bad.cards Open in urlscan Pro
2606:4700:20::681a:f02 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bad.cards/game/light-ibis-5205
Submission: On August 02 via manual (August 2nd 2023, 1:06:05 am UTC) from US — Scanned from DE

Summary HTTP 76 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 16 domains to perform 76 HTTP transactions. The main IP is 2606:4700:20::681a:f02, located in United States and belongs to CLOUDFLARENET, US. The main domain is bad.cards.
TLS certificate: Issued by E1 on June 30th 2023. Valid for: 3 months.

This is the only time bad.cards was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700:20:... 2606:4700:20::681a:f02	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:350... 2a02:26f0:3500:12::1730:1788	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
2	143.204.215.8 143.204.215.8	16509 (AMAZON-02) (AMAZON-02)
5	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6	2600:9000:211... 2600:9000:211e:3200:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:16d0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1	143.204.215.58 143.204.215.58	16509 (AMAZON-02) (AMAZON-02)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	35.166.190.207 35.166.190.207	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:b000:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.127.187.139 3.127.187.139	16509 (AMAZON-02) (AMAZON-02)
76	26

21 2606:4700:20::681a:f02 (United States)

ASN13335 (CLOUDFLARENET, US)

bad.cards	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:12::1730:1788 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.fuseplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-8.fra53.r.cloudfront.net

cdn.refersion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:211e:3200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:16d0 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.refersion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-58.fra53.r.cloudfront.net

pub-a5fa57787d10daadcf9f.tracking.refersion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.166.190.207 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-190-207.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:b000:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.187.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-187-139.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	bad.cards bad.cards	629 KB
8	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 3459 test.cmp.quantcast.com — Cisco Umbrella Rank: 10395 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 11515	199 KB
8	stripe.com js.stripe.com — Cisco Umbrella Rank: 1858 q.stripe.com — Cisco Umbrella Rank: 17709 m.stripe.com — Cisco Umbrella Rank: 1691	149 KB
7	refersion.com cdn.refersion.com — Cisco Umbrella Rank: 26999 tracking.refersion.com — Cisco Umbrella Rank: 34764 pub-a5fa57787d10daadcf9f.tracking.refersion.com	37 KB
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 114 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204 ad.doubleclick.net — Cisco Umbrella Rank: 183	156 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	259 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 1059 api.btloader.com — Cisco Umbrella Rank: 1125	17 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	215 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130	173 KB
3	fuseplatform.net cdn.fuseplatform.net — Cisco Umbrella Rank: 16428	116 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2054	16 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1143	1 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693	303 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 372	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5772	408 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	839 B
76	16

	Domain	Requested by
21	bad.cards	bad.cards
6	cmp.quantcast.com	cdn.fuseplatform.net cmp.quantcast.com
4	tracking.refersion.com	cdn.refersion.com
4	www.gstatic.com	bad.cards www.gstatic.com
3	q.stripe.com	bad.cards
3	api.btloader.com	btloader.com
3	js.stripe.com	bad.cards js.stripe.com
3	www.googletagmanager.com	bad.cards www.googletagmanager.com
3	pagead2.googlesyndication.com	bad.cards pagead2.googlesyndication.com
3	cdn.fuseplatform.net	bad.cards cdn.fuseplatform.net
2	m.stripe.com	m.stripe.network
2	m.stripe.network	js.stripe.com m.stripe.network
2	ad-delivery.net	bad.cards
2	securepubads.g.doubleclick.net	cdn.fuseplatform.net securepubads.g.doubleclick.net
2	region1.analytics.google.com	www.googletagmanager.com
2	cdn.refersion.com	bad.cards pub-a5fa57787d10daadcf9f.tracking.refersion.com
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	test.cmp.quantcast.com	cmp.quantcast.com
1	pub-a5fa57787d10daadcf9f.tracking.refersion.com	cdn.refersion.com
1	ad.doubleclick.net	bad.cards
1	btloader.com	cdn.fuseplatform.net
1	cdn.jsdelivr.net	cdn.fuseplatform.net
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.de	bad.cards
1	stats.g.doubleclick.net	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	bad.cards
76	27

This site contains links to these domains. Also see Links.

Domain
twitter.com
instagram.com
reddit.com
patreon.com

Subject Issuer	Validity	Valid
bad.cards E1	`2023-06-30` - `2023-09-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
cdn.fuseplatform.net R3	`2023-06-20` - `2023-09-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.refersion.com Amazon RSA 2048 M01	`2023-03-13` - `2024-04-09`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-07-21` - `2023-11-16`	4 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
cmp.quantcast.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.tracking.refersion.com Amazon RSA 2048 M02	`2023-02-28` - `2023-10-10`	7 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-08-01` - `2023-11-02`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-31` - `2023-10-26`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://bad.cards/game/light-ibis-5205
Frame ID: CEA389DB1FB073343DA523AAF42D0639
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20190131/zrt_lookup.html
Frame ID: 53BBB74C2624E93756C53FFD44DC9220
Requests: 1 HTTP requests in this frame

Frame: https://pub-a5fa57787d10daadcf9f.tracking.refersion.com/r.html
Frame ID: 1D799FD78D5F0C3C9974F42028361607
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 4FA82AF57FE87929E633B6ED17540D3F
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: A30C9D4ABF4571FB9FCE8335FE1F6007
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

quandel's game | Bad Cards

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

76
Requests

100 %
HTTPS

69 %
IPv6

16
Domains

27
Subdomains

26
IPs

3
Countries

1972 kB
Transfer

6402 kB
Size

7
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://twitter.com/playbadcards/

Search URL Search Domain Scan URL

URL: https://instagram.com/playbadcards?igshid=YmMyMTA2M2Y=

Search URL Search Domain Scan URL

URL: https://reddit.com/r/allbadcards

Search URL Search Domain Scan URL

URL: http://patreon.com/allbadcards/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request light-ibis-5205 Show response
bad.cards/game/ 7 KB
3 KB 591ms
350ms Document
text/html 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/game/light-ibis-5205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 01ab2327de9853adabf2a07a2aac4ae735a33ab96bcbef3f624da170b011087c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7f026a677b1e9a17-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 02 Aug 2023 01:05:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jS9RhPHdfL2RZHQfBTsM8yb%2FjqyvCZn78P6PRDAl5pb6dxCaDjcY2TtCzTGds0eZYOZokp9KnRSxNoliu%2Bi2Uf%2BjmJr8G9ygaopS%2Fr5WeSbpKiIs%2BlT6T%2BZLu4B7vyE4lDSnZ4%2BGPg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
x-powered-by: Express

GET
H2 200 logo-small.png
bad.cards/ 77 KB
78 KB 16ms
14ms Image
image/png 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bad.cards/logo-small.png?2
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cdff1df570321b1b3b4312ed1f7ce8245b9071642ecb523d0682f962e196784b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26303
cf-polished: origSize=81343, status=vary_header_present
x-powered-by: Express
content-length: 79156
cf-bgj: imgq:85,h2pri
last-modified: Fri, 05 May 2023 20:16:24 GMT
server: cloudflare
etag: W/"13dbf-187ed8efdc0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIX6W9ZFh4r4VwFtc1mh6%2B5aWQAcbMEhkWYRQIfhFhjBCAh%2FzB%2Bc4f3%2F6yE%2FboFM5nfKQtHyWn0S2id3dtjyAMR2gOsAVR%2BUnm9uxhhNKDFPIgOgmfgtCO8ZbwczS8fzf7FgusNjyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f026a69acb29a17-FRA

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
839 B 40ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Spline+Sans:wght@300;400;700&display=swap

Requested by

Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95fa7ac51b31d3796723d8175249f59d3fe2410d397fc5a5bd892421ccf2f9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:05:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Aug 2023 01:05:59 GMT

GET
H2 200 GinJus-Regular.woff2
bad.cards/game/fonts/ 7 KB
3 KB 332ms
331ms Font
text/html 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/game/fonts/GinJus-Regular.woff2
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 01ab2327de9853adabf2a07a2aac4ae735a33ab96bcbef3f624da170b011087c

Request headers

Referer: https://bad.cards/game/light-ibis-5205
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SECe8DSRO7izrMJFIEjEYjGUuaRgmDnr3WfN1Mnz0YDYdFlHLF8B0DXkWwEORtEtVt7b5B1jhTidPDSBzTB%2Bs3Hn%2FGaWInMrNXDNJmcQZJCroN0lHtxcCp2DLGeIwXTroeV9F1lbcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bad.cards
cf-ray: 7f026a69acb49a17-FRA

GET
H2 200 Stacion-Regular.woff2
bad.cards/game/fonts/ 7 KB
3 KB 330ms
329ms Font
text/html 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/game/fonts/Stacion-Regular.woff2
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 01ab2327de9853adabf2a07a2aac4ae735a33ab96bcbef3f624da170b011087c

Request headers

Referer: https://bad.cards/game/light-ibis-5205
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2qXrstHlg2LS2%2BJwZGC3Zk%2BbegZU7reI3hwtJ%2BhahuWLcP18rPoV%2FG1iQoVPGRPTJbnY6NCiA5Dl3%2BU%2Fai1woY0E2cP%2F3JOl%2B9JocST8R7JrRe5LL9nhyDI2bJy1Me8B%2FcfKQpDJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bad.cards
cf-ray: 7f026a69acb59a17-FRA

GET
H2 200 fuse.js Show response
cdn.fuseplatform.net/publift/tags/2/2990/ 210 KB
54 KB 401ms
331ms Script
application/x-javascript 2a02:26f0:3500:12::1730:1788
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/publift/tags/2/2990/fuse.js
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:1788 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5df3be089e223cf8c4656f65ff3fe6d0a66c4e5a04f4dff8f9e3ec6cb79d4705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: gzip
last-modified: Wed, 10 May 2023 06:48:44 GMT
server: AkamaiNetStorage
etag: "8e56a155a5e547d6369bdce963694be5:1683701324.759965"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 55338
expires: Wed, 02 Aug 2023 01:35:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 287ms
251ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7099d1607eec8c148794a6878e09dd02d5cd58b3c93cd707738f9ab68f15920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50602
x-xss-protection: 0
server: cafe
etag: 7979277456436683216
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 01:05:59 GMT

GET
H2 200 cast_receiver_framework.js Show response
www.gstatic.com/cast/sdk/libs/caf_receiver/v3/ 617 KB
173 KB 47ms
24ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js

Requested by

Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

440391b37860122098225ebe33f0845780d5a6038b433e7c75b1810fcfb17773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176314
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 21:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Wed, 02 Aug 2023 01:05:59 GMT

GET
H2 200 main.46bd4fae.chunk.css
bad.cards/static/css/ 2 KB
1 KB 12ms
12ms Stylesheet
text/css 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/css/main.46bd4fae.chunk.css
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f02d21a2f2f0e91ee9eae1dc386cf82e4609a27c867acbbd5ff9d061d05f55b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31641
cf-polished: origSize=2366
x-powered-by: Express
cf-bgj: minify
last-modified: Fri, 05 May 2023 20:16:24 GMT
server: cloudflare
etag: W/"93e-187ed8efdc0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exYgK2WgVbbnakgRdSKIuSEvYfEkRSg7XvTUAVn%2FimxgKcvdfQRPpTRwpwZPJypG14geRGoJBpiwUhaLYPYkRndMgsOaeH8smFnphMllD9zaVZqFOK%2FacyT17bIGyZCgrJWS4gSpvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 7f026a69acb39a17-FRA

GET
H2 200 7.d3529c36.chunk.js Show response
bad.cards/static/js/ 1 MB
364 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/js/7.d3529c36.chunk.js?bv=1683342932144
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3cf88b31f0b9f5b69f46282b449b0182729613b97b18f87d110b1886b6e354e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26303
cf-polished: origSize=1325809
x-powered-by: Express
cf-bgj: minify
last-modified: Fri, 05 May 2023 20:16:24 GMT
server: cloudflare
etag: W/"143af1-187ed8efdc0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2Bpi7Ki%2BaAdqhg0GnEQIQYlHK4hlzoJQa1tCO9OwJz%2F%2FP6WnLcRXZgPgovxWG19EBNTckrrTR29ze3NpeT2V4b%2BMA8rHqhQndIEcASeVs9k7QXHXD6cSDN10slDXB7a0fJ5EKu0sYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 7f026a69acb69a17-FRA

GET
H2 200 main.d3529c36.chunk.js Show response
bad.cards/static/js/ 161 KB
41 KB 22ms
22ms Script
application/javascript 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/js/main.d3529c36.chunk.js?bv=1683342932144
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 569372e1e0097ae982108a5ce953a33214448a0f5a32ccf5bda05e9918d7d103

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26303
cf-polished: origSize=165229
x-powered-by: Express
cf-bgj: minify
last-modified: Fri, 05 May 2023 20:16:24 GMT
server: cloudflare
etag: W/"2856d-187ed8efdc0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwbXNH%2F9TvSGb7WwrZUyfdxmLxj63EK9DfQN9wIl89QRDkWJxr71T3lKIhj3SobGgyDmqaMrOCjlRhWSXVO2GbkDfwQr4EPUfzzt1xtqcAR5qbGOfL7ABE1Mi1ZZ4bFo8U9yWrS61A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 7f026a69acb79a17-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 106 KB
42 KB 41ms
19ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5VR86X

Requested by

Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93dd4c9f9a75223ad21e32f5724cd71cae80668ad76f1cd0f702fd5cc0760f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42272
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 00:22:19 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Aug 2023 01:05:59 GMT

GET
H/1.1 200
OK refersion.js Show response
cdn.refersion.com/ 31 KB
32 KB 59ms
8ms Script
application/x-javascript 143.204.215.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.refersion.com/refersion.js
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-8.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9ca1f96ff7ba29afd8520b80dbff93a386d205d07c6be3025fd17c1208108b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: .z6Ij8RKlWu7_TjQFcP9teRjS.tAjstL
Date: Tue, 01 Aug 2023 02:34:57 GMT
Via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Age: 81063
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:441910979855:build/Refersion-Tracking-Build:73628c93-f755-4b3d-8d5c-a1ebdbebadc0
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-codebuild-content-md5: 91ec5cf5fda69cb6cd86040e2dd38391
Content-Length: 31724
Last-Modified: Wed, 22 Feb 2023 15:36:53 GMT
Server: AmazonS3
ETag: "cc3f66d9f13a349a59672074e6354f8a"
x-amz-meta-codebuild-content-sha256: 42d26243f1280db4b5fe4f14da9a93e79ee5c40ecaa56e39403c9417ef85fa11
Content-Type: application/x-javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: aC3vUkwwAL1OpdHy9s4Dua0ZaNIchXw9Rewxtn2oM6JoWAdQRbQ3lA==

GET
H2 200 get-auth-urls Show response
bad.cards/auth/ 1012 B
917 B 349ms
349ms Fetch
application/json 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/auth/get-auth-urls?state={{REPLACEME}}
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.d3529c36.chunk.js?bv=1683342932144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a37716b0319deda3a44563d20c5d45c3cf4e4abd5e560d5c07140c8da368f8f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3f4-M00MVOVqgVC7prt0cVrYDNMUOcQ"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRGbhouICo9CM2dIqC%2FlxxQSzmLl5vrfxQC5UhyeYtCdJs1LsIVnrZrSoTf33XfWNLIjrUIlJkQ0ot4s5UOdNDlzedbwTv7uHs%2BavjEA6lgqXd7v6tS5ZAlB8MF7LXUJRMZ7CzBpTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 7f026a6aad619a17-FRA

GET
H2 200 data Show response
bad.cards/api/user/ 118 B
441 B 182ms
182ms Fetch
application/json 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/api/user/data?authTypes=patreon
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.d3529c36.chunk.js?bv=1683342932144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ad2d80f11e6bfd6808f43ef7096e0586f4843ecb67337904253692666bf012ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"76-oNEC9THb70DBV2SB9I7B3O3uewQ"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFoGAc3gX9LOhJSFGR4WHrnj%2FxJ6qv%2F2%2BzCqpJBSr82oXQwHGeJsNgeuOxjudhrXingTMckNGdZtRHFH%2B71%2F%2BRmPQK10jRMBjxS1b7hP9ZdRc7loVNMqZ5zx45sScBEWeZ3ey%2F448w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 7f026a6aad629a17-FRA

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 442ms
423ms Fetch
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bad.cards
URL: https://bad.cards/static/js/main.d3529c36.chunk.js?bv=1683342932144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50436
x-xss-protection: 0
server: cafe
etag: 2911940922254287083
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 01:05:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
87 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ

Requested by

Host: bad.cards
URL: https://bad.cards/static/js/7.d3529c36.chunk.js?bv=1683342932144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6c7760c9d2197880eb1c6b3ee3a2e1bf649d8114f505ae0ba5908bf3873fa10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88811
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 02 Aug 2023 01:05:59 GMT

GET
H2 200 0.d3529c36.chunk.js Show response
bad.cards/static/js/ 24 KB
8 KB 16ms
15ms Script
application/javascript 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/js/0.d3529c36.chunk.js?bv=1683342932144
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f3c11812f0aed002969d975616b87782444dab7825f0675c6c322a4921b3fe6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36494
cf-polished: origSize=25126
x-powered-by: Express
cf-bgj: minify
last-modified: Fri, 05 May 2023 20:16:24 GMT
server: cloudflare
etag: W/"6226-187ed8efdc0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NnI68ydDGvxz7yVe8EnHAV7mIhpDgqsrbER8VlrO1CHJ7zeH74yjt2ozvf%2BuEf4qZ%2FqApANWqNc7UtyT3%2BGt24Gpr1GhQjTSzaQUPwT7CRON1N3CUYs1p%2F7fm0nfzMb9uqvir7seQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 7f026a6b5dc89a17-FRA

GET
H2 200 1.d3529c36.chunk.js Show response
bad.cards/static/js/ 2 KB
1 KB 15ms
14ms Script
application/javascript 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/js/1.d3529c36.chunk.js?bv=1683342932144
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5ef1933e7107348fec2060a091034eecbf976cd4ac6751a4f2b328d3850ddc2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22072
cf-polished: origSize=1713
x-powered-by: Express
cf-bgj: minify
last-modified: Fri, 05 May 2023 20:16:24 GMT
server: cloudflare
etag: W/"6b1-187ed8efdc0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlUHMxEsBWoQekeyVqbR6cLN7eznnstTxh3yJuND1fYyBGiL3kI5hbL1pZNuSSXTmq2gnFK2MFMb7y1dg2oBAaCZvO8wxd3dN9xJyQk5eAawHfq4puzV0nkqKgBvQhQKGzax0qu38A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 7f026a6b5dc99a17-FRA

GET
H2 200 2.d3529c36.chunk.js Show response
bad.cards/static/js/ 91 KB
27 KB 17ms
17ms Script
application/javascript 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/js/2.d3529c36.chunk.js?bv=1683342932144
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ca0b6c78ad4aa54141925b1e2d45c4de0554867e1ef9e9cfc15fd14806e0cde7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26180
cf-polished: origSize=93188
x-powered-by: Express
cf-bgj: minify
last-modified: Fri, 05 May 2023 20:16:24 GMT
server: cloudflare
etag: W/"16c04-187ed8efdc0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bS4GvOsodHvLH5fzcnSWtsNzwpCD9WHMHaagRbOTORPbr2gmAiE6DLWvn0EAwdiw4J9ejIETUMuylytHjTmW9tPe%2BqQuG3wGzkqbSSm6LS8RdKj%2F0cTuIVhoQ77n30SeodL4Kbi7LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 7f026a6b5dcb9a17-FRA

GET
H2 200 3.d3529c36.chunk.js Show response
bad.cards/static/js/ 68 KB
19 KB 16ms
15ms Script
application/javascript 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/js/3.d3529c36.chunk.js?bv=1683342932144
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d2a39640dfd1f1ece2d919d9a697870506fc82668cabe5470d7179e4773b1677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36494
cf-polished: origSize=69706
x-powered-by: Express
cf-bgj: minify
last-modified: Fri, 05 May 2023 20:16:24 GMT
server: cloudflare
etag: W/"1104a-187ed8efdc0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkGmsD%2FU65B30r5tnG8OW6O7WngvelJJeyWlBvIYwSittvzsCJi3X2L2O%2FbbBtwbZzo%2Fg%2F5gS5VMPbTaoYIvx7cgqjZD2gq1%2Fa4ml1%2FNK%2Bs9G8UXW%2Bc6WkTUrjxbgD6QFlV831MYwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 7f026a6b5dcd9a17-FRA

GET
H2 200 20.d3529c36.chunk.js Show response
bad.cards/static/js/ 3 KB
2 KB 14ms
13ms Script
application/javascript 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/js/20.d3529c36.chunk.js?bv=1683342932144
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0a0e64cbc4d3796fc31161f21d71d6d9855dba9445ef26c321ee5cb09f74731c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22072
cf-polished: origSize=3621
x-powered-by: Express
cf-bgj: minify
last-modified: Fri, 05 May 2023 20:16:24 GMT
server: cloudflare
etag: W/"e25-187ed8efdc0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4N7LoBey1aRJnu3F88UBlzshu4wjy3ZzZVFZddEAT5zoY2SkIEZfg%2FUZ%2FfbbGZGLNfKayoLUy4AwQjHX%2FtJs8MQvUBvEjR%2FLTrjr42Iqpj6KpsvSbnmYcZUElL%2FS7KjNqksoYjsg4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 7f026a6b5dce9a17-FRA

GET
H2 200 v3 Show response
js.stripe.com/ 517 KB
144 KB 24ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: bad.cards
URL: https://bad.cards/static/js/7.d3529c36.chunk.js?bv=1683342932144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

55f2cdbccc20baf836d4103c14d823cff2f7530d7ecb59b84d43b9c516c04432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 02 Aug 2023 01:05:59 GMT
via: 1.1 varnish
age: 29
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 147081
x-request-id: 79dadc68-ea97-43a4-bce2-c488039f7caf
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 01 Aug 2023 18:04:45 GMT
server: Fastly
etag: "603a0e99783616d6d67602a33c9c93da"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 logo.svg
bad.cards/ 42 KB
17 KB 16ms
15ms Image
image/svg+xml 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bad.cards/logo.svg
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ad0164b4b831605b7e1908c2f7d0b818f2d7f7e55770471ca71c49a1e56e5376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 20:16:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26302
x-powered-by: Express
etag: W/"a86b-187ed8efdc0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Im4rz2WAZKUAWTVKh4Ly9SaJbnikRU9spR2QXxb0ud4C6DmWSDwtmi3Gamow27gRlaieVXGP4eAmbx%2F5yheA0z7GpGMFmU5XeDvMEOob75mo645%2F6%2FO1T2GVPfi2nZzPWMtUIOH5fA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7f026a6b7de49a17-FRA

GET
H2 200 logo_arc.svg
bad.cards/ 100 KB
38 KB 20ms
18ms Image
image/svg+xml 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bad.cards/logo_arc.svg
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f85fa979ce48121c43d0f46cd5d163e092ce7aaa1ecdbc7c50baea412c5d76a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 20:16:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26302
x-powered-by: Express
etag: W/"18e6d-187ed8efdc0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKqiOWxqIZmLz%2BlpuiX4Z1Jp3UuEOGxZfOVKCPfpHg6VDGycYki%2BSc2XNHP%2FNkP1lDRuOFZOLRhAPMRENE%2BEORhc7tn0CracN%2FuMEnmbYld5pc2TpS4NeZ3M6o5H1Wb63toBqQmL1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7f026a6b7de59a17-FRA

GET
H2 200 get-auth-urls Show response
bad.cards/auth/ 1012 B
766 B 329ms
328ms Fetch
application/json 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/auth/get-auth-urls?state={{REPLACEME}}
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.d3529c36.chunk.js?bv=1683342932144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a37716b0319deda3a44563d20c5d45c3cf4e4abd5e560d5c07140c8da368f8f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3f4-M00MVOVqgVC7prt0cVrYDNMUOcQ"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBUayMBTQTIzYPTev9OVk%2BanlxckzlF468C%2FKLd9iL9gEV0QEtGHqHhXK70kKjjtS4O3SRxz%2FUP0R2IE7o8JUTkUp6yf2dr2t4MVqHYhEcHCHqjwOnDWaRtTFQfbQgOkoAW7E0AfxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 7f026a6b7de09a17-FRA

GET
H2 200 register Show response
bad.cards/api/user/ 32 B
575 B 327ms
327ms Fetch
application/json 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/api/user/register
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.d3529c36.chunk.js?bv=1683342932144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1e9cba781456458dd78bfad56ad1b7c4d6cd1723ba315cec63e84008ecebff08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"20-ekXFzkCxaI4GFjVfUSaUZA/vKG4"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzKSRCm0C4JfEkrCr9WjEZRmihRnZSf5cxrocWl56UQWuTD9oSDfExhOvtnT3q%2B65bHiP67gzya71OezUTHWOuWUCUV0t8HVcs832T84%2B%2FmvbWUjITUKu42P2UjvjYR6HzLPRY4EZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 7f026a6b7de19a17-FRA
content-length: 32

GET
H2 200 Stacion-Regular.45ccf7d7.woff2
bad.cards/static/media/ 17 KB
18 KB 482ms
481ms Font
font/woff2 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/static/media/Stacion-Regular.45ccf7d7.woff2
Requested by: Host: bad.cards
URL: https://bad.cards/static/css/main.46bd4fae.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6433bb29063bf8ef44e9e8ca2037b3098cb815a7edc999d89508b5fd33f7aff9

Request headers

Referer: https://bad.cards/static/css/main.46bd4fae.chunk.css
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:06:00 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 05 May 2023 20:16:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"45c0-187ed8efdc0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2C7cFa07wRIdlqYon3qBA%2FBikAjvuDvwKXOUVk%2BAO2yOZY3zCB00GVkBZ7tSN20CZRL%2FNZ6DI12IXrEplXDas%2F0xxRQnTsOqFhflADqewIxIQQxcJN0%2BbfW6fTtos3ajn8mn3Zdnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://bad.cards
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f026a6b8df79a17-FRA
content-length: 17856

GET
H2 200 _6_7ED73Uf-2WfU2LzycEbAimC0.woff2
fonts.gstatic.com/s/splinesans/v9/ 56 KB
57 KB 34ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/splinesans/v9/_6_7ED73Uf-2WfU2LzycEbAimC0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Spline+Sans:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e77f48d11c58959d5129845bf10ce5cc3fbcfb502b8c0fa690946011927d48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bad.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 03:49:28 GMT
x-content-type-options: nosniff
age: 335791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57612
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:54:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 03:49:28 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
87 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5VR86X

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2623a2ec9fe02f64a3f1898199700a175b7eaefd700dc7c0ad303fdb52abe1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88905
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 02 Aug 2023 01:05:59 GMT

GET
H2 200 get Show response
bad.cards/api/game/ 1 KB
986 B 190ms
190ms Fetch
application/json 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/api/game/get?gameId=light-ibis-5205
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.d3529c36.chunk.js?bv=1683342932144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f5674b769f4432086b6464284e6f197f5497158c1d1421e5e149d5e779a2b005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"52a-8rXwPfT9LqwtP01p0Qqm/FRjB4Y"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJSy4CkREDxjvHMXi6nAADTq5mim1sjCxBEM861iUfQOpGCF0DFje%2FxE%2FFZDoBRvN4wCxQqU3eSn7oi5UodC2OSQCEYDS0uoET9InCiwJNFzuoJPyiwYPI3ZF5yVgqnYQshSqKzfzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 7f026a6bce1f9a17-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
249 B 36ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N3BGZ4J7BJ&gtm=45je37v0&_p=44144017&_gaz=1&cid=19084513.1690938360&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fgame%2Flight-ibis-5205&sid=1690938359&sct=1&seg=0&dl=https%3A%2F%2Fbad.cards%2Fgame%2Flight-ibis-5205&dt=Bad%20Cards%20%7C%20good%20games%20for%20your%20bad%20side.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 01:05:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bad.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 59ms
20ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N3BGZ4J7BJ&cid=19084513.1690938360&gtm=45je37v0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 01:05:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bad.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 42ms
20ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N3BGZ4J7BJ&cid=19084513.1690938360&gtm=45je37v0&aip=1&z=184048914

Requested by

Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 01:05:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307260101/ 361 KB
124 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3525646721011012&plah=bad.cards

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f46f64fe103c81bf09340bcb13d1301271d1ac9057f4cd17f00d8deb2f3c82ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126407
x-xss-protection: 0
server: cafe
etag: 14379647733182780362
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 01:05:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230731/r20190131/ Frame 53BB 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230731/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bad.cards/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Aug 2023 23:56:20 GMT
etag: 12368291122986407432
expires: Tue, 15 Aug 2023 23:56:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 get-packnames Show response
bad.cards/api/game/ 25 KB
3 KB 188ms
188ms Fetch
application/json 2606:4700:20::681a:f02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bad.cards/api/game/get-packnames?type=all_bad
Requested by: Host: bad.cards
URL: https://bad.cards/static/js/main.d3529c36.chunk.js?bv=1683342932144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0c88a854b71e5eb71586f77b2c041cb3a397671f8c25ef3b780545b4e34d0fb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/game/light-ibis-5205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:06:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"6509-jxEA0zGjOL/FqKBHJ1qbL0EyghA"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJkKBe4p6TkyPBzkt2w5IiaYw7%2Fw9QKC%2FkLqtqBdX5plOQYWnnlPlX%2BYzd5%2FgExP%2FNoqKY2IYHeTdXjqkJVhJQXLDTQQUUfTEbI%2FhLsV9P5Sp%2FhO4Yjfsgn733L0gVE63HPT3e%2FiDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 7f026a6d0ede9a17-FRA

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ 4 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: bad.cards
URL: https://bad.cards/static/js/7.d3529c36.chunk.js?bv=1683342932144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Aug 2023 01:05:59 GMT

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/PRrmquD1Ggcb1/bad.cards/ 10 KB
4 KB 504ms
406ms XHR
application/javascript 2600:9000:211e:3200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/bad.cards/choice.js?tag_version=V2
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2990/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bdac68294ee1f89d0d32a920adb9cabc2ec217f6b11a27771cd6687da4d1ce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:06:01 GMT
content-encoding: br
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 19 May 2023 10:51:41 GMT
server: AmazonS3
etag: W/"96ba7511e31bec393e970423895eab7f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://bad.cards
cache-control: max-age=3600
access-control-allow-credentials: true
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-amz-cf-id: Ipgwis8PrM37zhEx5dy6EICONnR3QPgs9sf_3CaEB9NEyhlrY7c0Aw==

GET
H2 200 prebid-ca15ee8536823af6754149175f80d9ca.js Show response
cdn.fuseplatform.net/prebid/ 200 KB
62 KB 17ms
16ms Script
application/x-javascript 2a02:26f0:3500:12::1730:1788
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/prebid/prebid-ca15ee8536823af6754149175f80d9ca.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2990/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:1788 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9b2c3e96147e12d5456821714ff2369124c4a8747f7a78e78f16858abaf0a3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: gzip
last-modified: Tue, 07 Mar 2023 01:07:55 GMT
server: AkamaiNetStorage
etag: "6927135cb9dc0b0e816b7d8d64e074d0:1678151275.293463"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400000
accept-ranges: bytes
content-length: 62758
expires: Tue, 28 Apr 2026 01:05:59 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 113ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2990/fuse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

784b336ed99187c48f39e9be0ab9a5f790cb784c33bd466f66ce56a0703d9c60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27967
x-xss-protection: 0
server: cafe
etag: 518 / 19571 / m202307270101 / config-hash: 170395042154866854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 01:05:59 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
210 B 53ms
15ms Fetch
text/plain 2a02:26f0:3500:12::1730:1788
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?v=1&ttm=1690938359891&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=78c0fed0-27e0-591e-974c-1d54e27af1e5&fid=2990&pubid=7&url=https%3A%2F%2Fbad.cards%2Fgame%2Flight-ibis-5205&sid=c4de3253cdae0ad9abc2&srate=100&adserver=gpt&etm=1184&e=fuse-load
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2990/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:1788 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:05:59 GMT
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Origin
content-type: text/plain
access-control-allow-origin: https://bad.cards
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1
expires: Wed, 02 Aug 2023 01:35:59 GMT

GET
H3 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ 35 KB
12 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Wed, 02 Aug 2023 01:06:00 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/115/ 51 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/115/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 11:41:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15373
x-xss-protection: 0
last-modified: Mon, 15 May 2023 15:08:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 02 Aug 2023 11:41:49 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 55ms
17ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230802

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-ca15ee8536823af6754149175f80d9ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad85c3296d94914b82fe993329a448e123092e5e41e7e66e172d34f2da3ddaab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Aug 2023 01:06:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32715
x-jsd-version: 1.0.1768
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1674-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"63e-x9eoI7eHXQf2tWo8w/X0Jkb4F+E"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YU6lEaP3LXIRcPG5OHwFo%2FaZTk1nFK9clUMzjx5OhXD%2ByTYQRp0%2FCT%2Bs7enILYVPyUi5NG3US2PdJuoQ9zSqxZVbNFKyBekEiQ0Y0KyFm1g5onhlXhk4fxvEnp1l4P%2BD96pU0j6R0tQFOFO3kQA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7f026a6e6c159006-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/ 387 KB
123 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ade4279c3b32472f61c35484d70ba1cec2deea85e6061832e6998dfad85e85c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 19:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19440
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125684
x-xss-protection: 0
server: cafe
etag: 12611934720420487755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 31 Jul 2024 19:42:00 GMT

GET
H2 200 tag Show response
btloader.com/ 71 KB
17 KB 49ms
15ms Script
application/javascript 2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2990/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc3f53cde5ef15e870c94b2532fb0a626fb3a086c9c5a426438a9ac7be26a0f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:06:00 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 00:57:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 457
etag: W/"bb19d8ed7ccde2859b0f2f1339afd8f9"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwatGeEoeH5nfj%2BL21by5l8jLlBIUyzb4WJyLvxHzWGiWprpNxGhl4fpVGiOO8uQF84C4AmU%2FNJEOjFuE3JfMd4iP0XBtZXG8FkZGeXoq9ApFgFkRfZ9VsYeESUoeleFOipCIgGBCmkWnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7f026a6ecf5f9c10-FRA

POST
H2 200 start Show response
tracking.refersion.com/ 225 B
547 B 360ms
359ms XHR
application/json 2606:4700::6812:16d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/start

Requested by

Host: cdn.refersion.com
URL: https://cdn.refersion.com/refersion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:16d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e9b10d4bf2481b8e296edcaf02f535a3fe1c3f53454d4ac5784d8d1b21ccbb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
Key: pub_a5fa57787d10daadcf9f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 02 Aug 2023 01:06:00 GMT
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: bb8de412-4952-4291-ae42-52c0a85dbe2a
x-cache: Miss from cloudfront
x-amz-apigw-id: JAfO6EyfoAMF0Sw=
server: cloudflare
x-amzn-trace-id: Root=1-64c9abf8-7f17b8383c5b2616718c79af;Sampled=0;lineage=473d8242:0
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7f026a70ee4091ed-FRA
access-control-allow-headers: Refersion-Public-Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-cf-id: SKJs1vrx1XKR_nYkSfzD0SGEOkUVU9s_VCvJO97nbEUgIXSvEG38TQ==

OPTIONS
H2 200 start
tracking.refersion.com/ Frame 0
0 340ms
305ms Preflight
application/json 2606:4700::6812:16d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:16d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://bad.cards
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers: Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7f026a6f0cb391ed-FRA
content-length: 0
content-type: application/json
date: Wed, 02 Aug 2023 01:06:00 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
x-amz-apigw-id: JAfO3ENeoAMF4_A=
x-amz-cf-id: ouLnmiTzIIpZQha9ybTYo-UQKThbcF1oh4mjSYjAN8nIkqUY6BjtRw==
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 8a142b3a-4f4c-4564-ade9-b3c5b6617f1c
x-cache: Miss from cloudfront

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 152ms
117ms Fetch 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Aug 2023 01:06:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
938 B 53ms
18ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205/join
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:06:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1647732
x-guploader-uploadid: ADPycdv-FMCoA4KLF_5In1-OoPsYu53zkDZvbuOri95hq2PMfFmQ8af2Y_SqrnR1-Svoiud9uVO4nDe2yKOKgzVc1Ox0XrqdWAkd
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oxMXNi4ZKSBkPJ7DLfuVEwOLWAnEgP3b30dSxbdCeGiq3stkWqi%2FbMuxLxlSypvg7bs6DWzj1V1Hgum%2FYJhEaJ%2BSr%2B%2FyFjQJL5D7DWN36eCkZ4AOOJbBt50SV2Lg%2B36tnY2GYHY1TKWpYWZiw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7f026a6f2c4f1cb7-FRA
expires: Thu, 13 Jul 2023 23:59:53 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 41ms
6ms Image
image/x-icon 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205/join

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Aug 2023 21:43:52 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
343 B 53ms
19ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7973008786388696
Requested by: Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205/join
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:06:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1647732
x-guploader-uploadid: ADPycdv-FMCoA4KLF_5In1-OoPsYu53zkDZvbuOri95hq2PMfFmQ8af2Y_SqrnR1-Svoiud9uVO4nDe2yKOKgzVc1Ox0XrqdWAkd
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJwl17Z8PP2bDFcIbi7JSIWz5NwGvutp7x6LVh02n%2FErtlnnu0cc9yvGj6uZNojl%2BzBdmzG9%2B9q%2BVBVeBZuKL%2Fg2Q75eebjcCbYh3bqQ%2BEKdi7Pk9zrIDurjRxm4LltMe%2FVbLY4rP7yOvBsqLg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7f026a6f2c511cb7-FRA
expires: Thu, 13 Jul 2023 23:59:53 GMT

GET
H2 200 r.html Show response
pub-a5fa57787d10daadcf9f.tracking.refersion.com/ Frame 1D79 474 B
1 KB 48ms
6ms Document
text/html 143.204.215.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-a5fa57787d10daadcf9f.tracking.refersion.com/r.html
Requested by: Host: cdn.refersion.com
URL: https://cdn.refersion.com/refersion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-58.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 588794e29465c271a0ad76362f89ce1a8c3706e71fa8f906257377dc3bc27270

Request headers

Referer: https://bad.cards/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 24532
content-length: 474
content-type: text/html
date: Tue, 01 Aug 2023 18:17:09 GMT
etag: "4ee1a4f461751e9918a36adb0409d3f7"
last-modified: Wed, 22 Feb 2023 15:36:53 GMT
server: AmazonS3
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
x-amz-cf-id: 2q4nKf_KfA1J9YiV_2FO9ONzu6B3jVoQc3vLog1lX0XPfqgezupeVw==
x-amz-cf-pop: FRA53-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:441910979855:build/Refersion-Tracking-Build:73628c93-f755-4b3d-8d5c-a1ebdbebadc0
x-amz-meta-codebuild-content-md5: 91ec5cf5fda69cb6cd86040e2dd38391
x-amz-meta-codebuild-content-sha256: 42d26243f1280db4b5fe4f14da9a93e79ee5c40ecaa56e39403c9417ef85fa11
x-amz-server-side-encryption: AES256
x-amz-version-id: Rv5XbA_iUkUdnH6Uf8VNfQGmC__6yAr7
x-cache: Hit from cloudfront

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 4FA8 200 B
810 B 7ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bad.cards/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 18150812
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 02 Aug 2023 01:06:00 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 30744
x-content-type-options: nosniff
x-request-id: ef5668f9-ed74-44e1-aac8-befad9494fad
x-served-by: cache-fra-eddf8230060-FRA

GET
H3 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4FA8 631 B
757 B 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 02 Aug 2023 01:06:00 GMT
via: 1.1 varnish
age: 4679446
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 396
x-request-id: e6af6c25-da90-4d49-8825-03ea808dcf1e
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Thu, 08 Jun 2023 20:06:50 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 30067

POST
H2 200 csp-report
q.stripe.com/ Frame 4FA8 0
717 B 523ms
175ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 02 Aug 2023 01:06:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1690938360673841
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1690938360673628
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4FA8 0
718 B 523ms
175ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 02 Aug 2023 01:06:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1690938360674093
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1690938360673674
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame A30C 930 B
1 KB 8ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 270
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 02 Aug 2023 01:06:00 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 59
x-content-type-options: nosniff
x-request-id: bcc9cdd2-fdd9-4454-9519-9ea78dd23fa6
x-served-by: cache-fra-eddf8230060-FRA
x-timer: S1690938360.243684,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame A30C 0
491 B 509ms
176ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bad.cards
URL: https://bad.cards/game/light-ibis-5205

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 02 Aug 2023 01:06:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1690938360674795
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1690938360673709
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame A30C 87 KB
15 KB 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 02 Aug 2023 01:06:00 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 117
x-cache: HIT
content-length: 15509
x-request-id: adf9ec49-ba7a-4181-bccc-a563c5beb3fa
x-served-by: cache-fra-eddf8230060-FRA
server: Fastly
x-timer: S1690938360.256254,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 28

GET
H/1.1 200
OK xdlspma.min.js Show response
cdn.refersion.com/ Frame 1D79 2 KB
3 KB 8ms
7ms Script
application/x-javascript 143.204.215.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.refersion.com/xdlspma.min.js
Requested by: Host: pub-a5fa57787d10daadcf9f.tracking.refersion.com
URL: https://pub-a5fa57787d10daadcf9f.tracking.refersion.com/r.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-8.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd3a2ff5820c53c4fba21ec7beb8c3b752875693f720ba4a2e70a35b9d75dbdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-a5fa57787d10daadcf9f.tracking.refersion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Tue, 01 Aug 2023 18:17:09 GMT
x-amz-version-id: h14.0Y4Yu1Xl18Mzw0OfX4nX_K4xt4TO
Via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Age: 24532
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:441910979855:build/Refersion-Tracking-Build:73628c93-f755-4b3d-8d5c-a1ebdbebadc0
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-codebuild-content-md5: 91ec5cf5fda69cb6cd86040e2dd38391
Content-Length: 2152
Last-Modified: Wed, 22 Feb 2023 15:36:54 GMT
Server: AmazonS3
ETag: "66303cfc2f88333c918052f78b6d0215"
x-amz-meta-codebuild-content-sha256: 42d26243f1280db4b5fe4f14da9a93e79ee5c40ecaa56e39403c9417ef85fa11
Content-Type: application/x-javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: dKknKGmX9QB4o0C56ZKMOM-A8NYTBT5VTRZsGfQwdtQNqmxIVY34qA==

GET
H2 200 country Show response
api.btloader.com/ 16 B
141 B 118ms
117ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:06:00 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 118ms
118ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=G8HJIkRO9&w=5151581165584384&o=5708166709903360&cv=2.1.16-1-g6ebe2ee&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fbad.cards%2Fgame%2Flight-ibis-5205%2Fjoin&sid=YLpjfrQKu&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Aug 2023 01:06:00 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

POST
H2 200 6 Show response
m.stripe.com/ Frame A30C 156 B
670 B 522ms
177ms XHR
application/json 35.166.190.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.190.207 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-190-207.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

41aaafc5e647e3224f2fe0df7e41e79b288cd09ee80bf53ee15886a2a3bffe46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 02 Aug 2023 01:06:00 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1690938360764799
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1690938360764500
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/PRrmquD1Ggcb1/bad.cards/ 10 KB
4 KB 414ms
400ms Script
application/javascript 2600:9000:211e:3200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/bad.cards/choice.js?tag_version=V2
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2990/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bdac68294ee1f89d0d32a920adb9cabc2ec217f6b11a27771cd6687da4d1ce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:06:01 GMT
content-encoding: br
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Fri, 19 May 2023 10:51:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"96ba7511e31bec393e970423895eab7f"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: NsZ1erTgcv5RM7iUROlDvICvnWEvvRGcrpRSax3oFzrVdIuvkv-LKg==

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/46/ 178 KB
44 KB 7ms
7ms Script
text/javascript 2600:9000:211e:3200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/46/cmp2.js?referer=bad.cards
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/bad.cards/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d91ffbdea8ecad30d07d2b6a979be09556cc16c50bc643fd96c749b2621c14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:48:17 GMT
content-encoding: br
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 170264
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 08 Feb 2023 17:32:16 GMT
server: AmazonS3
etag: W/"15d537792bfc5eb18136ef129a7ec0a5"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: CRGkn0gwKtip9jAsRtH6zI8Yqgr5Xy8v5R6ZBn3nACe8iJc3YKXUUw==

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 50ms
7ms XHR
application/json 2600:9000:225e:b000:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/46/cmp2.js?referer=bad.cards
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b000:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 034459651dfe7dd9d35633ce1e7da053b4b385a896edfadb4998c34d929fbf8c

Request headers

Accept: application/json, text/plain, */*
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 03:00:40 GMT
x-amz-version-id: sZOpapdV9juBv7KR_zAAJcZEP70BCQzW
content-encoding: br
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 79521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 28 Jul 2023 19:52:29 GMT
server: AmazonS3
etag: W/"cc0351f16a68f48b69c6fad79669223f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: wen7aAwNo4Q_7MMkwXDLNEmR0WHDJzsqDQU0FAXitZHEjrlGnEKrPw==

POST
H2 200 page_view Show response
tracking.refersion.com/ 246 B
452 B 349ms
348ms XHR
application/json 2606:4700::6812:16d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/page_view

Requested by

Host: cdn.refersion.com
URL: https://cdn.refersion.com/refersion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:16d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a0bfc7c90d91e04b6a8c6128f8da5c2553d237facd9513f2bf03b0b32ca3402

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
Key: pub_a5fa57787d10daadcf9f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 02 Aug 2023 01:06:01 GMT
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: d6484969-eb93-44c2-84bd-95c49b49b6fc
x-cache: Miss from cloudfront
x-amz-apigw-id: JAfPAEAWIAMFmxQ=
server: cloudflare
x-amzn-trace-id: Root=1-64c9abf9-02a14bec354f32062768fb79;Sampled=0;lineage=ecfbf259:0
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7f026a75191f91ed-FRA
access-control-allow-headers: Refersion-Public-Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-cf-id: _b031eZV1AqWo-nmvsZM8p2qSYli8BsFXn1fekPeDyqzD5DdmmNayw==

OPTIONS
H2 200 page_view
tracking.refersion.com/ Frame 0
0 302ms
302ms Preflight
application/json 2606:4700::6812:16d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/page_view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:16d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://bad.cards
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers: Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7f026a733ffa91ed-FRA
content-length: 0
content-type: application/json
date: Wed, 02 Aug 2023 01:06:01 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
x-amz-apigw-id: JAfO9EEGoAMFi9A=
x-amz-cf-id: q0Jt1uE-rZ0AHMA-M1_rouPKAVOJYyOwJuRxxiaKCxFu8Fyr2cfijw==
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 0ee621a3-1591-4ba3-a907-b39d021c1d16
x-cache: Miss from cloudfront

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/46/ 248 KB
65 KB 7ms
6ms Script
text/javascript 2600:9000:211e:3200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/46/cmp2ui-en.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/46/cmp2.js?referer=bad.cards
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b15c094a683c050f4de3a028a8d461c800b7b8af0159eccfb27bbfb36563982c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 19:05:36 GMT
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 21624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Wed, 08 Feb 2023 17:32:24 GMT
server: AmazonS3
etag: W/"56cdb8d3d5e2ab2d10d42277297ff84e"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: EGgajBxtWxdesFefCiXdJZBgTJZQfnUFvAA4Gd-276dXpx6fqGRagw==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 355 KB
47 KB 7ms
7ms XHR
application/json 2600:9000:211e:3200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/46/cmp2.js?referer=bad.cards
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2599d6db77edd5d83a4e9ad218c9460ae499e3ff9019cdce6bf6f229a3f77c66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 03:00:41 GMT
content-encoding: gzip
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 79520
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 28 Jun 2023 15:58:34 GMT
server: AmazonS3
etag: W/"7627aa0ffd91ae8f4e90145601487f02"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: N_EKBE76RQmOfSS2rWrIkMjUkH4cOQS2k78-060mBHalF0IFdyWfGw==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 139 KB
32 KB 12ms
12ms XHR
application/json 2600:9000:211e:3200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/46/cmp2.js?referer=bad.cards
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c2b039c1edad85f9e3b6d2a427c48b60653ce0b9f521fe4b86aa705ed30757a

Request headers

Accept: application/json, text/plain, */*
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 03:00:29 GMT
content-encoding: br
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 79532
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 01 Aug 2023 03:00:26 GMT
server: AmazonS3
etag: W/"b83fc0ca20016ef1396c4e723599758b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: Abf88bLsWmV055X-W13oep-xq4SDaktwxF1821bC0UfZKu4Ved_s6Q==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N3BGZ4J7BJ&gtm=45je37v0&_p=44144017&cid=19084513.1690938360&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dp=%2Fgame%2Flight-ibis-5205%2Fjoin&sid=1690938359&sct=1&seg=1&dl=https%3A%2F%2Fbad.cards%2Fgame%2Flight-ibis-5205%2Fjoin&dt=Bad%20Cards%20%7C%20good%20games%20for%20your%20bad%20side.&en=page_view&_ee=1&_et=185
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N3BGZ4J7BJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bad.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 01:06:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bad.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 36ms
7ms XHR
text/plain 3.127.187.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22PRrmquD1Ggcb1%22%2C%22domain%22%3A%22bad.cards%22%2C%22publisher%22%3A%22bad%20cards%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.46%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22QwZySuI2p7o7GfkbE%2Fv8VA%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1690938360932%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-hsm94aq4vxwd23hw3l9c%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/46/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.187.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-187-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://bad.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Aug 2023 01:06:00 GMT
content-length: 2
content-type: text/plain; charset=utf-8

POST
H2 200 6 Show response
m.stripe.com/ Frame A30C 156 B
669 B 175ms
174ms XHR
application/json 35.166.190.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.190.207 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-190-207.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

41aaafc5e647e3224f2fe0df7e41e79b288cd09ee80bf53ee15886a2a3bffe46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 02 Aug 2023 01:06:04 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1690938364775152
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1690938364774567
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bad.cards/	1970-01-20 23:18:18	Name: _ga Value: GA1.1.19084513.1690938360
.bad.cards/	1970-01-20 23:18:18	Name: playerSecret Value: 0ad59b248dde7337bc838595fc8a8e656fcaf1f197a20bf31c4adbb5338ffe56bfee06ab7d0c500ccc8aa662b0dc9b76bd3b2fcdcf624ab4105ec76f9a346398
.bad.cards/	1970-01-20 23:18:18	Name: playerGuid Value: _RekDcQ64nHaRXuK7tJlj
m.stripe.com/	1970-01-20 23:18:18	Name: m Value: cf6fb197-c576-484b-b009-c4d7c034dec123899b
.bad.cards/	1970-01-20 22:27:54	Name: __stripe_mid Value: ccfc6827-0453-4fac-a7d9-43dacc14377a5ad40c
.bad.cards/	1970-01-20 13:42:20	Name: __stripe_sid Value: 9fdc36ee-9558-4cbb-a5ea-05864501a02be10ed3
.bad.cards/	1970-01-20 23:18:18	Name: _ga_N3BGZ4J7BJ Value: GS1.1.1690938359.1.1.1690938360.59.0.0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript	warning	URL: https://bad.cards/game/light-ibis-5205/join Message: The resource https://bad.cards/game/fonts/GinJus-Regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://bad.cards/game/light-ibis-5205/join Message: The resource https://bad.cards/game/fonts/Stacion-Regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://bad.cards/game/light-ibis-5205/join Message: The resource https://bad.cards/logo-small.png?2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
audit-tcfv2.cmp.quantcast.com
bad.cards
btloader.com
cdn.fuseplatform.net
cdn.jsdelivr.net
cdn.refersion.com
cmp.quantcast.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
pagead2.googlesyndication.com
pub-a5fa57787d10daadcf9f.tracking.refersion.com
q.stripe.com
region1.analytics.google.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
test.cmp.quantcast.com
tracking.refersion.com
www.google.de
www.googletagmanager.com
www.gstatic.com
130.211.23.194
142.250.181.230
143.204.215.58
143.204.215.8
151.101.64.176
2001:4860:4802:32::36
2600:9000:211e:3200:9:46dc:4700:93a1
2600:9000:225e:b000:3:a4cd:8380:93a1
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:20::681a:f02
2606:4700::6810:5714
2606:4700::6812:16d0
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:400c:c0c::9b
2a02:26f0:3500:12::1730:1788
3.127.187.139
35.166.190.207
54.186.23.98
01ab2327de9853adabf2a07a2aac4ae735a33ab96bcbef3f624da170b011087c
034459651dfe7dd9d35633ce1e7da053b4b385a896edfadb4998c34d929fbf8c
0a0bfc7c90d91e04b6a8c6128f8da5c2553d237facd9513f2bf03b0b32ca3402
0a0e64cbc4d3796fc31161f21d71d6d9855dba9445ef26c321ee5cb09f74731c
0c88a854b71e5eb71586f77b2c041cb3a397671f8c25ef3b780545b4e34d0fb0
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1e77f48d11c58959d5129845bf10ce5cc3fbcfb502b8c0fa690946011927d48a
1e9cba781456458dd78bfad56ad1b7c4d6cd1723ba315cec63e84008ecebff08
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2599d6db77edd5d83a4e9ad218c9460ae499e3ff9019cdce6bf6f229a3f77c66
2ade4279c3b32472f61c35484d70ba1cec2deea85e6061832e6998dfad85e85c
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881
3cf88b31f0b9f5b69f46282b449b0182729613b97b18f87d110b1886b6e354e6
41aaafc5e647e3224f2fe0df7e41e79b288cd09ee80bf53ee15886a2a3bffe46
440391b37860122098225ebe33f0845780d5a6038b433e7c75b1810fcfb17773
55f2cdbccc20baf836d4103c14d823cff2f7530d7ecb59b84d43b9c516c04432
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
569372e1e0097ae982108a5ce953a33214448a0f5a32ccf5bda05e9918d7d103
588794e29465c271a0ad76362f89ce1a8c3706e71fa8f906257377dc3bc27270
5d91ffbdea8ecad30d07d2b6a979be09556cc16c50bc643fd96c749b2621c14a
5df3be089e223cf8c4656f65ff3fe6d0a66c4e5a04f4dff8f9e3ec6cb79d4705
5e9b10d4bf2481b8e296edcaf02f535a3fe1c3f53454d4ac5784d8d1b21ccbb6
5ef1933e7107348fec2060a091034eecbf976cd4ac6751a4f2b328d3850ddc2a
6433bb29063bf8ef44e9e8ca2037b3098cb815a7edc999d89508b5fd33f7aff9
6bdac68294ee1f89d0d32a920adb9cabc2ec217f6b11a27771cd6687da4d1ce1
784b336ed99187c48f39e9be0ab9a5f790cb784c33bd466f66ce56a0703d9c60
8c2b039c1edad85f9e3b6d2a427c48b60653ce0b9f521fe4b86aa705ed30757a
93dd4c9f9a75223ad21e32f5724cd71cae80668ad76f1cd0f702fd5cc0760f08
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
95fa7ac51b31d3796723d8175249f59d3fe2410d397fc5a5bd892421ccf2f9bf
9b2c3e96147e12d5456821714ff2369124c4a8747f7a78e78f16858abaf0a3fa
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a37716b0319deda3a44563d20c5d45c3cf4e4abd5e560d5c07140c8da368f8f1
ad0164b4b831605b7e1908c2f7d0b818f2d7f7e55770471ca71c49a1e56e5376
ad2d80f11e6bfd6808f43ef7096e0586f4843ecb67337904253692666bf012ec
ad85c3296d94914b82fe993329a448e123092e5e41e7e66e172d34f2da3ddaab
b15c094a683c050f4de3a028a8d461c800b7b8af0159eccfb27bbfb36563982c
bd3a2ff5820c53c4fba21ec7beb8c3b752875693f720ba4a2e70a35b9d75dbdd
c2623a2ec9fe02f64a3f1898199700a175b7eaefd700dc7c0ad303fdb52abe1c
c7099d1607eec8c148794a6878e09dd02d5cd58b3c93cd707738f9ab68f15920
ca0b6c78ad4aa54141925b1e2d45c4de0554867e1ef9e9cfc15fd14806e0cde7
cc3f53cde5ef15e870c94b2532fb0a626fb3a086c9c5a426438a9ac7be26a0f2
cdff1df570321b1b3b4312ed1f7ce8245b9071642ecb523d0682f962e196784b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2a39640dfd1f1ece2d919d9a697870506fc82668cabe5470d7179e4773b1677
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9ca1f96ff7ba29afd8520b80dbff93a386d205d07c6be3025fd17c1208108b5
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02d21a2f2f0e91ee9eae1dc386cf82e4609a27c867acbbd5ff9d061d05f55b8
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f3c11812f0aed002969d975616b87782444dab7825f0675c6c322a4921b3fe6c
f46f64fe103c81bf09340bcb13d1301271d1ac9057f4cd17f00d8deb2f3c82ae
f5674b769f4432086b6464284e6f197f5497158c1d1421e5e149d5e779a2b005
f6c7760c9d2197880eb1c6b3ee3a2e1bf649d8114f505ae0ba5908bf3873fa10
f85fa979ce48121c43d0f46cd5d163e092ce7aaa1ecdbc7c50baea412c5d76a4

bad.cards Open in urlscan Pro 2606:4700:20::681a:f02 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

69 %IPv6

16 Domains

27 Subdomains

26 IPs

3 Countries

1972 kBTransfer

6402 kBSize

7 Cookies

4 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bad.cards Open in urlscan Pro
2606:4700:20::681a:f02 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

69 %
IPv6

16
Domains

27
Subdomains

26
IPs

3
Countries

1972 kB
Transfer

6402 kB
Size

7
Cookies

76 HTTP transactions
0 data transactions