bewildcard.com Open in urlscan Pro
2606:4700:20::681a:92a  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request PINGPING Show response bewildcard.com/i/	4 KB 2 KB	267ms 227ms	Document text/html	2606:4700:20::681a:92a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bewildcard.com/i/PINGPING Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:92a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7153e0f1bfb3a3324f437d64d7416cc9e646f21be205664b6d366c59000f618d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 7e38f5d1fd9dbb37-FRA content-encoding br content-type text/html date Sat, 08 Jul 2023 14:19:06 GMT expires 0 last-modified Fri, 07 Jul 2023 10:49:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDgxyU0HuoGafNCehCwcGt2EUgwPpmDZZB%2B6c8Ok%2FBANLhIHFjS%2B2pK7rJ2K1zln%2FxHyQHuT4bGCQ9Z56%2FMbiFB19dZ7MCvv%2BVVM%2BxUY3s6BPvUilbhPqXUSGjC9SkAMbFCi98DLSZPy0qPM"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	css2 fonts.googleapis.com/	7 KB 1 KB	38ms 15ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;500&display=swap Requested by Host: bewildcard.com URL: https://bewildcard.com/i/PINGPING Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2350add23b4c7a29e50ed33c3a4ec8af8fff2cc389981510d5e60e552e4944bf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 08 Jul 2023 14:19:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 08 Jul 2023 13:16:14 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 08 Jul 2023 14:19:06 GMT
GET H2	200	main.6905976f.css bewildcard.com/static/css/	595 KB 79 KB	757ms 756ms	Stylesheet text/css	2606:4700:20::681a:92a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bewildcard.com/static/css/main.6905976f.css Requested by Host: bewildcard.com URL: https://bewildcard.com/i/PINGPING Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:92a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6262dd46a873d009c3da6a734714d87d941f6bd83c204395ab9ef806adc6c3a3 Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/i/PINGPING User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 14:19:06 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 07 Jul 2023 10:49:24 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=610360 etag W/"64a7edb4-95038" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqPxiQgJzjGBhMDDpRrIZvR5bgudeGQLu61jeAzycH%2FOjcGQfr1zf83V9LjlZVAzpNN5KSNFgmVt%2B8mbsu3CUcQ5MorR9Qn4NnvEJ9cOnqnwyvdOoJQh8ipwKsYqphgXsI32p3ng8Hvw3AVK"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=1800 cf-ray 7e38f5d36f63bb37-FRA alt-svc h3=":443"; ma=86400
GET H2	200	rocket-loader.min.js Show response bewildcard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	10ms 10ms	Script application/javascript	2606:4700:20::681a:92a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bewildcard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: bewildcard.com URL: https://bewildcard.com/i/PINGPING Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:92a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/i/PINGPING User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 14:19:06 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 04 Jul 2023 15:21:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64a438ff-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9tlX9nj9A0R6nlxaCTxAIz4ram04WgsjbTwkSJmkSxwFt74HKrPkgjRbeUDVV6GIatAY2t4Hk67PYiT8rbRLWss4QOBpG0who1pLr2NWOWyNPwuMwXvENX7az0KDk2Blkq1TG%2B99x%2BEnXyS"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 7e38f5d36f64bb37-FRA expires Mon, 10 Jul 2023 14:19:06 GMT
GET H3	200	main.3c88c6c3.js Show response bewildcard.com/static/js/	1 MB 423 KB	269ms 269ms	Script application/javascript	2606:4700:20::681a:92a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bewildcard.com/static/js/main.3c88c6c3.js Requested by Host: bewildcard.com URL: https://bewildcard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:92a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 556859b867ec441dd0db59ffcdaf0fa4a67a84d6f2e6115a4e9a1629e1456614 Request headers Referer https://bewildcard.com/i/PINGPING Origin https://bewildcard.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 14:19:07 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 07 Jul 2023 10:49:24 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=1355248 etag W/"64a7edb4-14adf0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2yz8RjfQ7w1DZomy3f68%2FtUycT8LP4kkR5DO3JKFk9OL9lT1nA4lTPOt8zAIObDqdoCoG5ZCinohCQTxoOBJOsbI8IsVJ3AFpbiEYmFcJFK56qGFFEw9dDGUerbeaySARSBXrN2SLoA5xRE"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1800 cf-ray 7e38f5d86a6e2c18-FRA alt-svc h3=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	141 KB 54 KB	43ms 21ms	Script application/javascript	2a00:1450:4001:800::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-11240307447 Requested by Host: bewildcard.com URL: https://bewildcard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ddb8abe84fc1f3d81dcf41277169a09a4525630e63c5abcf69a44635205ddfb8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 14:19:06 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 55175 x-xss-protection 0 last-modified Sat, 08 Jul 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 08 Jul 2023 14:19:06 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11240307447/	3 KB 2 KB	381ms 359ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11240307447/?random=1688825947004&cv=11&fst=1688825947004&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fbewildcard.com%2Fi%2FPINGPING&hn=www.googleadservices.com&frm=0&tiba=WildCard&auid=1385861396.1688825947&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-11240307447 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 765146376a4510f0cd076a784a1aa9ff18d9efbf4e8ed88d6f41c2a7f7a9ca59 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Sat, 08 Jul 2023 14:19:07 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1310 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	/ sessions.bugsnag.com/ Frame	0 0	198ms 151ms	Preflight	2600:1901:0:7a0b:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://sessions.bugsnag.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type Access-Control-Request-Method POST Origin https://bewildcard.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-headers Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At access-control-allow-methods POST access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Sat, 08 Jul 2023 14:19:07 GMT via 1.1 google
POST H2	202	/ Show response sessions.bugsnag.com/	21 B 97 B	153ms 151ms	XHR application/json	2600:1901:0:7a0b:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://sessions.bugsnag.com/ Requested by Host: bewildcard.com URL: https://bewildcard.com/static/js/main.3c88c6c3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a Request headers Bugsnag-Payload-Version 1 Referer https://bewildcard.com/ Bugsnag-Sent-At 2023-07-08T14:19:07.362Z accept-language de-DE,de;q=0.9 Bugsnag-Api-Key 9a2560a0fc3be6eb3adb53040cc8a943 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Sat, 08 Jul 2023 14:19:07 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21 content-type application/json
GET H3	200	version.json Show response bewildcard.com/	29 B 461 B	213ms 213ms	XHR application/json	2606:4700:20::681a:92a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bewildcard.com/version.json?t=1688825947431 Requested by Host: bewildcard.com URL: https://bewildcard.com/static/js/main.3c88c6c3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:92a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e63b77dec3806bb4a3b25a8383ddba84c5c53d9340b799a99362f9c93e4aead Request headers Accept application/json, text/plain, */* Referer https://bewildcard.com/i/PINGPING accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 14:19:07 GMT cf-cache-status DYNAMIC last-modified Fri, 07 Jul 2023 10:49:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64a7edb4-1d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rC2VyogB7rM1V1%2BoiMS9ockTnKds%2FMXkYTP43%2Fewh3pAJ%2BER6Sqp5hfYlNwkm2HA4hWRTE1i9qHUQfHc7Sy1%2FnLZxx%2FUst%2BrtNrZjW30HKKucfIEuqd0UoEUnXSHrmfFt2yRQrK6QgFNppBa"}],"group":"cf-nel","max_age":604800} content-type application/json accept-ranges bytes cf-ray 7e38f5db7e9b2c18-FRA alt-svc h3=":443"; ma=86400 content-length 29
GET H2	200	sjswlknd Show response widget.intercom.io/widget/	7 KB 3 KB	458ms 403ms	Script application/javascript	13.224.189.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.intercom.io/widget/sjswlknd Requested by Host: bewildcard.com URL: https://bewildcard.com/i/PINGPING Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-49.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 350a3221f03fc244c631f3979ad4e8a0d9eef35fa7c7344a6207dd7826801d52 Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id 6kVfBHKU7j4GB0pI7_GPUDyuGTjvSgzE content-encoding gzip via 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront) date Sat, 08 Jul 2023 14:08:57 GMT x-amz-cf-pop FRA2-C1 age 616 x-amz-server-side-encryption AES256 x-cache Error from cloudfront alt-svc h3=":443"; ma=86400 content-length 2678 last-modified Fri, 07 Jul 2023 15:36:35 GMT server AmazonS3 etag "61e9e44d953b2c57820e1c2b681afa57" vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control max-age=900, s-maxage=900, public accept-ranges bytes x-amz-cf-id hChSEOBnmIHwp4fAYRK8r6zKLMYJ2Cjc8f7p9-2RcpG0YQowOJx2ZA==
POST H3	202	/ Show response sessions.bugsnag.com/	21 B 34 B	158ms 157ms	XHR application/json	2600:1901:0:7a0b:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://sessions.bugsnag.com/ Requested by Host: bewildcard.com URL: https://bewildcard.com/static/js/main.3c88c6c3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a Request headers Bugsnag-Payload-Version 1 Referer https://bewildcard.com/ Bugsnag-Sent-At 2023-07-08T14:19:07.505Z accept-language de-DE,de;q=0.9 Bugsnag-Api-Key 9a2560a0fc3be6eb3adb53040cc8a943 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Sat, 08 Jul 2023 14:19:07 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21 content-type application/json
OPTIONS H2	200	/ sessions.bugsnag.com/ Frame	0 0	151ms 151ms	Preflight	2600:1901:0:7a0b:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://sessions.bugsnag.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type Access-Control-Request-Method POST Origin https://bewildcard.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-headers Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At access-control-allow-methods POST access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Sat, 08 Jul 2023 14:19:07 GMT via 1.1 google
GET H3	200	621.16f29c0d.chunk.css bewildcard.com/static/css/	38 B 521 B	776ms 775ms	Stylesheet text/css	2606:4700:20::681a:92a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bewildcard.com/static/css/621.16f29c0d.chunk.css Requested by Host: bewildcard.com URL: https://bewildcard.com/static/js/main.3c88c6c3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:92a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30ce5628fc1e5c2d7b685e4a475b9fd9351249022de56444c72cf2db59498b37 Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/i/PINGPING User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 14:19:08 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=88 alt-svc h3=":443"; ma=86400 content-length 38 cf-bgj minify last-modified Fri, 07 Jul 2023 10:49:24 GMT server cloudflare etag "64a7edb4-58" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eIV%2BiAHvHlLLdW8PIDv9RY5nvd9bMI7SRzNB5ecg8oG%2ByNL3fqkyKoN2NRH3kYJUY3yaQDvi42JU6YIfFrTOg65kHnYdJ6JXKgKLcnr3dMWWBosdwQih9S2jchcFoJdf%2FPobvj%2BPuefBbWM"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=1800 accept-ranges bytes cf-ray 7e38f5dc2f6d2c18-FRA
GET H3	200	621.cdb283ce.chunk.js Show response bewildcard.com/static/js/	441 B 784 B	265ms 264ms	Script application/javascript	2606:4700:20::681a:92a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bewildcard.com/static/js/621.cdb283ce.chunk.js Requested by Host: bewildcard.com URL: https://bewildcard.com/static/js/main.3c88c6c3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:92a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a84b31fb9cc61ae7618fbd2049583df1352f8690688e26e9936eeb04df61f6a Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/i/PINGPING User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 14:19:07 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 07 Jul 2023 10:49:24 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=488 etag W/"64a7edb4-1e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKyh%2BGsRrjKg6GAfiLCQq2PPMYaofHMv7TuioY0flM0bK0xIHgnbiVnGfTo0AZi4HyvuJaHm7soqC97m17xcenVri%2F0qxinf%2BtGNXXIK817CzAMAuoU1ZCYcR8jv5tricKd7T%2Byhix0Ap3Q6"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1800 cf-ray 7e38f5dc2f722c18-FRA alt-svc h3=":443"; ma=86400
HEAD H2	200	r.png arms-retcode.aliyuncs.com/	0 0	1076ms 279ms	Fetch image/png	47.110.73.164 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://arms-retcode.aliyuncs.com/r.png?t=perf&times=1&page=bewildcard.com%2Fi%2Fpingping&tag=&release=&environment=prod&begin=1688825946479&dns=21&tcp=20&ssl=14&ttfb=227&trans=3&dom=2&res=0&firstbyte=267&fpt=271&tti=273&ready=1070&load=1070&ct=4g&bandwidth=9.5&navtype=Other&autoSend=true&sr=1600x1200&vp=1600x1200&uid=5hlCajg9uX03CXd6e5Rw0h1f240j&sid=zelF6jOzum93hLd4k5gd0yjgaszO&pid=cbcpag75s3%40704d144780dbea5&_v=1.8.30&pv_id=vnlpXjg9uC23e5deC5RX0anb60ey&sampling=1&z=lju3d4w2 Requested by Host: bewildcard.com URL: https://bewildcard.com/static/js/main.3c88c6c3.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.110.73.164 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-origin * date Sat, 08 Jul 2023 14:19:08 GMT server nginx timing-allow-origin * content-type image/png
HEAD H2	200	r.png arms-retcode.aliyuncs.com/	0 0	1076ms 280ms	Fetch image/png	47.110.73.164 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://arms-retcode.aliyuncs.com/r.png?t=pv&times=1&page=%5Bindex%5D&tag=&release=&environment=prod&begin=1688825947554&uid=5hlCajg9uX03CXd6e5Rw0h1f240j&dt=WildCard&dr=&dpr=1.00&de=utf-8&ul=zh-Hans&sr=1600x1200&vp=1600x1200&ct=4g&sid=zelF6jOzum93hLd4k5gd0yjgaszO&pid=cbcpag75s3%40704d144780dbea5&_v=1.8.30&pv_id=vnlpXjg9uC23e5deC5RX0anb60ey&sampling=1&dl=https%3A%2F%2Fbewildcard.com%2Fi%2FPINGPING&z=lju3d4w3 Requested by Host: bewildcard.com URL: https://bewildcard.com/static/js/main.3c88c6c3.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.110.73.164 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-origin * date Sat, 08 Jul 2023 14:19:08 GMT server nginx timing-allow-origin * content-type image/png
GET H3	200	black-logo-with-text.4f757be18a22e7f13247.png bewildcard.com/static/media/	82 KB 82 KB	977ms 977ms	Image image/png	2606:4700:20::681a:92a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bewildcard.com/static/media/black-logo-with-text.4f757be18a22e7f13247.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:92a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f19b70e53f95860262d4f5bd5b15732f4da53e9d1a6bc76b5d7d7463b9c6fd00 Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/i/PINGPING User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 14:19:08 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished status=not_needed alt-svc h3=":443"; ma=86400 content-length 83624 cf-bgj imgq:100,h2pri last-modified Fri, 07 Jul 2023 10:49:24 GMT server cloudflare etag "64a7edb4-146a8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbCE6tzak7d1%2B7QZbOVzAqfYpG%2F6bwPMs5z4%2FsB8W2KibClbdbSrqfNsSvNGNquzRfm3rRwq68C7RS8z0nn4daMyufQKZRUgNukblqLSMSPjRjfZFF%2BZaODEuSuosJr0QJ47Kz0Gdb0wFb30"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 7e38f5dc4f8f2c18-FRA
GET DATA	200 OK	truncated /	305 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 46d7549462c08b26e21c02532a29e58861dbdfe6b25b2b091a8d7b66e7d291d5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/png
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	32ms 9ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bewildcard.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 01 Jul 2023 15:24:53 GMT x-content-type-options nosniff age 600854 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 30 Jun 2024 15:24:53 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	31ms 8ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bewildcard.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 01:50:32 GMT x-content-type-options nosniff age 44915 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 07 Jul 2024 01:50:32 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/11240307447/	42 B 455 B	53ms 25ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11240307447/?random=1688825947004&cv=11&fst=1688824800000&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fbewildcard.com%2Fi%2FPINGPING&frm=0&tiba=WildCard&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3470012608&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Sat, 08 Jul 2023 14:19:07 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/11240307447/	42 B 455 B	51ms 24ms	Image image/gif	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/11240307447/?random=1688825947004&cv=11&fst=1688824800000&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fbewildcard.com%2Fi%2FPINGPING&frm=0&tiba=WildCard&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3470012608&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Sat, 08 Jul 2023 14:19:07 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	frame-modern.1ffa2b0d.js Show response js.intercomcdn.com/ Frame 6A46	485 KB 136 KB	40ms 7ms	Script application/javascript	18.66.147.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.1ffa2b0d.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/sjswlknd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-49.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 00c9674bf2561d6f575ba885b192f9bc6b6e08983953c8e8d0ef97d65b5a533b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id ZFfg2WVhjmbSqP1hnBeN4KWsbnUC__Bu content-encoding gzip via 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront) date Sat, 08 Jul 2023 13:36:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P4 age 2548 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 138103 last-modified Fri, 07 Jul 2023 15:34:49 GMT server AmazonS3 etag "d2cfc68dc50f96bea8ff6f0ed3e16490" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id m82h2OvPuXAJ06aHYOidGjgw84elL17zTcpntGp0739LTBcaunBtWw==
GET H2	200	vendor-modern.a16075a9.js Show response js.intercomcdn.com/ Frame 6A46	241 KB 75 KB	54ms 21ms	Script application/javascript	18.66.147.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.a16075a9.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/sjswlknd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-49.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 7f7420399b133e72b82d97986510702d79945995bbdcdf725570eda135b4e89a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id ZRpyfRbVDp25jD6RjRF9edQqhOmAQ1i0 content-encoding gzip via 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront) date Sat, 08 Jul 2023 12:51:36 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P4 age 5252 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 75744 last-modified Thu, 06 Jul 2023 10:47:54 GMT server AmazonS3 etag "de7446f5260b9a6b1464b6bb2aa48747" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id LX38gtezyEVf6x2HpOw78UUHjRqoL9OlNP0FmIqQ80U1cIdsE-PO4g==
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame 6A46	4 KB 2 KB	588ms 308ms	XHR application/json	54.152.51.162 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.1ffa2b0d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.152.51.162 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-152-51-162.compute-1.amazonaws.com Software nginx / Resource Hash 8206e5475a5db17d0fed122b9cdf628f44b9cfa641854508f9faa7dd739df233 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 08 Jul 2023 14:19:08 GMT strict-transport-security max-age=31556952; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-ami-version ami-0e98ab4a31751171e status 200 OK x-xss-protection 1; mode=block x-request-id 002qdogdpn6dk7ijpp40 x-runtime 0.196412 server nginx etag W/"8206e5475a5db17d0fed122b9cdf628f" vary Accept,Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://bewildcard.com x-intercom-version 98e211441fe01d39ceeeb158d9287fe971d92263 cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-frame-options SAMEORIGIN access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
POST H3	202	/ Show response sessions.bugsnag.com/	21 B 34 B	149ms 149ms	XHR application/json	2600:1901:0:7a0b:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://sessions.bugsnag.com/ Requested by Host: bewildcard.com URL: https://bewildcard.com/static/js/main.3c88c6c3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a Request headers Bugsnag-Payload-Version 1 Referer https://bewildcard.com/ Bugsnag-Sent-At 2023-07-08T14:19:08.317Z accept-language de-DE,de;q=0.9 Bugsnag-Api-Key 9a2560a0fc3be6eb3adb53040cc8a943 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Sat, 08 Jul 2023 14:19:08 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21 content-type application/json
POST H2	200	r.png arms-retcode.aliyuncs.com/	1 B 83 B	3423ms 2901ms	Ping image/png	47.110.73.164 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://arms-retcode.aliyuncs.com/r.png?t=health&times=1&page=%5Bindex%5D&tag=&release=&environment=prod&begin=1688825948319&errcount=0&apisucc=0&apifail=0&healthy=1&stay=772&sr=1600x1200&vp=1600x1200&ct=4g&uid=5hlCajg9uX03CXd6e5Rw0h1f240j&sid=zelF6jOzum93hLd4k5gd0yjgaszO&pid=cbcpag75s3%40704d144780dbea5&_v=1.8.30&pv_id=vnlpXjg9uC23e5deC5RX0anb60ey&sampling=1&z=lju3d4w4 Requested by Host: bewildcard.com URL: https://bewildcard.com/static/js/main.3c88c6c3.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.110.73.164 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Request headers Referer https://bewildcard.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sat, 08 Jul 2023 14:19:11 GMT server nginx timing-allow-origin * content-type image/png
GET H3	200	12.585be34d.chunk.css bewildcard.com/static/css/	10 KB 2 KB	270ms 269ms	Stylesheet text/css	2606:4700:20::681a:92a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bewildcard.com/static/css/12.585be34d.chunk.css Requested by Host: bewildcard.com URL: https://bewildcard.com/static/js/main.3c88c6c3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:92a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d9253d4c2bd170060ea1baacba9e3f340e8df32ea18dc73a21166742419c162 Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/phone-verify?code=PINGPING User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 14:19:08 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 07 Jul 2023 10:49:24 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=10799 etag W/"64a7edb4-2a2f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h48wfuXUdG%2FhhIlDBhuQc8PkgQpTO9nsNSiAeIZ9N4h6zolDO6W5F7VfUl9j6XGBV3SRNeVaQZPSfkI9MNUDHsx088AaBbjIV2ofC%2FvNjX0vy6EfJqhc%2BqCYk08j1Q16n88XCmkvnbWNDcMt"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=1800 cf-ray 7e38f5e11d962c18-FRA alt-svc h3=":443"; ma=86400
GET H3	200	12.5680c708.chunk.js Show response bewildcard.com/static/js/	8 KB 3 KB	791ms 775ms	Script application/javascript	2606:4700:20::681a:92a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bewildcard.com/static/js/12.5680c708.chunk.js Requested by Host: bewildcard.com URL: https://bewildcard.com/static/js/main.3c88c6c3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:92a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e33f20325b29378bbfe1a215cd556203edfdf597a70a61f01e3a532572bf469f Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/phone-verify?code=PINGPING User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 14:19:09 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 07 Jul 2023 10:49:24 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=8058 etag W/"64a7edb4-1f7a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pm%2FceRz79ksaclsnBvXlnYaPVtGzB8ESQYcZ%2FEjBhjxzHyNaQ5P1fWPsb2SaW%2BCoYR5GD2n5bl%2BpGAy9ZWZnx8tdQUwABeO73EFvLJPOvolvW0knLOPwg3LKOS22SbdXSj2a7v7ww4oTxUmU"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1800 cf-ray 7e38f5e13dc22c18-FRA alt-svc h3=":443"; ma=86400
OPTIONS H3	200	/ sessions.bugsnag.com/ Frame	0 0	151ms 151ms	Preflight	2600:1901:0:7a0b:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://sessions.bugsnag.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type Access-Control-Request-Method POST Origin https://bewildcard.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-headers Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At access-control-allow-methods POST access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Sat, 08 Jul 2023 14:19:08 GMT via 1.1 google
HEAD H2	200	r.png arms-retcode.aliyuncs.com/	0 0	284ms 280ms	Fetch image/png	47.110.73.164 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://arms-retcode.aliyuncs.com/r.png?t=pv&times=1&page=%2Fphone-verify&tag=&release=&environment=prod&begin=1688825948345&uid=5hlCajg9uX03CXd6e5Rw0h1f240j&dt=WildCard&dr=&dpr=1.00&de=utf-8&ul=zh-Hans&sr=1600x1200&vp=1600x1200&ct=4g&sid=zelF6jOzum93hLd4k5gd0yjgaszO&pid=cbcpag75s3%40704d144780dbea5&_v=1.8.30&pv_id=UqlXFj41ukC3sjd6d5jylemsekbm&sampling=1&dl=https%3A%2F%2Fbewildcard.com%2Fphone-verify%3Fcode%3DPINGPING&z=lju3d4w5 Requested by Host: bewildcard.com URL: https://bewildcard.com/static/js/main.3c88c6c3.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.110.73.164 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://bewildcard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-origin * date Sat, 08 Jul 2023 14:19:08 GMT server nginx timing-allow-origin * content-type image/png
POST H2	200	r.png Show response arms-retcode.aliyuncs.com/	1 B 25 B	280ms 279ms	XHR image/png	47.110.73.164 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://arms-retcode.aliyuncs.com/r.png?t=api&times=1&page=%2Fphone-verify&tag=&release=&environment=prod&begin=1688825948317&api=sessions.bugsnag.com&success=1&time=302&code=202&msg=&traceId=&pv_id=UqlXFj41ukC3sjd6d5jylemsekbm&domain=bewildcard.com&flag=1&sr=1600x1200&vp=1600x1200&ct=4g&uid=5hlCajg9uX03CXd6e5Rw0h1f240j&sid=zelF6jOzum93hLd4k5gd0yjgaszO&pid=cbcpag75s3%40704d144780dbea5&_v=1.8.30&sampling=1&dl=https%3A%2F%2Fbewildcard.com%2Fphone-verify%3Fcode%3DPINGPING&z=lju3d4w6&post_res= Requested by Host: bewildcard.com URL: https://bewildcard.com/static/js/main.3c88c6c3.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.110.73.164 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Request headers Referer https://bewildcard.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sat, 08 Jul 2023 14:19:08 GMT server nginx timing-allow-origin * content-type image/png
GET H2	200	vendors~locale-zh-CN-json-modern.c772b0bb.js Show response js.intercomcdn.com/ Frame 6A46	28 KB 9 KB	7ms 7ms	Script application/javascript	18.66.147.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendors~locale-zh-CN-json-modern.c772b0bb.js Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.1ffa2b0d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-49.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 684d133b8d417941905881bc015d96315a4f5af38e6351e103ba7bfbb413918d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id HZ77gWxLWV0bI6fPqcA4_bklPNs3.A3Q content-encoding gzip via 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront) date Sat, 08 Jul 2023 12:57:11 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P4 age 4918 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 8592 last-modified Thu, 06 Jul 2023 18:08:28 GMT server AmazonS3 etag "55ab56a8732ecb1e9ebf7db2d4948feb" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id Sc10M42GAAroj4KHeaE55TjKylNUu6j-Gthr5Ey3c-BSssIiQUBNCA==
GET H2	200	KFOkCnqEu92Fr1MmgVxIIzI.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	10ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bewildcard.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 01 Jul 2023 19:41:55 GMT x-content-type-options nosniff age 585434 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15764 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:35 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 30 Jun 2024 19:41:55 GMT

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| __cfQR function| gtag object| dataLayer object| intercomSettings function| Intercom boolean| isIE object| result number| IEVersion boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| webpackChunkwild_card function| clearImmediate function| setImmediate object| regeneratorRuntime function| _ function| BrowserLogger object| __SVG_SPRITE__ string| CURRENT_VERSION function| __oFetch_ function| __oXMLHttpRequest_ object| __bl boolean| __hasInitBlSdk function| __intercomAssignLocation function| __intercomReloadLocation

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bewildcard.com/	1970-01-20 15:16:41	Name: _gcl_au Value: 1.1.1385861396.1688825947
			.doubleclick.net/	1970-01-20 13:07:06	Name: test_cookie Value: CheckForPermission
			bewildcard.com/	1970-01-20 17:26:17	Name: _bl_uid Value: 5hlCajg9uX03CXd6e5Rw0h1f240j
			.bewildcard.com/	1970-01-20 19:35:55	Name: intercom-id-sjswlknd Value: 20cbd960-9f4b-4466-9dde-4ec4f7cb4cdd
			.bewildcard.com/	1970-01-20 13:17:10	Name: intercom-session-sjswlknd Value:
			.bewildcard.com/	1970-01-20 19:35:55	Name: intercom-device-id-sjswlknd Value: 6f106ae9-ddc2-4e5b-889c-c1c7996b76b2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
arms-retcode.aliyuncs.com
bewildcard.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.intercomcdn.com
sessions.bugsnag.com
widget.intercom.io
www.google.com
www.google.de
www.googletagmanager.com
13.224.189.49
18.66.147.49
2600:1901:0:7a0b::
2606:4700:20::681a:92a
2a00:1450:4001:800::2003
2a00:1450:4001:800::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:831::200a
47.110.73.164
54.152.51.162
00c9674bf2561d6f575ba885b192f9bc6b6e08983953c8e8d0ef97d65b5a533b
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0d9253d4c2bd170060ea1baacba9e3f340e8df32ea18dc73a21166742419c162
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
2350add23b4c7a29e50ed33c3a4ec8af8fff2cc389981510d5e60e552e4944bf
2e63b77dec3806bb4a3b25a8383ddba84c5c53d9340b799a99362f9c93e4aead
30ce5628fc1e5c2d7b685e4a475b9fd9351249022de56444c72cf2db59498b37
350a3221f03fc244c631f3979ad4e8a0d9eef35fa7c7344a6207dd7826801d52
46d7549462c08b26e21c02532a29e58861dbdfe6b25b2b091a8d7b66e7d291d5
556859b867ec441dd0db59ffcdaf0fa4a67a84d6f2e6115a4e9a1629e1456614
6262dd46a873d009c3da6a734714d87d941f6bd83c204395ab9ef806adc6c3a3
684d133b8d417941905881bc015d96315a4f5af38e6351e103ba7bfbb413918d
7153e0f1bfb3a3324f437d64d7416cc9e646f21be205664b6d366c59000f618d
765146376a4510f0cd076a784a1aa9ff18d9efbf4e8ed88d6f41c2a7f7a9ca59
7a84b31fb9cc61ae7618fbd2049583df1352f8690688e26e9936eeb04df61f6a
7f7420399b133e72b82d97986510702d79945995bbdcdf725570eda135b4e89a
8206e5475a5db17d0fed122b9cdf628f44b9cfa641854508f9faa7dd739df233
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ddb8abe84fc1f3d81dcf41277169a09a4525630e63c5abcf69a44635205ddfb8
e33f20325b29378bbfe1a215cd556203edfdf597a70a61f01e3a532572bf469f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19b70e53f95860262d4f5bd5b15732f4da53e9d1a6bc76b5d7d7463b9c6fd00
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef