c7614898735db085f785973dc726fcaf8ebb0894a25f370c20f15617394b2e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Referer: https://bad.cards/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 14 Nov 2023 23:13:18 GMT
strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-age-lb: 1321393
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-accel-date: 1698682205
x-77-nzt: AsO1qhE3Nzf/sSkUANRmOAk3Nzf/AgAAAA
x-accel-expires: @1730218203
x-77-age: 1321395
x-cache-lb: HIT
last-modified: Mon, 30 Oct 2023 15:38:52 GMT
server: CDN77-Turbo
etag: W/"653fce0c-1073e"
x-77-nzt-ray: 4c1562249cee6aae0eff5365e36e5033
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable

GET
H2 200 shared-cb19c42fc0cedf52edb21d84a6a3069d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AFB8 533 KB
129 KB 12ms
11ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-cb19c42fc0cedf52edb21d84a6a3069d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-7c6abe730384ece17ff9567f296fef91.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f626ebeaf68251da291383488ed2bb23d60e1dd2bacd88bad9268d5b23d9e0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-7c6abe730384ece17ff9567f296fef91.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 23:13:18 GMT
via: 1.1 varnish
age: 8177
x-cache: HIT
content-length: 132078
x-request-id: f8700568-5fa3-4a63-a5e5-59a70b8146ff
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Tue, 14 Nov 2023 20:55:14 GMT
server: Fastly
etag: "ed8d3e78565cffb8e2a898c1640b08c7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 454

GET
H2 200 controller-3d37a1bf32dfdc6926b8724e4e3789be.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AFB8 661 KB
172 KB 14ms
14ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-3d37a1bf32dfdc6926b8724e4e3789be.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-7c6abe730384ece17ff9567f296fef91.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

dda9fec39a2f07d0c38031df65974df7ce0c1f93fd018de222c6b10a3f8784a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-7c6abe730384ece17ff9567f296fef91.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 23:13:18 GMT
via: 1.1 varnish
age: 8178
x-cache: HIT
content-length: 175835
x-request-id: 9dc0b020-7b5b-4273-8d60-7211a7311b8e
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Tue, 14 Nov 2023 20:55:11 GMT
server: Fastly
etag: "0e1344f39da3c88a0b3ac8e64062b732"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 55

POST
H2 200 csp-report
q.stripe.com/ Frame AFB8 0
718 B 561ms
180ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700003599366403
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700003599365768
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D207 603 B
245 B 213ms
212ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3525646721011012&output=html&adk=1812271804&adf=3025194257&lmt=1699857540&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbad.cards%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700003598649&bpp=3&bdt=779&idt=253&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7610657727781&frm=20&pv=2&ga_vid=267858050.1700003599&ga_sid=1700003599&ga_hid=1679796981&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31078297%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=3334160547850505&tmod=1268231704&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=301

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3525646721011012&plah=bad.cards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bad.cards/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 23:13:19 GMT
expires: Tue, 14 Nov 2023 23:13:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
86ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=jss57%20jss60&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:13:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame AFB8 474 B
613 B 21ms
6ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-cb19c42fc0cedf52edb21d84a6a3069d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3cafa4a6a4bdd00d03612719115e5a3bd6d08d55f186a7092113816105600268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-7c6abe730384ece17ff9567f296fef91.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 20
x-cache: HIT
content-length: 299
x-request-id: efd1b61d-8bcd-445a-ae35-c209b319b5a1
x-served-by: cache-fra-eddf8230036-FRA
last-modified: Tue, 14 Nov 2023 21:34:18 GMT
server: Fastly
etag: "ac5c110c1043fadd41f3c56f29b2ec82"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame AFB8 474 B
373 B 6ms
6ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-cb19c42fc0cedf52edb21d84a6a3069d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3cafa4a6a4bdd00d03612719115e5a3bd6d08d55f186a7092113816105600268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-7c6abe730384ece17ff9567f296fef91.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 20
x-cache: HIT
content-length: 299
x-request-id: 9fd5c6be-e3d3-4bd8-a23b-68206c244815
x-served-by: cache-fra-eddf8230036-FRA
last-modified: Tue, 14 Nov 2023 21:34:18 GMT
server: Fastly
etag: "ac5c110c1043fadd41f3c56f29b2ec82"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

GET
H3 200 disc_pink.svg
bad.cards/discs/ 11 KB
5 KB 133ms
133ms Image
image/svg+xml 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bad.cards/discs/disc_pink.svg
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 544014704e44a2a2dbe171c90a91208a68f6e0470fbed2f3daef43645ee122ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
x-amz-version-id: Qz2ErMSnXMJ8LtMNN7g_XH27sssClN8i
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WZWXG6B27M3PFJ7E
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4f7c131f-b88f-45c7-8ad6-97c5038d94dc
x-amz-meta-codebuild-content-md5: e5feb51efded39c3aa109aaad8fc6ebb
alt-svc: h3=":443"; ma=86400
x-amz-id-2: f5XmDvZImmbOeeiTrsvY7Tyz8Pn24sAHzup++MBz4WIM1cOvFmRZvu7AZnn0iXi30C7Hx1pPXTg=
last-modified: Mon, 13 Nov 2023 06:39:12 GMT
server: cloudflare
etag: W/"5dd72d3bd684464635d54fc98c5cb579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMDwq8bP6YFBnPBRShAt0CdoV1tUdiIExwm0Vu7C0jJ9f3FRbdEKY0jkUIx2yQ4at%2FPRFDoXexHMOp23PpnXXbYZpn6uZg0EGEUYrZprv9ChP5sUuRCCaHriX9lIy4nsNHcnhRilng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-amz-meta-codebuild-content-sha256: e1dd9a9b5bd3b026a01fc7608db17d3c15031c0a0c450ff398e521c0a81b6e5c
cf-ray: 8262f1bf0c1c3a73-FRA

GET
H3 200 beta-badge-outer.svg
bad.cards/ 2 KB
2 KB 22ms
21ms Image
image/svg+xml 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bad.cards/beta-badge-outer.svg
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3c8a4e8fa41a805ab29d9a608fd6432f648677933fa767305177363dbb3571f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
x-amz-version-id: M2XnGN98JNGU8DSHYZBpULlmCyKNZuAP
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4107
x-amz-request-id: 94S1VEWCX6MD0DJS
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4f7c131f-b88f-45c7-8ad6-97c5038d94dc
x-amz-meta-codebuild-content-md5: e5feb51efded39c3aa109aaad8fc6ebb
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wltYB7YGrs4iNxBFtSmyot4jkH8usJOezPGth0hzJZQBIcvaf2B4BdCpex0xnRHy1bwKOeDAVMU=
last-modified: Mon, 13 Nov 2023 06:39:12 GMT
server: cloudflare
etag: W/"ca17eeadec10de70d61100927e2d5cb5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhEhD8%2BSeoJWc%2Bla2WDnFBVesk8z2CCTyYGJvToGd9IHT1P80ukvwP%2B%2B08%2FlsX5ncsY1gD%2F1mjxysSmKa177wC8ZfHRma%2B6Y68PoCYfXd78a%2FAHr5lRq3NElpp94z%2B51be7BlGPuLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-amz-meta-codebuild-content-sha256: e1dd9a9b5bd3b026a01fc7608db17d3c15031c0a0c450ff398e521c0a81b6e5c
cf-ray: 8262f1bf3c343a73-FRA

GET
H3 200 beta-badge-inner.svg
bad.cards/ 8 KB
4 KB 21ms
20ms Image
image/svg+xml 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bad.cards/beta-badge-inner.svg
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95926ffbdb25e8fb63a6a44396cf79efda083ec5b1861f85324d6cff216e9566

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
x-amz-version-id: ZaoK6O3iOmO2QoxXmXjzfJhkZqPs8Knb
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4107
x-amz-request-id: CH824EQ2B045VWZP
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4f7c131f-b88f-45c7-8ad6-97c5038d94dc
x-amz-meta-codebuild-content-md5: e5feb51efded39c3aa109aaad8fc6ebb
alt-svc: h3=":443"; ma=86400
x-amz-id-2: PJaQE1gTLxdhV5HRGTzdELcEuVrnuYVJd92fAoGkAucMW4rxA60SeHGbcj6Jf4/4NHLACDTa01c=
last-modified: Mon, 13 Nov 2023 06:38:58 GMT
server: cloudflare
etag: W/"7ee87f6a03b16a4660070059b50e94b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pd0yMxtRSMH1CMF%2FlBM6PQLFYFBEyj24sOqVVP%2BAH6XbA5GqhzsWr3zUOhJ1maeeHV%2BOrFIdXYvY5la75sivSA7UI%2Bq34NNi61wiSzSdesRtCqvJp8TnWydje%2BwZ3iKE8k6NMbR2lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-amz-meta-codebuild-content-sha256: e1dd9a9b5bd3b026a01fc7608db17d3c15031c0a0c450ff398e521c0a81b6e5c
cf-ray: 8262f1bf3c353a73-FRA

GET
H3 206 bad_cards_fill.webm
bad.cards/ 670 KB
671 KB 23ms
21ms Media
video/webm 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/bad_cards_fill.webm
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0fa6b780967f67a13f45dec19174215745b2adb190f4a76da7c3a72245af4be

Request headers

Referer: https://bad.cards/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
x-amz-version-id: bnVnetmtUlpPr_jZ.qllshuulV79yn6q
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4107
x-amz-request-id: V9JC0JPSY91JKTD4
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:773389527318:build/bad-cards:4f7c131f-b88f-45c7-8ad6-97c5038d94dc
Content-Range: bytes 0-685844/685845
x-amz-meta-codebuild-content-md5: e5feb51efded39c3aa109aaad8fc6ebb
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RkUkWQiBNayGpaxmedJtgVfjyq17vtPpNv8DQ9CNCmuX1wZhuo0NGLSeOdetPhIrAjzQv48UygI=
Content-Length: 685845
last-modified: Mon, 13 Nov 2023 06:39:14 GMT
server: cloudflare
etag: "5f5078e19e8bc799b2c5919afe158394"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5nCbmqvbxvVi6RAR03L%2BQRjZbtLhn33km8sTQ6gWvibsymLMeQFqoJG6fM3eLfSOtOoS7lpQ5RfPoWzt4K4S71gcLvCgnVbQYTDtIIh8aJXk1OeiH%2B9f7X6hHYzGUFcktELLpdSLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/webm
x-amz-meta-codebuild-content-sha256: e1dd9a9b5bd3b026a01fc7608db17d3c15031c0a0c450ff398e521c0a81b6e5c
cf-ray: 8262f1bf5c473a73-FRA

GET
H2 206 2meme-all-gifs000040.mp4
static.bad.cards/tomeme/vids/ 155 KB
156 KB 101ms
9ms Media
video/mp4 2600:9000:225e:600:18:28e9:8880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bad.cards/tomeme/vids/2meme-all-gifs000040.mp4
Requested by: Host: bad.cards
URL: https://bad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:600:18:28e9:8880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a825cc978c972912e65bdc6886b656a41d85241e249667fb8ea0fe385e1f2f59

Request headers

Referer: https://bad.cards/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 14 Nov 2023 15:44:42 GMT
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 18:11:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 27066
etag: "53fbc390ba2baa460bfc7aab7e437e37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-158869/158870
accept-ranges: bytes
x-amz-cf-id: CFJLR97QfAF2uOBrTS0ZBYWXuX2zMYHew6UpwvGyn-2y3CS_leP0yg==
Content-Length: 158870

POST
H2 200 start Show response
tracking.refersion.com/ 226 B
546 B 359ms
358ms XHR
application/json 2606:4700:4400::ac40:9ad3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/start

Requested by

Host: cdn.refersion.com
URL: https://cdn.refersion.com/refersion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ad3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d57aae1fa8dc953a1b033246153b8afa5ac59bf421e7285b3213b59cf0ec906

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
Key: pub_a5fa57787d10daadcf9f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
via: 1.1 b744839339b269ebb49818cc6c300b6a.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P3
x-amzn-requestid: 4e21453b-395a-4e55-b5b2-1dc01efc05ce
x-cache: Miss from cloudfront
x-amz-apigw-id: OaTKhEFZIAMEQpg=
server: cloudflare
x-amzn-trace-id: Root=1-6553ff0f-37902f7a1b278f2a13240e1a;Sampled=0;lineage=473d8242:0
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8262f1c1bc5718f7-FRA
access-control-allow-headers: Refersion-Public-Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-cf-id: dtv_fMla7BGgSS6NHOpDqLbG4NQcT_EOIA_XJ7YjXe4Q7WPsG0zJjA==

OPTIONS
H2 200 start
tracking.refersion.com/ Frame 0
0 355ms
302ms Preflight
application/json 2606:4700:4400::ac40:9ad3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ad3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://bad.cards
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8262f1bfcb2218f7-FRA
content-length: 0
content-type: application/json
date: Tue, 14 Nov 2023 23:13:19 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 b744839339b269ebb49818cc6c300b6a.cloudfront.net (CloudFront)
x-amz-apigw-id: OaTKeG-TIAMEiNg=
x-amz-cf-id: yTEFCN-Rab0wm9EkwTrABbhmVKuz7qNEQncOpfL31Ib5WYh0WLB7kQ==
x-amz-cf-pop: AMS58-P3
x-amzn-requestid: 69f74d15-83a2-430f-9691-2dfdf6ecd575
x-cache: Miss from cloudfront

POST
H2 200 0 Show response
r.stripe.com/ Frame AFB8 0
273 B 194ms
181ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-cb19c42fc0cedf52edb21d84a6a3069d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 23:13:19 GMT
x-stripe-server-envoy-start-time-us: 1700003599451779
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1700003599451597
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AFB8 0
273 B 194ms
182ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-cb19c42fc0cedf52edb21d84a6a3069d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 23:13:19 GMT
x-stripe-server-envoy-start-time-us: 1700003599452472
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1700003599451788
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AFB8 0
272 B 192ms
180ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-cb19c42fc0cedf52edb21d84a6a3069d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 23:13:19 GMT
x-stripe-server-envoy-start-time-us: 1700003599451921
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1700003599451668
access-control-allow-credentials: true
content-length: 0

GET
H2 200 dfca008a-cf45-4836-bdd1-f2ed1d8c20c3_Backer_10_09_23_v2.png
images.prismic.io/allbadcards/ 20 KB
20 KB 55ms
13ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/allbadcards/dfca008a-cf45-4836-bdd1-f2ed1d8c20c3_Backer_10_09_23_v2.png?auto=compress,format

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

b178533c6a7443a814d51616e5bf8ccb890d09d0c13acf89637124fec1addb17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
x-content-type-options: nosniff
age: 1192132
x-cache: HIT, HIT
x-imgix-id: 85f15d25bb639d4fc9772860942477f680ab6b13
cross-origin-resource-policy: cross-origin
content-length: 20725
x-served-by: cache-sjc10026-SJC, cache-fra-etou8220105-FRA
x-imgix-render-farm: 01.140328
last-modified: Wed, 01 Nov 2023 04:04:27 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 4ec11546-2e43-47e8-b6ae-9287f9697b71_BackerStar_10_09_23_v2.png
images.prismic.io/allbadcards/ 16 KB
16 KB 52ms
11ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/allbadcards/4ec11546-2e43-47e8-b6ae-9287f9697b71_BackerStar_10_09_23_v2.png?auto=compress,format

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

77ac0fa9f3a4c31e5ea955b68642a9d59f7868b03f5fca644c449f2bf43dd600

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
x-content-type-options: nosniff
age: 170766
x-cache: HIT, HIT
x-imgix-id: 2668fbf4e890b341f4a9ee999b52be0eec1e182c
cross-origin-resource-policy: cross-origin
content-length: 16389
x-served-by: cache-sjc10031-SJC, cache-fra-etou8220105-FRA
x-imgix-render-farm: 01.140328
last-modified: Sun, 12 Nov 2023 23:47:13 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 86932cf2-4835-4404-8404-2ee104727072_BackerStar_10_09_23_v3.png
images.prismic.io/allbadcards/ 18 KB
19 KB 50ms
8ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/allbadcards/86932cf2-4835-4404-8404-2ee104727072_BackerStar_10_09_23_v3.png?auto=compress,format

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

291471ff5b9fd817bbdc8012145e5c7e82c1c7b65e5d54c888508392a6822bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
x-content-type-options: nosniff
age: 391521
x-cache: HIT, HIT
x-imgix-id: 5a8e847944f50f140f3a6098092611180d2c0a6f
cross-origin-resource-policy: cross-origin
content-length: 18912
x-served-by: cache-sjc10077-SJC, cache-fra-etou8220105-FRA
x-imgix-render-farm: 01.140328
last-modified: Fri, 10 Nov 2023 10:27:58 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 0 Show response
r.stripe.com/ Frame AFB8 0
273 B 259ms
258ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-cb19c42fc0cedf52edb21d84a6a3069d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 23:13:19 GMT
x-stripe-server-envoy-start-time-us: 1700003599542332
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1700003599542059
access-control-allow-credentials: true
content-length: 0

GET
H2 200 r.html Show response
pub-a5fa57787d10daadcf9f.tracking.refersion.com/ Frame 7B14 474 B
1 KB 60ms
8ms Document
text/html 143.204.215.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-a5fa57787d10daadcf9f.tracking.refersion.com/r.html
Requested by: Host: cdn.refersion.com
URL: https://cdn.refersion.com/refersion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-56.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 588794e29465c271a0ad76362f89ce1a8c3706e71fa8f906257377dc3bc27270

Request headers

Referer: https://bad.cards/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 44844
content-length: 474
content-type: text/html
date: Tue, 14 Nov 2023 10:46:49 GMT
etag: "4ee1a4f461751e9918a36adb0409d3f7"
last-modified: Wed, 22 Feb 2023 15:36:53 GMT
server: AmazonS3
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-id: 63r3F7tkiTxea68MadZSzN_eWBuD68SC91ACdpm99ZKCWFKBueBh4Q==
x-amz-cf-pop: FRA53-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:441910979855:build/Refersion-Tracking-Build:73628c93-f755-4b3d-8d5c-a1ebdbebadc0
x-amz-meta-codebuild-content-md5: 91ec5cf5fda69cb6cd86040e2dd38391
x-amz-meta-codebuild-content-sha256: 42d26243f1280db4b5fe4f14da9a93e79ee5c40ecaa56e39403c9417ef85fa11
x-amz-server-side-encryption: AES256
x-amz-version-id: Rv5XbA_iUkUdnH6Uf8VNfQGmC__6yAr7
x-cache: Hit from cloudfront

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 8E1A 200 B
956 B 7ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bad.cards/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 592553
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 23:13:19 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 30550
x-content-type-options: nosniff
x-request-id: fe5f168a-2b99-4582-ac2a-f57124cda808
x-served-by: cache-fra-eddf8230030-FRA

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 76ms
76ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

419ec1aa0580f514123416a8b98a458be39e31522563f3740cae489ea77d3d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12503
x-xss-protection: 0

POST
H3 204 rum Show response
bad.cards/cdn-cgi/ 0
136 B 10ms
9ms XHR
text/plain 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bad.cards/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: application/json

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://bad.cards
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8262f1c0dd6c3a73-FRA

POST
H2 200 0 Show response
r.stripe.com/ Frame AFB8 0
273 B 182ms
182ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-cb19c42fc0cedf52edb21d84a6a3069d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 23:13:19 GMT
x-stripe-server-envoy-start-time-us: 1700003599591156
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1700003599590876
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8E1A 631 B
555 B 8ms
8ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 23:13:19 GMT
via: 1.1 varnish
age: 1270495
x-cache: HIT
content-length: 399
x-request-id: 91f550a4-5695-4ed2-afc3-c7ce78676396
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 28871

POST
H2 200 csp-report
q.stripe.com/ Frame 8E1A 0
716 B 183ms
182ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700003599608119
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700003599607416
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8E1A 0
717 B 201ms
200ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700003599628137
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700003599627718
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame D03F 930 B
2 KB 82ms
17ms Document
text/html 2600:9000:25e8:a200:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25e8:a200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 144
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 23:10:56 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 03335b4388aac682bcebdd7893781376.cloudfront.net (CloudFront)
x-amz-cf-id: ORueBdxWHGBGoZWiVrspX9hftqG4ZoMt0r3W06Ed1X1MjJCWG9N3tQ==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H/1.1 200
OK xdlspma.min.js Show response
cdn.refersion.com/ Frame 7B14 2 KB
3 KB 8ms
8ms Script
application/x-javascript 143.204.215.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.refersion.com/xdlspma.min.js
Requested by: Host: pub-a5fa57787d10daadcf9f.tracking.refersion.com
URL: https://pub-a5fa57787d10daadcf9f.tracking.refersion.com/r.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-56.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd3a2ff5820c53c4fba21ec7beb8c3b752875693f720ba4a2e70a35b9d75dbdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-a5fa57787d10daadcf9f.tracking.refersion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: h14.0Y4Yu1Xl18Mzw0OfX4nX_K4xt4TO
Date: Tue, 14 Nov 2023 02:07:52 GMT
Via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Age: 75929
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:441910979855:build/Refersion-Tracking-Build:73628c93-f755-4b3d-8d5c-a1ebdbebadc0
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-codebuild-content-md5: 91ec5cf5fda69cb6cd86040e2dd38391
Content-Length: 2152
Last-Modified: Wed, 22 Feb 2023 15:36:54 GMT
Server: AmazonS3
ETag: "66303cfc2f88333c918052f78b6d0215"
x-amz-meta-codebuild-content-sha256: 42d26243f1280db4b5fe4f14da9a93e79ee5c40ecaa56e39403c9417ef85fa11
Content-Type: application/x-javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: XRovBxyUEtySWDzS85uKrIEoQEfcD95dfnuQ_oWNJbcEhGkN-Gt0tg==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 214ms
97ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 23:13:19 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame D03F 0
491 B 180ms
179ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bad.cards
URL: https://bad.cards/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 23:13:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700003599709781
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1700003599709340
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame D03F 87 KB
14 KB 22ms
21ms Script
text/javascript 2600:9000:25e8:a200:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25e8:a200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:08:47 GMT
content-encoding: br
via: 1.1 03335b4388aac682bcebdd7893781376.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 273
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: AMS1-P3
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: F25X6Ys6ix6EyArnilgkrS3vIlRPvk2a34CviqUbgbQgxGq9y_qXYg==

POST
H2 200 6 Show response
m.stripe.com/ Frame D03F 156 B
668 B 566ms
182ms XHR
application/json 34.213.255.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.255.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-255-230.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

618e540da90e93ad030619b1eee1058e3295abd03dc0171fc87bcb400e056a8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 14 Nov 2023 23:13:20 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700003600196680
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1700003600196344
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0FE2 13 KB
5 KB 53ms
51ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bad.cards/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 19:22:37 GMT
expires: Wed, 13 Nov 2024 19:22:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0464 829 B
1 KB 178ms
62ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5e7db3c60585275e4e751f8a032440b37de33120a91d8d4c7aca664cb23616ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Icvm6boDE5PoZjbKraQAvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bad.cards/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Icvm6boDE5PoZjbKraQAvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 23:13:19 GMT
expires: Tue, 14 Nov 2023 23:13:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 0FE2 39 KB
15 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 19:02:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 19:02:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0464 0
0 85ms
85ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3334160547850505&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0FE2 0
10 B 52ms
52ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?w9Bwpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:13:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 page_view Show response
tracking.refersion.com/ 247 B
499 B 224ms
223ms XHR
application/json 2606:4700:4400::ac40:9ad3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/page_view

Requested by

Host: cdn.refersion.com
URL: https://cdn.refersion.com/refersion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ad3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61e67e85a4bf0dfa1d4af9eb02090170873a1ce9b8344e1fff6b1946df73a6ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
Key: pub_a5fa57787d10daadcf9f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 14 Nov 2023 23:13:20 GMT
via: 1.1 644a5a573cbbd5ac03f5c40fa8642914.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P3
x-amzn-requestid: 4cfb967b-46fd-4ce8-b897-13ad2bebe830
x-cache: Miss from cloudfront
x-amz-apigw-id: OaTKoGYAoAMEdVQ=
server: cloudflare
x-amzn-trace-id: Root=1-6553ff10-7c4dd2cf0ed31364288f4481;Sampled=0;lineage=ecfbf259:0
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8262f1c7280018f7-FRA
access-control-allow-headers: Refersion-Public-Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-cf-id: IRZSKHqqLoArXpUbXM7kEeatkk5krkqPgW-4Vn_1T8Esb8kkEaYiWg==

OPTIONS
H2 200 page_view
tracking.refersion.com/ Frame 0
0 282ms
282ms Preflight
application/json 2606:4700:4400::ac40:9ad3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/page_view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ad3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://bad.cards
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8262f1c56eae18f7-FRA
content-length: 0
content-type: application/json
date: Tue, 14 Nov 2023 23:13:20 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 b744839339b269ebb49818cc6c300b6a.cloudfront.net (CloudFront)
x-amz-apigw-id: OaTKnFbrIAMESFA=
x-amz-cf-id: RCkdIgjorriuoaoJXtaTAfZOyddR5tdlf0zDU8KHif4sK-oS2wvWDw==
x-amz-cf-pop: AMS58-P3
x-amzn-requestid: dd233589-08d2-45a3-b342-1cc3b9318ff0
x-cache: Miss from cloudfront

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
87ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3334160547850505&bg=!eHulezTNAAZxrfrxUa07ADQBe5WfODrShxkKBI62CmKFAuOgY2n5OYj4l1Y7aJ-Wbf2oMeb0GkqcPEh2Xi0SSEPyXboOAgAAAJtSAAAABmgBB5kCx-Ac5VWPaZKvbVo_MdRscMMbJlCkc6puz15VEXzcQGBGEGDuAgegETdf8-xbIHv-IVLAaKXIc6bU3a3RbLshTgrWV4fGnYwI4wj8vxjZ0p2SQHI4jnVNiPsCSTNYHifeou4gufYfp07xht_EfR_9FowREwnSfDwsrEeY-jeUIQ-PzxCEGp0--EzsmzK5sW1sQ9YlkZw-ShpHfbDoHC_YBJFwr1w8OFrDvZPTVYOwStc9UwJ9pvJf6kEuFHDUivJE5Db0mWyS30TrQF6odt_a1hZqVYMxtUlOiXwTMrdSF2e5iSuyph__U1z-pQsFWWIutPHjgZSWmfm70eHBDWX0hUXAHTH0TuTrE0lquWaOgFXOIoxoPgC9MH2NyJfXlr8CcjMKvf-OJ1kRwE6nAEecSJ2ka_YCq3rKoY_jy4xH4U_-V3AeLwsEyPu-w_OlA7M6HZrwb8YXf8XkxpIty9TIY-b-WkNiUga1j9j9QTFkWOAGMnW9vfheIoVS4hmw7LpElWx3x0p3QCRrpavqB0ReMPN8ezmiBoLkQNtKd6D3cV-em31NHsjuLgQLhU9MzBdgKKH2VxTL94D4DribxegUMPkDZdX8FCvJU0HWsSgct4Nhzqx-xxBuc269ZPUus4JCmLWNWxU8lp8svY7L2bGekDg3t_WwbPnYQ_s8sDCT5aQOm-4-JMU-y0ZRvj1UlIkTKR4ObA0lZCeflT2vAtUO7RN3zgsYSa4V54vRrU2UlTF9SS2nTQc08Qwc-GiBulinipV5XxKO0G57Ra3TEz7YnAowEnK9EZPFJ61lQYnvcgX_IuddSzyQXRmwA3t87yulQFu7zDQlezO7XCVqwCNBaYHCxZB_ehvevnUQIaa2tEi74Tb16QeRzyT_noOSVAMoBksuh5nhdVoMbOIVGMUWHntddcJPQGCud5KGfD6h6p7H-ekjXd-qBw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bad.cards/	1970-01-21 01:49:23	Name: _ga_N3BGZ4J7BJ Value: GS1.1.1700003598.1.0.1700003598.60.0.0
.bad.cards/	1970-01-21 01:49:23	Name: _ga Value: GA1.1.267858050.1700003599
.bad.cards/	1970-01-21 01:49:23	Name: player Value: WnpGR2s1bVRNWFlsOGdMVWJWNWN2OjQ2NDA0ZTIwOTg4NTZhMTQxYTBjMzc4ZDc1MDA3ZTM3ODExMDg1MTE1ZTJlNzRhMDY1Mjc1YzYyMGUzMDIxZmYxZDkzMTRkZGNmNDkxZWFlYWNlM2RjMTE0ZTI3YmM5YjA5MzczNTk1ZWY4OWRlYmVjMDdhNTczZTI2NzM1Yzg3
.bad.cards/	1970-01-21 01:49:23	Name: email-opt-in Value: false
.doubleclick.net/	1970-01-20 16:13:24	Name: test_cookie Value: CheckForPermission
m.stripe.com/	1970-01-21 01:49:23	Name: m Value: cda56c79-2c44-4e81-9c89-c9ed44836e6a434001
.bad.cards/	1970-01-21 00:58:59	Name: __stripe_mid Value: 86e0475d-26cc-4213-ac93-4bf28663a36875ebdf
.bad.cards/	1970-01-20 16:13:25	Name: __stripe_sid Value: fb79f304-a991-41ac-bbf5-0e9dc35f1a936b1184

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript	warning	URL: https://bad.cards/ Message: The resource https://bad.cards/logo-small.png?2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bad.cards
bad.cards
cdn.refersion.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.prismic.io
js.stripe.com
m.stripe.com
m.stripe.network
pagead2.googlesyndication.com
pub-a5fa57787d10daadcf9f.tracking.refersion.com
q.stripe.com
r.stripe.com
region1.analytics.google.com
static.bad.cards
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tracking.refersion.com
web-sdk.smartlook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
143.204.215.56
151.101.64.176
2001:4860:4802:34::36
2600:9000:225e:600:18:28e9:8880:93a1
2600:9000:25e8:a200:19:7d10:bd80:93a1
2606:4700:20::681a:e02
2606:4700:20::ac43:4be2
2606:4700:4400::ac40:9ad3
2606:4700::6810:3965
2a00:1450:4001:811::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c09::9a
2a02:6ea0:c700::19
2a04:4e42:8e::720
34.213.255.230
54.187.159.182
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0d57aae1fa8dc953a1b033246153b8afa5ac59bf421e7285b3213b59cf0ec906
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1c40d668a266e8a66880d6eca00f99d1673f8b4743968c96c0446538dc1c2efd
1e77f48d11c58959d5129845bf10ce5cc3fbcfb502b8c0fa690946011927d48a
275cfaaa9a9c31fe14a1c842243be14d237cb34e2871813b2a22797dd70fd297
291471ff5b9fd817bbdc8012145e5c7e82c1c7b65e5d54c888508392a6822bde
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
364c6e60a20650f31355cab9909a27e00a69e423d725bbb52fe1c2a990e5c927
3779eac43cd022cc885fac931dc7264461205946e9cd0714877fcafe5cbc18dd
3cafa4a6a4bdd00d03612719115e5a3bd6d08d55f186a7092113816105600268
3dd4619f58b8bfd682782c288339dabbe5d0133ee2cb31396de8806cbab3c734
410ef933fcf7e164fd4d087bfbf65f43d1e55d17526a6d3496698a7911474771
419ec1aa0580f514123416a8b98a458be39e31522563f3740cae489ea77d3d68
440391b37860122098225ebe33f0845780d5a6038b433e7c75b1810fcfb17773
46dec2427dbfe9514a03b28b09d83174331052313395d5bbf447dc3487723a39
522e73d2248f8a1252d4d11ff27404fbb7bbcdd98373393784d8f746a82ba14d
544014704e44a2a2dbe171c90a91208a68f6e0470fbed2f3daef43645ee122ac
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
588794e29465c271a0ad76362f89ce1a8c3706e71fa8f906257377dc3bc27270
5e7db3c60585275e4e751f8a032440b37de33120a91d8d4c7aca664cb23616ed
5fd20b6fcf81d7413290da42a7d09f284bc97ebfead7ecffa61421b23528f6b9
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
618e540da90e93ad030619b1eee1058e3295abd03dc0171fc87bcb400e056a8c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e67e85a4bf0dfa1d4af9eb02090170873a1ce9b8344e1fff6b1946df73a6ba
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6433bb29063bf8ef44e9e8ca2037b3098cb815a7edc999d89508b5fd33f7aff9
77ac0fa9f3a4c31e5ea955b68642a9d59f7868b03f5fca644c449f2bf43dd600
8887b54060687ff8bf4347b4f88a39b5b6520dab72c36ae75b829b7b6a137a3f
8e5fe7bc9562e738195c745bfbf369d21d21381f264d99959026226ca837dbdc
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
95926ffbdb25e8fb63a6a44396cf79efda083ec5b1861f85324d6cff216e9566
a825cc978c972912e65bdc6886b656a41d85241e249667fb8ea0fe385e1f2f59
ad554a89ac5a217395a61851928b9c8499a4becd2d607a0d358393fbb42ed765
ae465644bf6af1e4b20c1356b261da760f186a7a3ccb556d269ef56d720637e3
b178533c6a7443a814d51616e5bf8ccb890d09d0c13acf89637124fec1addb17
b92eb9797455058e958ff0ceb23a9c7f56fbc2ad060b2534b2634b2e3f6a6c75
bd3a2ff5820c53c4fba21ec7beb8c3b752875693f720ba4a2e70a35b9d75dbdd
c3c8a4e8fa41a805ab29d9a608fd6432f648677933fa767305177363dbb3571f
c42a0e0f619e90020f055dba1e1e4d4249ca5e88a36cb7f5d4822f8754a193d7
c47376f789419bcfe259e750d057d24e0e6714d18fe6baf4d2bba980abee3e8c
c7614898735db085f785973dc726fcaf8ebb0894a25f370c20f15617394b2e62
d0ba8f04c0c62175a06dea5489a43f34142bba4a67d1e352897f5c3790041226
d0fa6b780967f67a13f45dec19174215745b2adb190f4a76da7c3a72245af4be
d1047ece65258d1486a216ba5b79ad966da4388b9e8d3674941faeba61630a43
d9ca1f96ff7ba29afd8520b80dbff93a386d205d07c6be3025fd17c1208108b5
dda9fec39a2f07d0c38031df65974df7ce0c1f93fd018de222c6b10a3f8784a7
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2a8c121822d107ddb54b1779867d8a8f99443e38b07cdc98eeed2fe036fa625
e3777f9dddc8c5db7056958d66d80249f1a09bf46995f53c7c3c418a5633c3fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec04d160ac358ff7fd3d11b6ad4633944d973a5fa51e0532c44aeff633599da0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f29ae1e4ea8c2af076975dda7f1d30b835973963e68f94ae3d347247e3192d2a
f626ebeaf68251da291383488ed2bb23d60e1dd2bacd88bad9268d5b23d9e0a0
f981d45f43f1c90fd39472e1ed4648205e69ffecbab12cc93eb057ca87276dce

bad.cards Open in urlscan Pro 2606:4700:20::ac43:4be2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

100 %HTTPS

83 %IPv6

14 Domains

25 Subdomains

23 IPs

3 Countries

2671 kBTransfer

6577 kBSize

8 Cookies

4 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bad.cards Open in urlscan Pro
2606:4700:20::ac43:4be2 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

100 %
HTTPS

83 %
IPv6

14
Domains

25
Subdomains

23
IPs

3
Countries

2671 kB
Transfer

6577 kB
Size

8
Cookies

81 HTTP transactions
0 data transactions