forestwitchllc.com Open in urlscan Pro
198.49.23.145 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://forestwitchllc.biz/
Effective URL:
https://forestwitchllc.com/
Submission Tags: phishingrod
Submission: On August 06 via api (August 6th 2023, 2:08:39 pm UTC) from DE — Scanned from DE

Summary HTTP 58 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 58 HTTP transactions. The main IP is 198.49.23.145, located in United States and belongs to SQUARESPACE, US. The main domain is forestwitchllc.com.
TLS certificate: Issued by R3 on July 6th 2023. Valid for: 3 months.

This is the only time forestwitchllc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	198.185.159.145 198.185.159.145	53831 (SQUARESPACE) (SQUARESPACE)
16	198.49.23.145 198.49.23.145	53831 (SQUARESPACE) (SQUARESPACE)
10	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	151.101.64.237 151.101.64.237	54113 (FASTLY) (FASTLY)
4	151.101.128.238 151.101.128.238	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.192.238 151.101.192.238	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
58	13

1 198.185.159.145 (United States) 1 redirects

ASN53831 (SQUARESPACE, US)

forestwitchllc.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 198.49.23.145 (United States)

ASN53831 (SQUARESPACE, US)

forestwitchllc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.64.237 (United States)

ASN54113 (FASTLY, US)

assets.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.128.238 (United States)

ASN54113 (FASTLY, US)

static1.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.238 (United States)

ASN54113 (FASTLY, US)

images.squarespace-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	forestwitchllc.com forestwitchllc.com	30 KB
12	squarespace.com assets.squarespace.com — Cisco Umbrella Rank: 6119 static1.squarespace.com — Cisco Umbrella Rank: 5904	1 MB
11	typekit.net use.typekit.net — Cisco Umbrella Rank: 542 p.typekit.net — Cisco Umbrella Rank: 680	206 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	213 KB
3	squarespace-cdn.com images.squarespace-cdn.com — Cisco Umbrella Rank: 5225	6 MB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	5 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1192	609 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1869	256 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	81 KB
1	forestwitchllc.biz 1 redirects forestwitchllc.biz	171 B
58	11

	Domain	Requested by
16	forestwitchllc.com	assets.squarespace.com
10	use.typekit.net	forestwitchllc.com
8	assets.squarespace.com	forestwitchllc.com
7	pagead2.googlesyndication.com	forestwitchllc.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	static1.squarespace.com	forestwitchllc.com static1.squarespace.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	images.squarespace-cdn.com	forestwitchllc.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	p.typekit.net	forestwitchllc.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	forestwitchllc.com
1	forestwitchllc.biz	1 redirects
58	14

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.pinterest.com
www.tiktok.com
www.forestwitchjpg.com
forestwitch.shop
www.forestwitchllc.com
poshmark.com
cash.app
www.youtube.com
squarespace.com

Subject Issuer	Validity	Valid
forestwitchllc.com R3	`2023-07-06` - `2023-10-04`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.squarespace.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-01` - `2024-02-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.squarespace-cdn.com R3	`2023-08-04` - `2023-11-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://forestwitchllc.com/
Frame ID: D889B6A415B4BD0701173DDACC95C15A
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html
Frame ID: A14D7614EB2D37181FA6EA12773598EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9950562927283892&output=html&adk=2296256312&adf=2630686053&lmt=1691330914&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=https%3A%2F%2Fforestwitchllc.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691330914275&bpp=5&bdt=582&idt=174&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2549579469611&frm=20&pv=2&ga_vid=2097909425.1691330914&ga_sid=1691330914&ga_hid=1185360926&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076481%2C31076730%2C31076444%2C44796632&oid=2&pvsid=1713245089822408&tmod=957882570&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=205
Frame ID: 74504E520D54767ACB4B4291A05B5EBF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 94D036291BF6B965F2ADDC584A213F69
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B2C19F09FAA21DD35507634723309E54
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Forest Witch℠

Page URL History Show full URLs

https://forestwitchllc.biz/ HTTP 301
https://forestwitchllc.com/ Page URL

Detected technologies

Squarespace (CMS) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

58
Requests

100 %
HTTPS

64 %
IPv6

11
Domains

14
Subdomains

13
IPs

2
Countries

7912 kB
Transfer

13824 kB
Size

9
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/forestwitchllc/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/forestwitchllc/_created/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@ellen.forest

Search URL Search Domain Scan URL

URL: https://www.forestwitchjpg.com/about-forest-witch
Title: About Forest Witch

Search URL Search Domain Scan URL

URL: https://forestwitch.shop/
Title: Shop Forest Witch℠

Search URL Search Domain Scan URL

URL: https://forestwitch.shop/pages/FORESTWITCHLLCSUBSCRIBE-subscribe-page
Title: Join the Text List

Search URL Search Domain Scan URL

URL: https://www.forestwitchllc.com/
Title: (Home/Blog) forestwitchllc.com

Search URL Search Domain Scan URL

URL: https://poshmark.com/closet/f0rest_witch
Title: (Poshmark) Secondhand Clothing Shop

Search URL Search Domain Scan URL

URL: https://www.forestwitchjpg.com/tarotbyelle
Title: Request a Tarot Reading

Search URL Search Domain Scan URL

URL: https://cash.app/$forestwitchllc
Title: Cash App

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@f0r3st.witch
Title: @F0r3st.Witch on TikTok

Search URL Search Domain Scan URL

URL: https://www.instagram.com/f0rest.witch/
Title: @F0rest.Witch on Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC-1GrswEqn1vn4Ro8A2h5fw
Title: @F0restWitch

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@forestwitchllc
Title: @ForestWitchLLC on TikTok

Search URL Search Domain Scan URL

URL: http://squarespace.com/
Title: Squarespace

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://forestwitchllc.biz/ HTTP 301
https://forestwitchllc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
forestwitchllc.com/
Redirect Chain

https://forestwitchllc.biz/
https://forestwitchllc.com/

307 KB
29 KB

210ms
15ms

Document
text/html

198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

569a5ddeb6be071f9aab78909686d2686b0b83824bcf51ab540b9a9c50532034

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 54762
content-encoding: gzip
content-length: 29535
content-type: text/html;charset=utf-8
date: Sat, 05 Aug 2023 15:38:02 GMT
etag: W/"8d44d272f6859a53c6d1b4389016fab3"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: YGQpHOuT/0nqhZhlx

Redirect headers

age: 0
content-length: 0
date: Sun, 06 Aug 2023 01:36:33 GMT
location: https://forestwitchllc.com/
server: Squarespace
strict-transport-security: max-age=0
x-contextid: 9Z0SxlEa/WxfciTCX

GET
H2 200 vXJT8QkQzMkJNx_HOi2BeC1Rpgrptgj4SqZ2V8fU5HbfeCqIfFHN4UJLFRbh52jhWDm8ZRqUF28qjRIowAIhFesyZAsKjhJkFy7mMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0deBqpA4uZkuzicBCOQF35... Show response
use.typekit.net/ik/ 19 KB
7 KB 35ms
7ms Script
text/javascript 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ik/vXJT8QkQzMkJNx_HOi2BeC1Rpgrptgj4SqZ2V8fU5HbfeCqIfFHN4UJLFRbh52jhWDm8ZRqUF28qjRIowAIhFesyZAsKjhJkFy7mMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0deBqpA4uZkuzicBCOQF35Qj0SaBujW48Sagyjh90jhNlOfG0SaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdPUyjamTiY8Djhy8ZYmC-Ao1OcFzdPUyjamTiY8Djhy8ZYmC-Ao1Oco8ifUySkolZPUcda48Sasa-WsR-eUCjkoRdhXCdeBqpA4uZkuzicBCOQF35Qj0SaBujW48Sagyjh90jhNlOeUzjhBC-eNDifUDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOYiaikoyjamTiY8Djhy8ZYmC-Ao1OcFzdPUaiaS0jAFu-WsoShFGZAsude80Zko0ZWbCiaiaOcBDOcu8OYiaikocda48Sasa-WsR-eUCjkoRdhXCiaiaOcUyZY8KiASldaZydfXDS2qhO1FUiABkZWF3jAF8OcFzdPUaiaS0SaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdPJ5dhy0dkuKdeBEZAZyjh9Kghs8ZamCjWJ7f6K1DbJbMg62JMJ7f6K8DbJbMg6YJMJ7f6RPX3JbMg6FJMJ7f6RAX3JbMg6sJMJ7f6Rph3JbMs6IJMJ7f6R6h3JbMs6BJMJ7f6Rqh3JbMs6YJMJ7f6RLh3JbMs65JMJ7f6R8h3JbMs6sJMHbMjzv749e.js

Requested by

Host: forestwitchllc.com
URL: https://forestwitchllc.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

74688443c4606cb110aad7ea8302c8498510176be377b54e155dcf286abdf328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sun, 06 Aug 2023 14:08:33 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6902

GET
H2 200 modern.js Show response
assets.squarespace.com/@sqs/polyfiller/1.6/ 115 KB
42 KB 36ms
6ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 0, 37745
date: Sun, 06 Aug 2023 14:08:33 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2882156
x-cache: MISS, HIT
content-length: 42447
x-served-by: cache-iad-kjyo7100073-IAD, cache-fra-eddf8230051-FRA
last-modified: Mon, 31 Oct 2022 21:19:57 GMT
server: UploadServer
x-timer: S1691330914.726861,VS0,VE0
etag: "fe0d53a94823df972dbf107bf190771a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jul 2024 05:32:37 GMT

GET
H2 200 extract-css-runtime-41c5247522ad9524f0894-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 47 KB
16 KB 7ms
6ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-41c5247522ad9524f0894-min.en-US.js
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 335330819eff2a2954e05e03fd7df97c3fcfd353c949bf9370aca401920e438f

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 5, 11109
date: Sun, 06 Aug 2023 14:08:33 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 148033
x-cache: HIT, HIT
content-length: 16153
x-served-by: cache-iad-kcgs7200030-IAD, cache-fra-eddf8230051-FRA
last-modified: Fri, 04 Aug 2023 20:55:42 GMT
server: UploadServer
x-timer: S1691330914.756517,VS0,VE0
etag: "30170ba46b260b59facb20549ddc165d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 21:01:20 GMT

GET
H2 200 extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 575 KB
86 KB 8ms
7ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a59acd7a8cbaf68d5d628ac09c501f01a2f3f42c9affa8f3d101f2860d1cc3f7

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 1, 35064
date: Sun, 06 Aug 2023 14:08:33 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 3998523
x-cache: HIT, HIT
content-length: 87950
x-served-by: cache-iad-kjyo7100077-IAD, cache-fra-eddf8230051-FRA
last-modified: Mon, 21 Nov 2022 16:44:05 GMT
server: UploadServer
x-timer: S1691330914.773318,VS0,VE0
etag: "c790849e8518999c8594a0bbb6597784"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 07:26:30 GMT

GET
H2 200 cldr-resource-pack-47d1221231df25bde9715-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 122 KB
18 KB 9ms
8ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-47d1221231df25bde9715-min.en-US.js
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d87684538eb5444f5b45c3db45736a201fec86425e7bc08b1d87a1a6435d8a0e

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 8, 38072
date: Sun, 06 Aug 2023 14:08:33 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 1438993
x-cache: HIT, HIT
content-length: 18547
x-served-by: cache-iad-kcgs7200174-IAD, cache-fra-eddf8230051-FRA
last-modified: Thu, 20 Jul 2023 22:19:08 GMT
server: UploadServer
x-timer: S1691330914.773717,VS0,VE0
etag: "b05b3f6b0ad99115c99b544ef35636d2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 22:25:20 GMT

GET
H2 200 common-vendors-stable-988cea152e72258d821b3-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 240 KB
69 KB 9ms
8ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-988cea152e72258d821b3-min.en-US.js
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 08f2efacdc1f3ead8e86c056bd7dcf4b9f336bedc20937f8c2e6c478cfc4e5c4

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 39, 35017
date: Sun, 06 Aug 2023 14:08:33 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 4068928
x-cache: HIT, HIT
content-length: 70712
x-served-by: cache-iad-kiad7000115-IAD, cache-fra-eddf8230051-FRA
last-modified: Tue, 20 Jun 2023 11:42:46 GMT
server: UploadServer
x-timer: S1691330914.773580,VS0,VE0
etag: "776e96fefe0665df056d8f5ca6a02b62"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 11:53:05 GMT

GET
H2 200 common-vendors-1204c052fdab4fa666f14-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 758 KB
171 KB 15ms
14ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 522229016f084c734c992315cca0b22f6c72563579b66b88eea907eee1fb55f1

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 28, 104
date: Sun, 06 Aug 2023 14:08:33 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 162313
x-cache: HIT, HIT
content-length: 174424
x-served-by: cache-iad-kiad7000049-IAD, cache-fra-eddf8230051-FRA
last-modified: Fri, 04 Aug 2023 16:54:17 GMT
server: UploadServer
x-timer: S1691330914.774032,VS0,VE0
etag: "b5e9e9f6e5b1dce411845859fee022c2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 17:03:20 GMT

GET
H2 200 common-774bb2fa90ff3e6e88a13-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 3 MB
623 KB 15ms
14ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-774bb2fa90ff3e6e88a13-min.en-US.js
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d06199e522e1ab1c0a041c0c604f7422b9b803ea775ff1b95be12b887334de0b

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 5, 281
date: Sun, 06 Aug 2023 14:08:33 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 153348
x-cache: HIT, HIT
content-length: 636973
x-served-by: cache-iad-kiad7000127-IAD, cache-fra-eddf8230051-FRA
last-modified: Fri, 04 Aug 2023 19:23:34 GMT
server: UploadServer
x-timer: S1691330914.774053,VS0,VE0
etag: "a5424fff9f8d93d7c40e2180d65fef46"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 19:32:44 GMT

GET
H2 200 performance-e348eb0df0c6e4e9b4146-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 243 KB
52 KB 14ms
13ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/performance-e348eb0df0c6e4e9b4146-min.en-US.js
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0a675c49b4793538ea129d125e19ce7c014b1f8465e4fe9021f32b92bc03e7ef

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 16, 11179
date: Sun, 06 Aug 2023 14:08:33 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 243572
x-cache: HIT, HIT
content-length: 53269
x-served-by: cache-iad-kiad7000095-IAD, cache-fra-eddf8230051-FRA
last-modified: Thu, 03 Aug 2023 18:20:13 GMT
server: UploadServer
x-timer: S1691330914.774044,VS0,VE0
etag: "1989f6c4071a856a5481030a5fbda299"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 18:29:02 GMT

GET
H2 200 site.css
static1.squarespace.com/static/versioned-site-css/5ef9149db191a64daedbcb26/54/5c5a519771c10ba3470d8101/5ef91609df03ed59010e802c/1421/ 1012 KB
105 KB 28ms
8ms Stylesheet
text/css 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/versioned-site-css/5ef9149db191a64daedbcb26/54/5c5a519771c10ba3470d8101/5ef91609df03ed59010e802c/1421/site.css

Requested by

Host: forestwitchllc.com
URL: https://forestwitchllc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

006ae35ef83cb3011f274833a204fa91c99771df78ec246881ab645eecbec613

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 14, 1
date: Sun, 06 Aug 2023 14:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 167353
x-cache: HIT, HIT
x-contextid: NSWnQ8NJ/36q4ntXR
content-length: 107142
x-served-by: cache-dfw-kdfw8210119-DFW, cache-fra-eddf8230100-FRA
pragma: cache
server: Squarespace
x-timer: S1691330914.727741,VS0,VE2
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 80ms
55ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9950562927283892

Requested by

Host: forestwitchllc.com
URL: https://forestwitchllc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60b5803a671f29ed6a43b4c2b7d8ad799b4ca72deb8a49475667fff6ee8cf583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50472
x-xss-protection: 0
server: cafe
etag: 17013392124541113980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 14:08:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 44ms
21ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4PFNNZ53N3

Requested by

Host: forestwitchllc.com
URL: https://forestwitchllc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0641af3e9386ae1d8e8cbb840e268f95ba3f222c3e36caf8868c0a280b78403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82267
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 06 Aug 2023 14:08:33 GMT

GET
H2 200 static.css
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1690406052257-HFCA2VVR8R1QMYFLAT56/ 8 KB
1 KB 25ms
7ms Stylesheet
text/css 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1690406052257-HFCA2VVR8R1QMYFLAT56/static.css

Requested by

Host: forestwitchllc.com
URL: https://forestwitchllc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f375908038797acd02d0be79dfcc2d1bcf5a865b392cea37fa0972417550788d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 38913, 32067
date: Sun, 06 Aug 2023 14:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 924861
x-cache: HIT, HIT
x-contextid: Wb7iZtsq/6k4Gpq2o
content-length: 787
x-served-by: cache-dfw-kdfw8210138-DFW, cache-fra-eddf8230100-FRA
pragma: cache
server: Squarespace
x-timer: S1691330914.727709,VS0,VE0
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 Forest+Witch-4.png
images.squarespace-cdn.com/content/v1/5ef9149db191a64daedbcb26/50a2a4b8-ae2b-424d-897d-7be69ec9c314/ 55 KB
55 KB 27ms
8ms Image
image/png 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5ef9149db191a64daedbcb26/50a2a4b8-ae2b-424d-897d-7be69ec9c314/Forest+Witch-4.png?format=1500w
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1877b05f0b93e0ce39bedcc8f13fcbf05792990d0dd4f2d90c341e732d5666de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 43, 1
date: Sun, 06 Aug 2023 14:08:33 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 429558
x-cache: HIT, HIT
content-length: 55938
x-served-by: cache-iad-kcgs7200088-IAD, cache-fra-eddf8230116-FRA
x-timer: S1691330914.732780,VS0,VE1
etag: CNnvqvejsPgCEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 site-bundle.9b694d1d2bc314d486e36f0940bee4db.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 175 KB
43 KB 7ms
7ms Script
application/javascript 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.9b694d1d2bc314d486e36f0940bee4db.js

Requested by

Host: forestwitchllc.com
URL: https://forestwitchllc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

826517432fd900e5ee434e868a187af68c1dd0ca32eb3dead369dd891ff83eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 29, 22131
date: Sun, 06 Aug 2023 14:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 245333
x-cache: HIT, HIT
x-contextid: t8lPfgOz/OuONUS9N
content-length: 43657
x-served-by: cache-dfw-kdfw8210036-DFW, cache-fra-eddf8230100-FRA
pragma: cache
server: Squarespace
x-timer: S1691330914.773721,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 l
use.typekit.net/af/11ba66/00000000000000007735c86d/30/ 17 KB
17 KB 26ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/11ba66/00000000000000007735c86d/30/l?subset_id=2&fvd=n5&v=3
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6f8758fc426a46a8cdf5541239965a93ac1ad90ba64994255ca66bdeaf4b7688

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:33 GMT
server: nginx
etag: "fd0bc5a2be59f574039f1426a5d1f7ae560a4918"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17160

GET
H2 200 l
use.typekit.net/af/174e41/00000000000000007735c867/30/ 17 KB
17 KB 26ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/174e41/00000000000000007735c867/30/l?subset_id=2&fvd=n4&v=3
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 08c417527a77bf3d2925525c736ff64eff5c7dd556b3a5df62ed26800282189b

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:33 GMT
server: nginx
etag: "ad0872b792c1b95e8419ff3e4935efa4135e572d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17260

GET
H2 200 l
use.typekit.net/af/d2d4bf/00000000000000007735ce3c/30/ 28 KB
28 KB 24ms
6ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d2d4bf/00000000000000007735ce3c/30/l?subset_id=2&fvd=n3&v=3
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c3e331a6620eef0b578fa0ea11c88c8a3b41721b830cf0fe6e085228010ff98b

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:33 GMT
server: nginx
etag: "d18d6cd4c0870c2b795a4bed07f775da23fbd484"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28808

GET
H2 200 l
use.typekit.net/af/4e163f/00000000000000007735ce33/30/ 27 KB
27 KB 26ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4e163f/00000000000000007735ce33/30/l?subset_id=2&fvd=n7&v=3
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 64b01e41a000dfc6bf9abf8693efe7203ff4ea07536830f301b731af4f460832

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:33 GMT
server: nginx
etag: "a217939d94380c53f4681436ab9a787e7398cbed"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27700

GET
H2 200 Screen+Shot+2021-10-08+at+12.46.21+AM.png
images.squarespace-cdn.com/content/v1/5ef9149db191a64daedbcb26/9dd31e26-1244-4dc1-aa4e-d212865f47c8/ 5 MB
5 MB 28ms
27ms Image
image/png 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5ef9149db191a64daedbcb26/9dd31e26-1244-4dc1-aa4e-d212865f47c8/Screen+Shot+2021-10-08+at+12.46.21+AM.png?format=2500w
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 787b0dd87c37491aa7dd62cb50f36a6f1c99f271dd31100d00291cae3f77f7da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 1, 1
date: Sun, 06 Aug 2023 14:08:33 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 154161
x-cache: HIT, HIT
content-length: 5041487
x-served-by: cache-iad-kcgs7200033-IAD, cache-fra-eddf8230116-FRA
x-timer: S1691330914.834019,VS0,VE11
etag: CPG6iJ6BuvMCEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 BA60E01A-8C6D-4B78-A47C-16C2246C0800.jpg
images.squarespace-cdn.com/content/v1/5ef9149db191a64daedbcb26/1594015635424-83LT2IZ76S79UX7TGQQB/ 1 MB
1 MB 11ms
10ms Image
image/jpeg 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5ef9149db191a64daedbcb26/1594015635424-83LT2IZ76S79UX7TGQQB/BA60E01A-8C6D-4B78-A47C-16C2246C0800.jpg?format=2500w
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d11ecd5059e15484a290b6b46824a7b5bdf0b129f38fa569143d9ef5e192c86b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 0, 1
date: Sun, 06 Aug 2023 14:08:33 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 45292
x-cache: MISS, HIT
content-length: 1195090
x-served-by: cache-iad-kjyo7100156-IAD, cache-fra-eddf8230116-FRA
x-timer: S1691330914.833965,VS0,VE4
etag: CPOqvp+GxesCEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 floating-cart.4814fbbf54a92e38c18f.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 451 B
462 B 7ms
6ms Script
application/javascript 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.4814fbbf54a92e38c18f.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.9b694d1d2bc314d486e36f0940bee4db.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

44730fefcc42a6a30ff8e5e876522fa745b60bf0744414838d9de76eeb705c23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 58, 30263
date: Sun, 06 Aug 2023 14:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 334284
x-cache: HIT, HIT
x-contextid: rJeZqpv1/Z7UfQyXX
content-length: 302
x-served-by: cache-dfw-kdfw8210096-DFW, cache-fra-eddf8230100-FRA
pragma: cache
server: Squarespace
x-timer: S1691330914.124886,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 l
use.typekit.net/af/c9a129/00000000000000007735ce69/30/ 28 KB
28 KB 7ms
6ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c9a129/00000000000000007735ce69/30/l?subset_id=2&fvd=i3&v=3
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9c773ff9ba81068644447e91345913ef873b260cea69670e083aff99cfbd3c5b

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
server: nginx
etag: "92f1ae0b24bf620e7eb3ba1c352e42fe09026830"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28768

GET
H2 200 l
use.typekit.net/af/2a2795/00000000000000007735ce6d/30/ 27 KB
28 KB 8ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2a2795/00000000000000007735ce6d/30/l?subset_id=2&fvd=i7&v=3
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: bd9f89f71b32e06d931161768884e4eff73c28c5f1604760049b456f3bd7bc06

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
server: nginx
etag: "49fadec741443f4887a55e3777fbaca550d096a5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28036

GET
H2 200 l
use.typekit.net/af/36a2f5/00000000000000007735c877/30/ 17 KB
17 KB 8ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/36a2f5/00000000000000007735c877/30/l?subset_id=2&fvd=n7&v=3
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b2365fdb93291d44365fb8ca480d8eba7947db60b1202337d61407c5df700a3

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
server: nginx
etag: "3123ccc01a746322bc690f492ae75d2f13cca4b3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17704

GET
H2 200 l
use.typekit.net/af/f22e6a/00000000000000007735c869/30/ 18 KB
18 KB 8ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f22e6a/00000000000000007735c869/30/l?subset_id=2&fvd=i4&v=3
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 184885df5fd1770d9710f114c1c0d8456bdb07e3cb49e29fbc87cd4661dba2fe

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
server: nginx
etag: "31afad79ad1742caf7d4da611716ac7224cbb6a5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18236

GET
H2 200 l
use.typekit.net/af/29fa5e/00000000000000007735c87b/30/ 18 KB
18 KB 8ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/29fa5e/00000000000000007735c87b/30/l?subset_id=2&fvd=i7&v=3
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7de9b4c5fb4daaf0bb369ec09fd2f6bc8a908f9314b2f36c7ba64579bc99e490

Request headers

Referer: https://forestwitchllc.com/
Origin: https://forestwitchllc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
server: nginx
etag: "fc28b9b394c0e98d7d862bf1a0a6eb20b0cfa54b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18216

POST
H2 200 RecordHit Show response
forestwitchllc.com/api/census/ 17 B
60 B 186ms
185ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/api/census/RecordHit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://forestwitchllc.com/
X-CSRF-Token: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: nrFks9wP/ga2OuZue
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
forestwitchllc.com/api/census/ 17 B
60 B 187ms
186ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://forestwitchllc.com/
X-CSRF-Token: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: nrFks9wP/jmvc5WfP
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
forestwitchllc.com/api/census/ 17 B
60 B 188ms
188ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://forestwitchllc.com/
X-CSRF-Token: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: nrFks9wP/0pvQhTW5
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
forestwitchllc.com/api/census/ 17 B
111 B 167ms
166ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://forestwitchllc.com/
X-CSRF-Token: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: nrFks9wP/H293kEiB
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
forestwitchllc.com/api/census/ 17 B
59 B 173ms
173ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://forestwitchllc.com/
X-CSRF-Token: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: nrFks9wP/DaY0ohns
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
forestwitchllc.com/api/census/ 17 B
60 B 241ms
241ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://forestwitchllc.com/
X-CSRF-Token: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: nrFks9wP/A3Y31ym3
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
forestwitchllc.com/api/census/ 17 B
60 B 173ms
173ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://forestwitchllc.com/
X-CSRF-Token: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: nrFks9wP/h10cwv4D
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
forestwitchllc.com/api/census/ 17 B
60 B 181ms
181ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://forestwitchllc.com/
X-CSRF-Token: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: nrFks9wP/vYvBNDub
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
forestwitchllc.com/api/census/ 17 B
60 B 184ms
184ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://forestwitchllc.com/
X-CSRF-Token: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: nrFks9wP/YW2rzKXx
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
forestwitchllc.com/api/census/ 17 B
60 B 185ms
185ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://forestwitchllc.com/
X-CSRF-Token: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: nrFks9wP/VIR1Mjel
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
forestwitchllc.com/api/census/ 17 B
60 B 185ms
185ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://forestwitchllc.com/
X-CSRF-Token: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: nrFks9wP/7u8Fu4Um
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
forestwitchllc.com/api/census/ 17 B
60 B 167ms
167ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://forestwitchllc.com/
X-CSRF-Token: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: nrFks9wP/cd177psU
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
forestwitchllc.com/api/census/ 17 B
60 B 247ms
246ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://forestwitchllc.com/
X-CSRF-Token: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: nrFks9wP/uLlsTsg3
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
forestwitchllc.com/api/census/ 17 B
60 B 184ms
184ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://forestwitchllc.com/
X-CSRF-Token: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: nrFks9wP/WPs1eTN0
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
forestwitchllc.com/api/census/ 17 B
60 B 187ms
187ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://forestwitchllc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-1204c052fdab4fa666f14-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://forestwitchllc.com/
X-CSRF-Token: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: nrFks9wP/mmnayNEN
accept-ranges: bytes
content-length: 17

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 34ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4PFNNZ53N3&gtm=45je3820&_p=1185360926&gdid=dZjQwMz&cid=2097909425.1691330914&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691330914&sct=1&seg=0&dl=https%3A%2F%2Fforestwitchllc.com%2F&dt=Forest%20Witch%E2%84%A0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PFNNZ53N3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 14:08:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forestwitchllc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/ 371 KB
125 KB 82ms
68ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9950562927283892&plah=forestwitchllc.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9950562927283892

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e51ac1354dc993866ae916cb787bdbcfb4846b4322c706cf6a59b1fdc0d4236

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128126
x-xss-protection: 0
server: cafe
etag: 11820123574366111203
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 14:08:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/ Frame A14D 10 KB
5 KB 68ms
25ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9950562927283892

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forestwitchllc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Aug 2023 18:47:57 GMT
etag: 12368291122986407432
expires: Sat, 19 Aug 2023 18:47:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 p.gif
p.typekit.net/ 35 B
205 B 28ms
6ms Image
image/gif 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=2&k=646866_5ef9149db191a64daedbcb26&ht=tk&h=forestwitchllc.com&f=42663.42661.43474.43478.44510.44512.44516.44511.44517&a=646866&js=1.21.0&app=typekit&e=js&_=1691330914294
Requested by: Host: forestwitchllc.com
URL: https://forestwitchllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
609 B 36ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=forestwitchllc.com&callback=_gfp_s_&client=ca-pub-9950562927283892

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9950562927283892&plah=forestwitchllc.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a704d016a7b7f1f9dbf02d0190bb7b1324d422aaddc18f767f079b9724a116c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7450 603 B
245 B 176ms
175ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9950562927283892&output=html&adk=2296256312&adf=2630686053&lmt=1691330914&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=https%3A%2F%2Fforestwitchllc.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691330914275&bpp=5&bdt=582&idt=174&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2549579469611&frm=20&pv=2&ga_vid=2097909425.1691330914&ga_sid=1691330914&ga_hid=1185360926&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076481%2C31076730%2C31076444%2C44796632&oid=2&pvsid=1713245089822408&tmod=957882570&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=205

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forestwitchllc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 14:08:34 GMT
expires: Sun, 06 Aug 2023 14:08:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 106ms
106ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=header&cls=bright-inverse%20header%20theme-col--primary&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: forestwitchllc.com
URL: https://forestwitchllc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 14:08:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 57ms
56ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230802&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f631d4c8ea00ac92ea84f9dee40fc7bdb133e92c7551d199f9f277801786ae98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11900
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Aug 2023 14:08:34 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 94D0 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forestwitchllc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 10:10:08 GMT
expires: Mon, 05 Aug 2024 10:10:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B2C1 783 B
1 KB 45ms
24ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2dbb090bbc1e22788f2ff268f348858b26adcdf391bc5a9fee5e14a1303ac17

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3tbputMIMlbuSaw_cez1zg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forestwitchllc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-3tbputMIMlbuSaw_cez1zg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 14:08:34 GMT
expires: Sun, 06 Aug 2023 14:08:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame 94D0 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 12:24:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B2C1 0
0 105ms
105ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230802&jk=1713245089822408&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 94D0 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mVgSfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:08:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 111ms
111ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230802&jk=1713245089822408&bg=!NDelN2PNAAZGOVy5Zjk7ADkAdvg8Wkx_TmTi4Vz2njh57YtNXPhlOXrqUEhFMurenxV81SsJtTN-7kCMFmFFxu78ma1jhUVBsdQCAAAASlIAAAAIaAEHmQLENnKCo8_pH3PjUPk0grLZBUSyYl4CMv9Hb9w0mXhGoJnUIBmBeo5yu6gdGTkriFMDiWg-4o5AMRiUa61kocTNRiLlgrXXAAtvS8DeGYW2FHmvs4fPJ2NGt00iAgEFKZAMKSgeTyqtx4QfsbX7u_qgM5SEedr83R73BUIKo4Z15lDPivDWkcelDxKXrFxR7lL1YqB4JW5OTDpgf26H8kWMhZXk5BzWU2re8__PwvRH16f8VNOtKdnLLWdtOUn1FR7NpADwWKV9gbuVOjo2G4trfKKOgQNB9_X4aZ8bvnlt7APkZDUXmLzQP__Ti_api4HUbSIWhFQb8t-9agFie-dMtu38RxDKU-CjNwUC4IEFFmsFIyohw28_TenP0vPt1I6W03apCP-zyTVRF30aZbG9NcMTlJZ4gUMpM__i8ZmGJmBiaN_F0d8hxvm_N2GfsmQDIoJn5_nNLKUDizkGttuibPkznHxgdnwZhhea4KBoVQSh0m4Lq9Fv0ob5JVE7KiJKJW1-YFTg1FKD_XrcMlXBzQxCrnnKtgNxCMi8AV_RjGoV0Nj3XlUjdOq3ttrgrpLL0r9bfoajEQPy92O8FFegZIhznL_ae1WqG_4OZt76oph6Qw4rJ7P7J2nnWoUhsX1f1J2sE-w0wB1sfbAIDYPdQASN3lMURRt56Pb-PK54bnaRKrk2MGeq8I6o6sGopMkF8q0eWJG8d5iWPwx_uR3neMaqacLjD-zDzgyKVbGbYGPP6pQNs47Pv1gicKb_C1kFOTFI7gE76t3W0mSsCwO4CcHC70N_l1-6eCZs4CLdqkVPSGdWjQDPd9_6Q5AGwk92zHpBkOtj5vYS5dJ9q6DU9B3wHRD14kFNJw1yA7OLE5z9M6CU49hK8LAo7XyDyjtG0mCHhhm77lf1eTwJEtHykWz7zQn-bJifczsizqoUDO4r42wS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forestwitchllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
forestwitchllc.biz/	1969-12-31 23:59:59	Name: crumb Value: BWkNtealgEQCN2YzNjA0ZjI5NmY1MTM2ZTMwMjYwMzFmYTg3OTcy
forestwitchllc.com/	1969-12-31 23:59:59	Name: crumb Value: BZWGDMDcijxZZDE3NTk0Y2E2YWM3MmUyYWY5MjE4NWVlZmZhNmJk
forestwitchllc.com/	1970-01-20 23:24:50	Name: ss_cvr Value: c9ffedb3-8724-4b7d-84e3-448bb6342626\|1691330914164\|1691330914164\|1691330914164\|1
forestwitchllc.com/	1970-01-20 13:48:52	Name: ss_cvt Value: 1691330914164
.forestwitchllc.com/	1970-01-20 23:24:50	Name: _ga_4PFNNZ53N3 Value: GS1.1.1691330914.1.0.1691330914.0.0.0
.forestwitchllc.com/	1970-01-20 23:24:50	Name: _ga Value: GA1.1.2097909425.1691330914
.forestwitchllc.com/	1970-01-20 23:10:26	Name: __gads Value: ID=bd178132e6b768a5-2298e76149de0033:T=1691330914:RT=1691330914:S=ALNI_MbtEtuJYzRy5pMqQ4WpniRE2P_DQw
.forestwitchllc.com/	1970-01-20 23:10:26	Name: __gpi Value: UID=00000c4ff29c3cb3:T=1691330914:RT=1691330914:S=ALNI_MYNdCMq5Y0uPck3oWPi7Wa4YK963g
.doubleclick.net/	1970-01-20 13:48:51	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.squarespace.com
forestwitchllc.biz
forestwitchllc.com
googleads.g.doubleclick.net
images.squarespace-cdn.com
p.typekit.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
static1.squarespace.com
tpc.googlesyndication.com
use.typekit.net
www.google.com
www.googletagmanager.com
151.101.128.238
151.101.192.238
151.101.64.237
198.185.159.145
198.49.23.145
2001:4860:4802:32::36
2a00:1450:4001:803::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2008
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
006ae35ef83cb3011f274833a204fa91c99771df78ec246881ab645eecbec613
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
08c417527a77bf3d2925525c736ff64eff5c7dd556b3a5df62ed26800282189b
08f2efacdc1f3ead8e86c056bd7dcf4b9f336bedc20937f8c2e6c478cfc4e5c4
0a675c49b4793538ea129d125e19ce7c014b1f8465e4fe9021f32b92bc03e7ef
184885df5fd1770d9710f114c1c0d8456bdb07e3cb49e29fbc87cd4661dba2fe
1877b05f0b93e0ce39bedcc8f13fcbf05792990d0dd4f2d90c341e732d5666de
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
335330819eff2a2954e05e03fd7df97c3fcfd353c949bf9370aca401920e438f
44730fefcc42a6a30ff8e5e876522fa745b60bf0744414838d9de76eeb705c23
4e51ac1354dc993866ae916cb787bdbcfb4846b4322c706cf6a59b1fdc0d4236
522229016f084c734c992315cca0b22f6c72563579b66b88eea907eee1fb55f1
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569a5ddeb6be071f9aab78909686d2686b0b83824bcf51ab540b9a9c50532034
60b5803a671f29ed6a43b4c2b7d8ad799b4ca72deb8a49475667fff6ee8cf583
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64b01e41a000dfc6bf9abf8693efe7203ff4ea07536830f301b731af4f460832
6a704d016a7b7f1f9dbf02d0190bb7b1324d422aaddc18f767f079b9724a116c
6f8758fc426a46a8cdf5541239965a93ac1ad90ba64994255ca66bdeaf4b7688
74688443c4606cb110aad7ea8302c8498510176be377b54e155dcf286abdf328
787b0dd87c37491aa7dd62cb50f36a6f1c99f271dd31100d00291cae3f77f7da
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
7de9b4c5fb4daaf0bb369ec09fd2f6bc8a908f9314b2f36c7ba64579bc99e490
826517432fd900e5ee434e868a187af68c1dd0ca32eb3dead369dd891ff83eef
9b2365fdb93291d44365fb8ca480d8eba7947db60b1202337d61407c5df700a3
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c773ff9ba81068644447e91345913ef873b260cea69670e083aff99cfbd3c5b
a2dbb090bbc1e22788f2ff268f348858b26adcdf391bc5a9fee5e14a1303ac17
a59acd7a8cbaf68d5d628ac09c501f01a2f3f42c9affa8f3d101f2860d1cc3f7
bd9f89f71b32e06d931161768884e4eff73c28c5f1604760049b456f3bd7bc06
c3e331a6620eef0b578fa0ea11c88c8a3b41721b830cf0fe6e085228010ff98b
d06199e522e1ab1c0a041c0c604f7422b9b803ea775ff1b95be12b887334de0b
d11ecd5059e15484a290b6b46824a7b5bdf0b129f38fa569143d9ef5e192c86b
d87684538eb5444f5b45c3db45736a201fec86425e7bc08b1d87a1a6435d8a0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0641af3e9386ae1d8e8cbb840e268f95ba3f222c3e36caf8868c0a280b78403
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f375908038797acd02d0be79dfcc2d1bcf5a865b392cea37fa0972417550788d
f631d4c8ea00ac92ea84f9dee40fc7bdb133e92c7551d199f9f277801786ae98

forestwitchllc.com Open in urlscan Pro 198.49.23.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

100 %HTTPS

64 %IPv6

11 Domains

14 Subdomains

13 IPs

2 Countries

7912 kBTransfer

13824 kBSize

9 Cookies

15 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

forestwitchllc.com Open in urlscan Pro
198.49.23.145 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

64 %
IPv6

11
Domains

14
Subdomains

13
IPs

2
Countries

7912 kB
Transfer

13824 kB
Size

9
Cookies

58 HTTP transactions
0 data transactions