www.thebellamagicpuff.fun Open in urlscan Pro
172.64.153.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thebellamagicpuff.fun/
Effective URL:
https://www.thebellamagicpuff.fun/
Submission: On June 22 via api (June 22nd 2024, 6:37:51 am UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 11 domains to perform 48 HTTP transactions. The main IP is 172.64.153.80, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is www.thebellamagicpuff.fun.
TLS certificate: Issued by WE1 on June 21st 2024. Valid for: 3 months.

This is the only time www.thebellamagicpuff.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.2.192.9 52.2.192.9	14618 (AMAZON-AES) (AMAZON-AES)
7	172.64.153.80 172.64.153.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5c3f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.57.212.200 52.57.212.200	16509 (AMAZON-02) (AMAZON-02)
1	2a00:4b40:100... 2a00:4b40:1000:4:37:9:169:171	51013 (WEBSUPPOR...) (WEBSUPPORT-SRO-SK-AS)
3	13.33.216.204 13.33.216.204	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:8800:1f:f560:8d00:21	16509 (AMAZON-02) (AMAZON-02)
4	52.29.90.131 52.29.90.131	16509 (AMAZON-02) (AMAZON-02)
2	44.196.202.103 44.196.202.103	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:272... 2600:9000:2724:9200:13:2031:2340:21	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:249... 2600:9000:2491:da00:1c:b536:2c40:21	16509 (AMAZON-02) (AMAZON-02)
1	104.16.88.87 104.16.88.87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.62.63 18.245.62.63	16509 (AMAZON-02) (AMAZON-02)
11	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:7d31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:243... 2600:1f18:243f:2d00:f500:498d:ede8:13bc	14618 (AMAZON-AES) (AMAZON-AES)
3	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
3	18.172.112.55 18.172.112.55	16509 (AMAZON-02) (AMAZON-02)
48	19

1 52.2.192.9 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-192-9.compute-1.amazonaws.com

thebellamagicpuff.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.153.80 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

www.thebellamagicpuff.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5c3f (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.sitebuilderhost.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.212.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-212-200.eu-central-1.compute.amazonaws.com

app.ecwid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:4b40:1000:4:37:9:169:171 (Slovakia)

ASN51013 (WEBSUPPORT-SRO-SK-AS, SK)

cdn.websupport.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.216.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-216-204.fra60.r.cloudfront.net

d3cy3u1txmkqs3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:8800:1f:f560:8d00:21 (United States)

ASN16509 (AMAZON-02, US)

d3dq8sxcny4hg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.29.90.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-90-131.eu-central-1.compute.amazonaws.com

app.store.sitebuilderhost.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.196.202.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-202-103.compute-1.amazonaws.com

ecomm.events	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:9200:13:2031:2340:21 (United States)

ASN16509 (AMAZON-02, US)

d11s7fcxy18ubx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:da00:1c:b536:2c40:21 (United States)

ASN16509 (AMAZON-02, US)

d1oxsl77a1kjht.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.88.87 (None, )

ASN13335 (CLOUDFLARENET, US)

analytics.yolacdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.62.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-62-63.fra60.r.cloudfront.net

d1dkdnyvras0l5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.193.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7d31 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.yola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:243f:2d00:f500:498d:ede8:13bc (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

analytics.sitewit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.35 (San Francisco, United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.172.112.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-55.fra60.r.cloudfront.net

d2j6dbq0eux0bg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	paypal.com www.paypal.com — Cisco Umbrella Rank: 3110 t.paypal.com — Cisco Umbrella Rank: 3894	264 KB
11	cloudfront.net d3cy3u1txmkqs3.cloudfront.net d3dq8sxcny4hg.cloudfront.net d11s7fcxy18ubx.cloudfront.net d1oxsl77a1kjht.cloudfront.net d1dkdnyvras0l5.cloudfront.net d2j6dbq0eux0bg.cloudfront.net	1 MB
8	thebellamagicpuff.fun 1 redirects thebellamagicpuff.fun www.thebellamagicpuff.fun	2 MB
7	sitebuilderhost.net fonts.sitebuilderhost.net — Cisco Umbrella Rank: 421670 app.store.sitebuilderhost.net	71 KB
2	sitewit.com analytics.sitewit.com — Cisco Umbrella Rank: 69905	21 KB
2	ecomm.events ecomm.events — Cisco Umbrella Rank: 59044	2 KB
1	yola.com pixel.yola.com — Cisco Umbrella Rank: 398820	406 B
1	yolacdn.net analytics.yolacdn.net — Cisco Umbrella Rank: 392696	6 KB
1	websupport.eu cdn.websupport.eu	10 KB
1	ecwid.com app.ecwid.com — Cisco Umbrella Rank: 43966	19 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	5 KB
48	11

	Domain	Requested by
11	www.paypal.com	www.paypal.com
7	www.thebellamagicpuff.fun	www.thebellamagicpuff.fun
4	app.store.sitebuilderhost.net	www.thebellamagicpuff.fun
3	d2j6dbq0eux0bg.cloudfront.net
3	t.paypal.com
3	d3cy3u1txmkqs3.cloudfront.net	www.thebellamagicpuff.fun
3	fonts.sitebuilderhost.net	cdnjs.cloudflare.com fonts.sitebuilderhost.net
2	analytics.sitewit.com	analytics.yolacdn.net
2	d1oxsl77a1kjht.cloudfront.net	www.thebellamagicpuff.fun
2	ecomm.events	www.thebellamagicpuff.fun ecomm.events
1	pixel.yola.com	analytics.yolacdn.net
1	d1dkdnyvras0l5.cloudfront.net
1	analytics.yolacdn.net	www.thebellamagicpuff.fun
1	d11s7fcxy18ubx.cloudfront.net	www.thebellamagicpuff.fun
1	d3dq8sxcny4hg.cloudfront.net	www.thebellamagicpuff.fun
1	cdn.websupport.eu	www.thebellamagicpuff.fun
1	app.ecwid.com	www.thebellamagicpuff.fun
1	cdnjs.cloudflare.com	www.thebellamagicpuff.fun
1	thebellamagicpuff.fun	1 redirects
48	19

This site contains links to these domains. Also see Links.

Domain
www.youtube.com

Subject Issuer	Validity	Valid
www.thebellamagicpuff.fun WE1	`2024-06-21` - `2024-09-19`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
sitebuilderhost.net GTS CA 1P5	`2024-05-30` - `2024-08-28`	3 months	crt.sh
*.ecwid.com Amazon RSA 2048 M03	`2024-06-06` - `2025-07-06`	a year	crt.sh
*.websupport.eu R3	`2024-05-06` - `2024-08-04`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.store.sitebuilderhost.net Amazon RSA 2048 M02	`2023-09-26` - `2024-10-25`	a year	crt.sh
*.ecomm.events R3	`2024-05-02` - `2024-07-31`	3 months	crt.sh
yolacdn.net GTS CA 1P5	`2024-06-02` - `2024-08-31`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
yola.com GTS CA 1P5	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.sitewit.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-20` - `2024-08-19`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.thebellamagicpuff.fun/
Frame ID: 8FD8DC3BEC3C2A20705C6BE052FE95A6
Requests: 51 HTTP requests in this frame

Frame: https://d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-28096-g7a9143bdc923f5/ru.cdev.xnext.frontend.LegacyFrontend/BD669D78A8AD68F2A7A8CDA29658E417.cache.js
Frame ID: C0058C68E480823242C9660F7FA2DAC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Domov

Page URL History Show full URLs

https://thebellamagicpuff.fun/ HTTP 302
https://www.thebellamagicpuff.fun/ Page URL

Detected technologies

Ecwid (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

https://app\.ecwid\.com/script\.js

Page Statistics

48
Requests

100 %
HTTPS

37 %
IPv6

11
Domains

19
Subdomains

19
IPs

4
Countries

3713 kB
Transfer

10560 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/@the-Bella_magic_puff
Title: TheBellaMagicPuff

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thebellamagicpuff.fun/ HTTP 302
https://www.thebellamagicpuff.fun/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.thebellamagicpuff.fun/
Redirect Chain

https://thebellamagicpuff.fun/
https://www.thebellamagicpuff.fun/

154 KB
14 KB

838ms
428ms

Document
text/html

172.64.153.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thebellamagicpuff.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.80 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ceefa91802a84ed07b405c0438741cf7837628bbbd4a39f79d357a6313be3bb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=60
cf-cache-status: DYNAMIC
cf-ray: 897a3b04db0c4480-TXL
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 22 Jun 2024 06:37:35 GMT
last-modified: Fri, 21 Jun 2024 16:19:37 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: MISS
x-cache-hits: 0

Redirect headers

age: 0
content-length: 142
content-type: text/html
date: Sat, 22 Jun 2024 06:37:34 GMT
location: https://www.thebellamagicpuff.fun/
x-cache: MISS
x-cache-hits: 0
x-hrouter: hrouter3

GET
H3 200 cbaf6c3b2843bc7ad151da68d1cad088.css
www.thebellamagicpuff.fun/ws/bundles/css/ 349 KB
54 KB 670ms
635ms Stylesheet
text/css 172.64.153.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thebellamagicpuff.fun/ws/bundles/css/cbaf6c3b2843bc7ad151da68d1cad088.css
Requested by: Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.80 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6fccd5c9548d80892bc9b256191fecc947c170d696b9fcbbd96bd218b34cd31

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:35 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 16:19:37 GMT
server: cloudflare
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: MISS
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
lookup-cache-hit: 1
cf-ray: 897a3b07e9b84480-TXL
alt-svc: h3=":443"; ma=86400
x-cache-hits: 0

GET
H3 200 the-bella-magic-puff_-_logo.jpg
www.thebellamagicpuff.fun/ws/media-library/2e8b64a087fc4fcdb3a786739ce82716/ 1017 KB
1017 KB 747ms
746ms Image
image/jpeg 172.64.153.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thebellamagicpuff.fun/ws/media-library/2e8b64a087fc4fcdb3a786739ce82716/the-bella-magic-puff_-_logo.jpg
Requested by: Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.80 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42ca4c58df3031540b3ff25bb5363d298b5159fb1bb9cc2feb4d1558e63a5fa4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:36 GMT
x-amz-version-id: null
cf-cache-status: MISS
x-amz-server-side-encryption: AES256
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 1040955
last-modified: Fri, 21 Jun 2024 16:19:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
lookup-cache-hit: 1
accept-ranges: bytes
cf-ray: 897a3b084a854480-TXL
x-cache-hits: 0

GET
H3 200 2d0c9a7ed2d7a74bd082cdffd7ce44ef.js Show response
www.thebellamagicpuff.fun/ws/bundles/js/ 271 KB
86 KB 654ms
654ms Script
application/javascript 172.64.153.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thebellamagicpuff.fun/ws/bundles/js/2d0c9a7ed2d7a74bd082cdffd7ce44ef.js
Requested by: Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.80 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84f56cbf641450bd5d9eec2370f5671fcb432a9f2d9d91a1189ab58f12e44ce6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:36 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 16:19:37 GMT
server: cloudflare
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: public, max-age=31536000
lookup-cache-hit: 1
cf-ray: 897a3b084a8a4480-TXL
alt-svc: h3=":443"; ma=86400
x-cache-hits: 0

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ 12 KB
5 KB 146ms
35ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 739768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWZIZbmQZtnoFpdxDT2hEVmn%2FdCnGwKWxAaGTKST7vGSyLvlKnMW%2BpSbhuy8f2VF3IQwvisW4MolX5YA8zNPeiygxQtobWmVpTZv%2FhFb2LBeyLiy%2Fq%2BfaIPEreOJ4Q8TeyACgPHP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 897a3b0d0c2c3aa2-FRA
expires: Thu, 12 Jun 2025 06:37:36 GMT

GET
DATA 200
OK truncated
/ 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6183e69cacfda3f5a63d2ce60215c5d65558b8c008d214cca22a3a7b3a40a766

Request headers

Referer
Origin: https://www.thebellamagicpuff.fun
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 20240525_104946.webp
www.thebellamagicpuff.fun/ws/media-library/0c748546cf534e7eb0db0a409ce58231/ 447 KB
447 KB 839ms
836ms Image
image/webp 172.64.153.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thebellamagicpuff.fun/ws/media-library/0c748546cf534e7eb0db0a409ce58231/20240525_104946.webp
Requested by: Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.80 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3a66878a09dd1d4368baf7e88323142c6bf2086e95e33475663d362bb28916d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:36 GMT
x-amz-version-id: null
cf-cache-status: MISS
x-amz-server-side-encryption: AES256
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 457682
last-modified: Fri, 21 Jun 2024 16:19:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
lookup-cache-hit: 1
accept-ranges: bytes
cf-ray: 897a3b0d0d0a4480-TXL
x-cache-hits: 0

GET
H2 200 css
fonts.sitebuilderhost.net/ 19 KB
1 KB 587ms
473ms Stylesheet
text/css 2606:4700::6810:5c3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.sitebuilderhost.net/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i|Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i&display=swap

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c3f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f0741ec8fb5ea88a59f7a6bb9f0b8fdb9fde7e6d47670b1df55aa028846b088

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 06:37:36 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cf-ray: 897a3b0e6914bb8f-FRA
expires: Sat, 22 Jun 2024 06:37:36 GMT

GET
H/1.1 200
OK script.js Show response
app.ecwid.com/ 60 KB
19 KB 356ms
232ms Fetch
text/javascript 52.57.212.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/script.js?105436065
Requested by: Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/ws/bundles/js/2d0c9a7ed2d7a74bd082cdffd7ce44ef.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.212.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-212-200.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 76a4097c6b5bea873185949154808197cad1971693544ee617c1bfbf7c692986

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 22 Jun 2024 06:37:36 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"1870010380"
Transfer-Encoding: chunked
Access-Control-Max-Age: 600
Content-Type: text/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private,must-revalidate,max-age:3
Vary: Accept-Encoding
Connection: keep-alive
Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement

GET
H2 200 freeweb-banner.png
cdn.websupport.eu/images/site-builder/ 10 KB
10 KB 252ms
114ms Image
image/png 2a00:4b40:1000:4:37:9:169:171
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.websupport.eu/images/site-builder/freeweb-banner.png
Requested by: Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:4b40:1000:4:37:9:169:171 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
Software: nginx /
Resource Hash: df2dfdd9b79a0c862b0c5155960433f958c9e12328b7af12140d4b2241f5908d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sat, 22 Jun 2024 06:37:36 GMT
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 08:36:05 GMT
server: nginx
etag: W/"6540bc75-2884"
content-type: image/png

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 ycpkw_r_6ua.webp
www.thebellamagicpuff.fun/ws/media-library/69c3180f0db1465590b0334a67059991/ 302 KB
302 KB 844ms
843ms Image
image/webp 172.64.153.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thebellamagicpuff.fun/ws/media-library/69c3180f0db1465590b0334a67059991/ycpkw_r_6ua.webp
Requested by: Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.80 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 215b414860a3b4c0bb2f98759adea4a5c7dbc666210a833f0d4e5c8b622f8b9b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:37 GMT
x-amz-version-id: null
cf-cache-status: MISS
x-amz-server-side-encryption: AES256
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 308900
last-modified: Fri, 21 Jun 2024 16:19:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
lookup-cache-hit: 1
accept-ranges: bytes
cf-ray: 897a3b0f49a74480-TXL
x-cache-hits: 0

GET
H2 200 new-frontend.en.-1771960222.js Show response
d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/ 275 KB
75 KB 94ms
24ms Script
application/javascript 13.33.216.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/new-frontend.en.-1771960222.js
Requested by: Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.216.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-216-204.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b217085d53c7d087e07e2232840e7e84aa09f9eea3fc1736d63d2b2f8e969021

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:49:52 GMT
x-amz-version-id: 5HEg.GnCnlGa6vXtkOUUYRF9WkYmPYD3
content-encoding: gzip
last-modified: Fri, 21 Jun 2024 13:46:17 GMT
server: AmazonS3
via: 1.1 d51f8b07f1cd9f6dbf62bb0b0c961f1c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
etag: W/"b3e22a64b4c1b026a6e79b80ecb8efbf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
age: 60465
x-amz-cf-id: S2onFVMHdesZMkPjDJwt9EvaHrErvxzKbkKp5_tRaFZYpQ38TNUeOg==

GET
H2 200 ecwid-storefront.c1861cc5ffeff476049cb5c456344f45.min.js Show response
d3cy3u1txmkqs3.cloudfront.net/venera/static/ 1 MB
254 KB 126ms
62ms Script
application/javascript 13.33.216.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-storefront.c1861cc5ffeff476049cb5c456344f45.min.js

Requested by

Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.216.204 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-216-204.fra60.r.cloudfront.net

Software

nginx/1.19.0 /

Resource Hash

910b5e39c128b27bf4693aa6c553851fa0c5f06c1a8444a2ce0d7a325d1fa823

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 03:29:25 GMT
content-encoding: gzip
via: 1.1 d51f8b07f1cd9f6dbf62bb0b0c961f1c.cloudfront.net (CloudFront)
strict-transport-security: max-age=15724800
server: nginx/1.19.0
x-amz-cf-pop: FRA60-P10
age: 443291
etag: c1861cc5ffeff476049cb5c456344f45
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: cKAPC2zAavrJ1q49FGbr5Mebiuf1ImAODpaO0itFGtcGUvY-D1UTrQ==

GET
H2 200 states.js Show response
d3dq8sxcny4hg.cloudfront.net/ 72 KB
23 KB 102ms
29ms Script
application/javascript 2600:9000:2057:8800:1f:f560:8d00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dq8sxcny4hg.cloudfront.net/states.js?version=2024-28096-g7a9143bdc923f5&callback=window.ecwid_states_data.loaded
Requested by: Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8800:1f:f560:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: df9c4bf14fc31cf05887c4d94695481545bcdec594d33158e45eeb467aa07ca7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 14:33:09 GMT
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 144267
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=2592000
content-length: 22964
x-amz-cf-id: ZtyymC_bUuoCJScOf8sPVtaSgA_mjq8Tpdzjk9HsVw0sR8qayzN2zw==

GET
H/1.1 200
OK data.js Show response
app.store.sitebuilderhost.net/ 28 KB
8 KB 469ms
241ms Script
application/javascript 52.29.90.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.store.sitebuilderhost.net/data.js?ownerid=105436065&lang=en&token=c41b74b4098b4b30e0bdb0effc897cebc956aaa2&callback=window.ecwid_initial_data.data.doInit
Requested by: Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.90.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-90-131.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 226ec688938fbbdef46821e2ca587b5edfaaeef916d5b97b7e5956472a9c6393

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 22 Jun 2024 06:37:37 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Length: 7731
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

GET
H2 200 i.js Show response
ecomm.events/ 7 KB
2 KB 435ms
122ms Script
text/javascript 44.196.202.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ecomm.events/i.js

Requested by

Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.196.202.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-202-103.compute-1.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

ae01b3acdb4a3d28d514bc8b2d03033ccfe6c5f7cd49176ce7a42169e0d99ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:37 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800
server: nginx/1.19.0
etag: -664310502
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: no-cache
content-length: 1860

GET
DATA 200
OK truncated
/ 348 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b40041399747fb3f0d11901b0df5eb98b702bd7e8398e3af13defd379e5b6639

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 282 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4926f1c816e798a29c917dba18ac1ca5ff07750a53963e39731362df22dae28

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.sitebuilderhost.net/fonts/s/montserrat/v26/ 32 KB
33 KB 636ms
549ms Font
font/woff2 2606:4700::6810:5c3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.sitebuilderhost.net/fonts/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.sitebuilderhost.net
URL: https://fonts.sitebuilderhost.net/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i|Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c3f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.sitebuilderhost.net/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i|Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i&display=swap
Origin: https://www.thebellamagicpuff.fun
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 897a3b128826915c-FRA
expires: Mon, 16 Jun 2025 04:47:43 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.sitebuilderhost.net/fonts/s/montserrat/v26/ 27 KB
27 KB 648ms
561ms Font
font/woff2 2606:4700::6810:5c3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.sitebuilderhost.net/fonts/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c3f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.sitebuilderhost.net/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i|Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i&display=swap
Origin: https://www.thebellamagicpuff.fun
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-length: 27812
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 897a3b12882a915c-FRA
expires: Wed, 18 Jun 2025 08:21:31 GMT

GET
H2 200 BD669D78A8AD68F2A7A8CDA29658E417.cache.js Show response
d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-28096-g7a9143bdc923f5/ru.cdev.xnext.frontend.LegacyFrontend/ Frame C005 2 MB
598 KB 136ms
26ms Script
application/javascript 2600:9000:2724:9200:13:2031:2340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-28096-g7a9143bdc923f5/ru.cdev.xnext.frontend.LegacyFrontend/BD669D78A8AD68F2A7A8CDA29658E417.cache.js
Requested by: Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:9200:13:2031:2340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5c487d736f75c279901c789ba1ade14b713d3cec79951052ab9acad624c170e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 14:33:10 GMT
content-encoding: br
via: 1.1 741fa80e957b47e88235a1fa44ab4ea4.cloudfront.net (CloudFront)
x-amz-version-id: Nr9.t9n_ynDtTcAadZEFSANfVd3eLLdf
x-amz-cf-pop: FRA56-P12
age: 144268
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-ecwid-hash: 5b0e8f9963ce9d466d09290189f9b2b2
last-modified: Thu, 20 Jun 2024 14:29:25 GMT
server: AmazonS3
etag: W/"5b0e8f9963ce9d466d09290189f9b2b2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: 3v23T-qYnHlpn15i79EJcpQxwS2KBvVAfSxGhPCyjKR_eOEtXg0GlQ==

GET
H2 200 new
d1oxsl77a1kjht.cloudfront.net/css/ 1 MB
102 KB 122ms
26ms Stylesheet
text/css 2600:9000:2491:da00:1c:b536:2c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=-1887859613&ownerid=105436065&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2&color-foreground=rgba(29%2C%2028%2C%2030%2C%200.6)&color-price=rgba(29%2C%2028%2C%2030%2C%200.6)&color-background=rgb(255%2C%20255%2C%20255)&color-link=rgb(152%2C%20105%2C%20108)&font-family=Montserrat%2C-apple-system%2CBlinkMacSystemFont%2C%22Segoe%20UI%22%2CRoboto%2C%22Helvetica%20Neue%22%2CArial%2C%22Apple%20Color%20Emoji%22%2C%22Segoe%20UI%20Emoji%22%2C%22Segoe%20UI%20Symbol%22%2Csans-serif&useExactGalleryColors=false
Requested by: Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:da00:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 83369cbba1aefec5fa0339c2a0959b9ac51319345b3cbf2822758032a6468a33

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:12:48 GMT
content-encoding: gzip
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 51889
etag: "-1887859613"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css;charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: 7svC40JpIh62DI5u8XBUdlDy0eQl1sb4C-RE2Xx2ijtDcLO6r_cdfw==

GET
DATA 200
OK truncated
/ 348 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e13e95d86a244ac1b4dff0ffff2f2b3579b76898a090fa2c799495be65700650

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 282 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08649d0ed38fdcabb96d939b1783d7e3619f223f3e475d52240b93c953a65f9a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 tracking-v2.js Show response
analytics.yolacdn.net/ 13 KB
6 KB 886ms
36ms Script
application/javascript 104.16.88.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.yolacdn.net/tracking-v2.js
Requested by: Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.88.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f15bee126b425173fe08f2a1ead52e5fb8b4c1a96801f34ab4dc82c15eccf8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 26 Jun 2023 14:00:24 GMT
server: cloudflare
age: 4557
etag: W/"649999f8-343b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200, public
cf-ray: 897a3b1ce9c93808-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 loading_new.gif
d1dkdnyvras0l5.cloudfront.net/yolastore/ 8 KB
9 KB 621ms
26ms Image
image/gif 18.245.62.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1dkdnyvras0l5.cloudfront.net/yolastore/loading_new.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.62.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-62-63.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6df445b1227b7c7e78d4f65df00194b8f177435b84e35104d8f6169d4a9c8e3c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Sep 2023 00:37:39 GMT
x-amz-version-id: null
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
last-modified: Tue, 26 Aug 2014 17:47:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 23004000
etag: "1ca67e32ded0ca740100c805a9c785f3"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8490
x-amz-cf-id: bEbOmp3mfq8U2VPN5WZs6gXz9ba-Jj8UHV3SXWJaRd1c55O_8SuC4Q==

POST
H/1.1 200
OK rpc Show response
app.store.sitebuilderhost.net/ 12 B
238 B 305ms
303ms XHR
application/json 52.29.90.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.store.sitebuilderhost.net/rpc?ownerid=105436065&version=2024-28096-g7a9143bdc923f5
Requested by: Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.90.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-90-131.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Ecwid-Device-Measurement: WEB_DESKTOP;1600;1200;96;1600;1200
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8
X-GWT-Module-Base: https://d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-28096-g7a9143bdc923f5/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation: BD669D78A8AD68F2A7A8CDA29658E417
Referer: https://www.thebellamagicpuff.fun/
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 22 Jun 2024 06:37:38 GMT
Server: nginx
Connection: keep-alive
Content-Disposition: attachment
Content-Length: 12
Content-Type: application/json;charset=utf-8

GET
H2 200 js Show response
www.paypal.com/sdk/ 303 KB
82 KB 930ms
523ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?currency=EUR&merchant-id=AALULZCK7ZDXQ&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&commit=false&components=buttons&disable-funding=card,giropay,ideal,bancontact,mybank,blik,p24,sofort,sepa,eps,paylater,venmo

Requested by

Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25ffa04ead9e030cc993e7bb3381bcce88fe07f5524f39157d1502c024a2ef1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-IneKRmEliJnnGuZIY1TJ8Twyz2UC4pAEfrHD298RIBsCTCHi' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-IneKRmEliJnnGuZIY1TJ8Twyz2UC4pAEfrHD298RIBsCTCHi' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-IneKRmEliJnnGuZIY1TJ8Twyz2UC4pAEfrHD298RIBsCTCHi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-IneKRmEliJnnGuZIY1TJ8Twyz2UC4pAEfrHD298RIBsCTCHi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Sat, 22 Jun 2024 06:37:39 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: true
paypal-debug-id: f909198ff2e4a
server-timing: "traceparent;desc="00-0000000000000000000f909198ff2e4a-51dc086591874803-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 83207
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220130-FRA, cache-fra-etou8220130-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f909198ff2e4a-34ea26d9414c6c0e-01
x-timer: S1719038259.761417,VS0,VE501
etag: W/"14507-ZE1vlfdYI75gXGYHdKNbZVwsvHU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 js Show response
www.paypal.com/sdk/ 303 KB
83 KB 945ms
548ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?currency=EUR&merchant-id=AALULZCK7ZDXQ&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&commit=true&components=buttons&disable-funding=card,giropay,ideal,bancontact,mybank,blik,p24,sofort,sepa,eps,paylater,venmo

Requested by

Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25ffa04ead9e030cc993e7bb3381bcce88fe07f5524f39157d1502c024a2ef1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-FVKZftyZe144S6ZLCiSJMveoMXS9FeEWTawgNx4FIVFWvnSZ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-FVKZftyZe144S6ZLCiSJMveoMXS9FeEWTawgNx4FIVFWvnSZ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-FVKZftyZe144S6ZLCiSJMveoMXS9FeEWTawgNx4FIVFWvnSZ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-FVKZftyZe144S6ZLCiSJMveoMXS9FeEWTawgNx4FIVFWvnSZ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Sat, 22 Jun 2024 06:37:39 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: true
paypal-debug-id: f9091986a505d
server-timing: "traceparent;desc="00-0000000000000000000f9091986a505d-7534e1d912cb98b8-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 83207
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220130-FRA, cache-fra-etou8220130-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f9091986a505d-5383044a1e407c1a-01
x-timer: S1719038259.761853,VS0,VE519
etag: W/"14507-ZE1vlfdYI75gXGYHdKNbZVwsvHU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H/1.1 200
OK rpc
app.store.sitebuilderhost.net/ Frame 0
0 275ms
210ms Preflight 52.29.90.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.store.sitebuilderhost.net/rpc?ownerid=105436065&version=2024-28096-g7a9143bdc923f5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.90.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-90-131.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method: POST
Origin: https://www.thebellamagicpuff.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Allow: GET, HEAD, POST, TRACE, OPTIONS
Connection: keep-alive
Content-Length: 0
Date: Sat, 22 Jun 2024 06:37:38 GMT
Server: nginx

GET
H2 200 js Show response
www.paypal.com/sdk/ 304 KB
83 KB 876ms
492ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?currency=EUR&merchant-id=AALULZCK7ZDXQ&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&commit=true&components=buttons,funding-eligibility,payment-fields&disable-funding=paylater,card,venmo

Requested by

Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

42c24795b06275d6f13047bfd21ef2dbfc02469aa3f3c88fc34a1f05fb211a78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-D24x68q53i6XS5sagkGBS6WXr3WypM3FAQZ2Q7DKk0dRqOB7' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-D24x68q53i6XS5sagkGBS6WXr3WypM3FAQZ2Q7DKk0dRqOB7' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-D24x68q53i6XS5sagkGBS6WXr3WypM3FAQZ2Q7DKk0dRqOB7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-D24x68q53i6XS5sagkGBS6WXr3WypM3FAQZ2Q7DKk0dRqOB7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Sat, 22 Jun 2024 06:37:39 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: true
paypal-debug-id: f90919891e16e
server-timing: "traceparent;desc="00-0000000000000000000f90919891e16e-5331b25bc2cf7075-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 83456
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220130-FRA, cache-fra-etou8220130-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f90919891e16e-0534217f361c4fc3-01
x-timer: S1719038259.761814,VS0,VE469
etag: W/"14600-cylJqzG0J8y7JHhmthg675RAShc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
DATA 200
OK truncated
/ 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 275a01f1acd9f75999ab2ad94c17ede896b2789ae9600625c19ef075f73ea670

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 new
d1oxsl77a1kjht.cloudfront.net/css/ 1 MB
102 KB 59ms
58ms Stylesheet
text/css 2600:9000:2491:da00:1c:b536:2c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=-1887859613&ownerid=105436065&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2&color-foreground=rgba(29%2C+28%2C+30%2C+0.6)&color-link=rgba(152%2C+105%2C+108%2C+1)&color-button=rgba(174%2C+174%2C+174%2C+1)&color-price=rgba(152%2C+105%2C+108%2C+1)&color-background=rgb(255%2C+255%2C+255)&font-family=Montserrat%2C-apple-system%2C+BlinkMacSystemFont%2C+Segoe+UI%2C+Roboto%2C++++Helvetica+Neue%2C+Arial%2C+Apple+Color+Emoji%2C+Segoe+UI+Emoji%2C+Segoe+UI+Symbol%2C+sans-serif&useExactGalleryColors=false
Requested by: Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:da00:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 10ee2aa681020f3df563a3e6f9cebb14957ded4afb5e7e6dd1340622b1dc109b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 06:53:11 GMT
content-encoding: gzip
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 85467
etag: "-1887859613"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css;charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: G8Ytkxl5MO8H0ccAQDfGVJRUrIH7uOKF8QQ_Bp1O1h3bAoepbpc2uA==

GET
H2 200 ecwid-checkout.09ff801fd45b0a9ba592ffefff1e9751.min.js Show response
d3cy3u1txmkqs3.cloudfront.net/venera/static/ 786 KB
172 KB 25ms
25ms Script
application/javascript 13.33.216.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-checkout.09ff801fd45b0a9ba592ffefff1e9751.min.js

Requested by

Host: www.thebellamagicpuff.fun
URL: https://www.thebellamagicpuff.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.216.204 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-216-204.fra60.r.cloudfront.net

Software

nginx/1.19.0 /

Resource Hash

f3147b70a6ddc97e656de931e2ff0771f4aeb2abce1d1107f840ba3b52d4b74d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 06:20:27 GMT
content-encoding: gzip
via: 1.1 d51f8b07f1cd9f6dbf62bb0b0c961f1c.cloudfront.net (CloudFront)
strict-transport-security: max-age=15724800
server: nginx/1.19.0
x-amz-cf-pop: FRA60-P10
age: 433032
etag: 09ff801fd45b0a9ba592ffefff1e9751
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: PzBYUdnxXhnIQfSdHWno8njdukUf7p8WlUO8tXcF71aK-RDNyAb3bg==

GET
DATA 200
OK truncated
/ 430 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2930abb6f894a4b3dd61bc624ac2241d78917cd12b40fa1742620cb78d0f474d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

POST
H2 200 register
ecomm.events/ 0
80 B 119ms
118ms Ping
text/plain 44.196.202.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ecomm.events/register

Requested by

Host: ecomm.events
URL: https://ecomm.events/i.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.196.202.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-202-103.compute-1.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 22 Jun 2024 06:37:39 GMT
strict-transport-security: max-age=15724800
server: nginx/1.19.0
content-length: 0

POST
H/1.1 200
OK rpc Show response
app.store.sitebuilderhost.net/ 3 KB
1 KB 319ms
318ms XHR
application/json 52.29.90.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.store.sitebuilderhost.net/rpc?ownerid=105436065&version=2024-28096-g7a9143bdc923f5
Requested by: Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.90.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-90-131.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9cf870c005cf25293cb65841a5ee1c5aa2ade60d8a8e6da6e050355fcf571ef3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Ecwid-Device-Measurement: WEB_DESKTOP;1600;1200;96;1600;1200
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8
X-GWT-Module-Base: https://d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-28096-g7a9143bdc923f5/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation: BD669D78A8AD68F2A7A8CDA29658E417
Referer: https://www.thebellamagicpuff.fun/
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 22 Jun 2024 06:37:39 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 1002

GET
H3 404 favicon.ico
www.thebellamagicpuff.fun/ 149 B
261 B 375ms
375ms Other
text/html 172.64.153.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thebellamagicpuff.fun/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.80 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75ac2e167a569073768d2f8cec7ff040d2644a2af37d9d6f966aa10b883f3c80

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:40 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-cache: MISS
content-type: text/html
lookup-cache-hit: 1
cf-ray: 897a3b24380f4480-TXL
alt-svc: h3=":443"; ma=86400
x-cache-hits: 0

GET
H2 200 LoggingAgent Show response
pixel.yola.com/LoggingAgent/ 12 B
406 B 497ms
424ms Script
application/x-javascript 2606:4700::6810:7d31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yola.com/LoggingAgent/LoggingAgent?url=//www.thebellamagicpuff.fun/&pagename=index&siteid=11ef2f9ae0af44cabf00a924185d6636&resolution=1600x1200&colorDepth=24&flash=0&java=0&sitereferer=&visitorId=CACA5D15-6EF0-0001-72A8-12621A5C8D70&visitId=CACA5D15-6FC0-0001-C3A4-B977D140BC70&user_id=3f15073f6cdc40d699fcca2664f52ade&partner_id=WL_WEBSUPPORTSK&LoggingAgentReturnType=script
Requested by: Host: analytics.yolacdn.net
URL: https://analytics.yolacdn.net/tracking-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:7d31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cca325e1db08583f7d7c9ff4012d2fd9ee24a62ac3a54dccc71673f137a6244

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 06:37:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 897a3b268bd66927-FRA
expires: -1

GET
H2 200 sw.js Show response
analytics.sitewit.com/partner/ns/yolastats/yola/11ef2f9ae0af44cabf00a924185d6636/ 20 KB
20 KB 486ms
245ms Script
text/javascript 2600:1f18:243f:2d00:f500:498d:ede8:13bc
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.sitewit.com/partner/ns/yolastats/yola/11ef2f9ae0af44cabf00a924185d6636/sw.js
Requested by: Host: analytics.yolacdn.net
URL: https://analytics.yolacdn.net/tracking-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:243f:2d00:f500:498d:ede8:13bc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 2abc47b4e253d9498d1064b2010816cee30f02983f9f68536ac4cd36eb2afad0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/javascript; charset=utf-8
date: Sat, 22 Jun 2024 06:37:40 GMT
cache-control: private,no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 20173
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 29ms
29ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.thebellamagicpuff.fun&t=xo&v=5.0.447&source=payments_sdk&mrid=AALULZCK7ZDXQ&client_id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&comp=buttons&disableSetCookie=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=EUR&merchant-id=AALULZCK7ZDXQ&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&commit=true&components=buttons&disable-funding=card,giropay,ideal,bancontact,mybank,blik,p24,sofort,sepa,eps,paylater,venmo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-+07f3pueM4ckRlu1mUhhRxeU9WH0X6T6y3SbfRzKEm4Lvnp8' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-+07f3pueM4ckRlu1mUhhRxeU9WH0X6T6y3SbfRzKEm4Lvnp8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 22 Jun 2024 06:37:40 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 51890
x-cache: HIT, MISS
paypal-debug-id: f814129d1137e
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4338
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220130-FRA, cache-fra-etou8220130-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f814129d1137e-6ece4b3252fafd65-01
x-timer: S1719038260.294795,VS0,VE7
etag: W/"2f8b-lWMMAqH5NWBufCerdpb7DcGAARo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
6 KB 33ms
33ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=EUR&merchant-id=AALULZCK7ZDXQ&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&commit=true&components=buttons,funding-eligibility,payment-fields&disable-funding=paylater,card,venmo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-9xan7d9zSXJJEGjKA1e5l570rDPVkgvK9Nf5Vzm0UT1EJgla' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-9xan7d9zSXJJEGjKA1e5l570rDPVkgvK9Nf5Vzm0UT1EJgla' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 22 Jun 2024 06:37:40 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 51890
x-cache: HIT, MISS
paypal-debug-id: f814129bf0a9a
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4338
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220130-FRA, cache-fra-etou8220130-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f814129bf0a9a-8fad6cc59a6989a4-01
x-timer: S1719038260.341073,VS0,VE10
etag: W/"2f8b-lWMMAqH5NWBufCerdpb7DcGAARo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 258ms
189ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thebellamagicpuff.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.thebellamagicpuff.fun
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 22 Jun 2024 06:37:40 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f7771343c66e3
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f7771343c66e3-bc7121e9987ad6c4-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220150-FRA, cache-fra-etou8220150-FRA
x-timer: S1719038261.693853,VS0,VE164

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1003 B
858 B 196ms
194ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

57cc6a6fbd7da68b868f26c9d87114dec00a1d14f0c5491f198b85940fa80d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://www.thebellamagicpuff.fun/
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:41 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f777134943fc3
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220150-FRA, cache-fra-etou8220150-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f777134943fc3-29926e741d81d642-01
x-timer: S1719038261.886603,VS0,VE171
etag: W/"3eb-nkUxKC4EUY/fKQAZVW0gJoLCkRs"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thebellamagicpuff.fun
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 272ms
205ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thebellamagicpuff.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.thebellamagicpuff.fun
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 22 Jun 2024 06:37:40 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f7771345c2fe4
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f7771345c2fe4-f3a74a329161f714-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220150-FRA, cache-fra-etou8220150-FRA
x-timer: S1719038261.693833,VS0,VE180

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1016 B
2 KB 221ms
220ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=EUR&merchant-id=AALULZCK7ZDXQ&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&commit=true&components=buttons,funding-eligibility,payment-fields&disable-funding=paylater,card,venmo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

13b7e8991556dcbec53fb7fb0c9d2bd315e3a608bed0f13720f86e93f2428009

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://www.thebellamagicpuff.fun/
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:41 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f777134f7709a
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220150-FRA, cache-fra-etou8220150-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f777134f7709a-640958fc331c85be-01
x-timer: S1719038261.903935,VS0,VE195
etag: W/"3f8-ym9tg04WqC8kdhG+lRHXWKvFAWc"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thebellamagicpuff.fun
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1005 B
779 B 211ms
209ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=EUR&merchant-id=AALULZCK7ZDXQ&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&commit=false&components=buttons&disable-funding=card,giropay,ideal,bancontact,mybank,blik,p24,sofort,sepa,eps,paylater,venmo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8381088163451e36b7231302b2eb48e96177e63594f88f74b4dad88c5906db0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://www.thebellamagicpuff.fun/
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:41 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f7771346a3b99
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220150-FRA, cache-fra-etou8220150-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f7771346a3b99-fd0d0c9e3fa520f5-01
x-timer: S1719038261.060433,VS0,VE183
etag: W/"3ed-6eM6qQQWY1o6BGSUfhDBQVKEdBk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thebellamagicpuff.fun
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 211ms
210ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thebellamagicpuff.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.thebellamagicpuff.fun
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 22 Jun 2024 06:37:41 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f77713493fdc1
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f77713493fdc1-11f1549dd54a4b87-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220150-FRA, cache-fra-etou8220150-FRA
x-timer: S1719038261.847022,VS0,VE168

GET
H2 200 ts
t.paypal.com/ 42 B
256 B 312ms
200ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Domov&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1719038260949&g=-120&completeurl=https%3A%2F%2Fwww.thebellamagicpuff.fun%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sat, 22 Jun 2024 06:37:41 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 862db45aea7ce
server-timing: "traceparent;desc="00-0000000000000000000862db45aea7ce-7a69fe587ab1179a-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220156-FRA
pragma: no-cache
correlation-id: 862db45aea7ce
traceparent: 00-0000000000000000000862db45aea7ce-00f6481a5872ea9b-01
x-timer: S1719038261.074645,VS0,VE172
vary: Accept-Encoding
content-type: image/gif
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jun 2024 06:37:41 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
256 B 293ms
182ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Domov&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1719038260950&g=-120&completeurl=https%3A%2F%2Fwww.thebellamagicpuff.fun%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sat, 22 Jun 2024 06:37:41 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 72abff0b11073
server-timing: "traceparent;desc="00-000000000000000000072abff0b11073-5309d4923ef20662-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220156-FRA
pragma: no-cache
correlation-id: 72abff0b11073
traceparent: 00-000000000000000000072abff0b11073-6e845a7426299cf6-01
x-timer: S1719038261.074922,VS0,VE159
vary: Accept-Encoding
content-type: image/gif
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jun 2024 06:37:41 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
601 B 276ms
169ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Domov&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1719038260954&g=-120&completeurl=https%3A%2F%2Fwww.thebellamagicpuff.fun%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sat, 22 Jun 2024 06:37:41 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: b447fdff55384
server-timing: "traceparent;desc="00-0000000000000000000b447fdff55384-38cb422412de0700-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220156-FRA
pragma: no-cache
correlation-id: b447fdff55384
traceparent: 00-0000000000000000000b447fdff55384-89c6a44588127bc3-01
x-timer: S1719038261.074595,VS0,VE146
vary: Accept-Encoding
content-type: image/gif
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jun 2024 06:37:41 GMT

GET
H2 200 cq_blank.gif
analytics.sitewit.com/images/ 35 B
622 B 116ms
115ms Image
image/gif 2600:1f18:243f:2d00:f500:498d:ede8:13bc
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.sitewit.com/images/cq_blank.gif?_sw_yolaid=11EF2F9AE0AF44CABF00A924185D6636&_sw_uid=27ac3249-3df1-4c47-b2bc-56e54799696e&_sw_fp=8af13c4d5298188f19b6e999f9cdcd6be4a0abed&_sw_pl=660&_sw_pc=5&_sw_dat=MXx3d3cudGhlYmVsbGFtYWdpY3B1ZmYuZnVufGh0dHBzOi8vd3d3LnRoZWJlbGxhbWFnaWNwdWZmLmZ1bi98ZGUtREV8MTYwMHwxMjAwfDI0fENocm9tZS8xMjYuMC4wLjB8eDY0fDF8MHwxfDB8LXx8LXwtfC18MjAwMToxYjYwOjI6MjQwOjMyNDc6OjJ8MA==&to=959
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:243f:2d00:f500:498d:ede8:13bc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 06:37:41 GMT
last-modified: Thu, 24 Jun 2010 20:21:15 GMT
server: Microsoft-IIS/10.0
etag: "9f8deacbda13cb1:0"
content-type: image/gif
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H2 200 4394837260.jpg
d2j6dbq0eux0bg.cloudfront.net/images/105436065/ 20 KB
21 KB 134ms
45ms Image
image/jpeg 18.172.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/105436065/4394837260.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d5025affb8876d434063c49882197beac121211da1605fb853733cf78c82a9f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 11:44:30 GMT
via: 1.1 8e59b301b68bf6ac4dcacf061926e712.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2024 11:44:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 67992
etag: "96eafab13a085780844bd150eac827f0"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20946
x-amz-cf-id: dc6etWNmjH3XfN4TYaWSRRBEsg58yZuD__BpV4i5G51b2MbT46c6fg==

GET
H2 200 4394827040.jpg
d2j6dbq0eux0bg.cloudfront.net/images/105436065/ 25 KB
26 KB 118ms
30ms Image
image/jpeg 18.172.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/105436065/4394827040.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29c4c1bd1681ff7c3209c696b654ad11041ecb75866cc7fdf3ee49dd4c146f5a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 11:44:02 GMT
via: 1.1 8e59b301b68bf6ac4dcacf061926e712.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2024 11:44:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 68020
etag: "e2b8c40e7f22b74645a2c87b98d342bc"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 26045
x-amz-cf-id: UnkMtVKwMc5H82-MM2K8-NDEy84dnI9IDxabTVSh9ZafeD7dIqqsVA==

GET
H2 200 4394827045.jpg
d2j6dbq0eux0bg.cloudfront.net/images/105436065/ 15 KB
16 KB 116ms
29ms Image
image/jpeg 18.172.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/105436065/4394827045.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f91e7ff67c52effa6a84267b7c327eed1d253ff8deae4efc29c03e10be0d0e68

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.thebellamagicpuff.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 11:44:56 GMT
via: 1.1 8e59b301b68bf6ac4dcacf061926e712.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2024 11:44:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 67966
etag: "85f508c36cc6161f09070220b9092ac3"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 15612
x-amz-cf-id: XDkMNZCDoC69TnMuEXbkusJv_SO-anWsRFBnzbgNtKnGDv98FJ-yzw==

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.thebellamagicpuff.fun/	1970-01-21 06:16:14	Name: synthasiteVisitorId Value: CACA5D15-6EF0-0001-72A8-12621A5C8D70
www.thebellamagicpuff.fun/	1970-01-20 21:30:38	Name: synthasiteVisitId Value: CACA5D15-6FC0-0001-C3A4-B977D140BC70
.yola.com/	1970-01-20 21:30:40	Name: __cf_bm Value: OD6ROSiebprJOOsA6c8t5Jv3ajIno3052StGkMNP52s-1719038260-1.0.1.1-vmrBjay.kEOKKeBlNHRXf15ImMYyIxRVbvp9q6hJT6.LHeWyGb0GUguRCkS4_E2W9iwi2DGY2eRpM.N8ocV1p_pfQB0RtOl6XGexmrMmepU
.thebellamagicpuff.fun/	1970-01-21 07:06:38	Name: _swa_u Value: 27ac3249-3df1-4c47-b2bc-56e54799696e
analytics.sitewit.com/	1970-01-20 21:40:43	Name: AWSALBCORS Value: V13cOXXgB67SOd388RFTVp3G+h0lIL69yhfok3x1hr27BC37heFzvRnO13TqrjebjVq+J/zPUoVleCVmEDrhmF2SVtEg6rtDfm9L5VrmoPA3k3lW1BOO95Qrjv0G

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	URL: https://www.thebellamagicpuff.fun/(Line 31) Message: Error: <symbol> attribute viewBox: Expected number, "null".
rendering	error	URL: https://www.thebellamagicpuff.fun/(Line 31) Message: Error: <symbol> attribute viewBox: Expected number, "null".
rendering	error	URL: https://www.thebellamagicpuff.fun/ws/bundles/js/2d0c9a7ed2d7a74bd082cdffd7ce44ef.js(Line 6) Message: Error: <symbol> attribute viewBox: Expected number, "null".
rendering	error	URL: https://www.thebellamagicpuff.fun/ws/bundles/js/2d0c9a7ed2d7a74bd082cdffd7ce44ef.js(Line 6) Message: Error: <svg> attribute viewBox: Expected number, "null".
rendering	error	URL: https://www.thebellamagicpuff.fun/ws/bundles/js/2d0c9a7ed2d7a74bd082cdffd7ce44ef.js(Line 6) Message: Error: <symbol> attribute viewBox: Expected number, "null".
rendering	error	URL: https://www.thebellamagicpuff.fun/ws/bundles/js/2d0c9a7ed2d7a74bd082cdffd7ce44ef.js(Line 6) Message: Error: <svg> attribute viewBox: Expected number, "null".
rendering	error	URL: https://www.thebellamagicpuff.fun/ws/bundles/js/2d0c9a7ed2d7a74bd082cdffd7ce44ef.js(Line 6) Message: Error: <symbol> attribute viewBox: Expected number, "null".
rendering	error	URL: https://www.thebellamagicpuff.fun/ws/bundles/js/2d0c9a7ed2d7a74bd082cdffd7ce44ef.js(Line 6) Message: Error: <svg> attribute viewBox: Expected number, "null".
network	error	URL: https://www.thebellamagicpuff.fun/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.sitewit.com
analytics.yolacdn.net
app.ecwid.com
app.store.sitebuilderhost.net
cdn.websupport.eu
cdnjs.cloudflare.com
d11s7fcxy18ubx.cloudfront.net
d1dkdnyvras0l5.cloudfront.net
d1oxsl77a1kjht.cloudfront.net
d2j6dbq0eux0bg.cloudfront.net
d3cy3u1txmkqs3.cloudfront.net
d3dq8sxcny4hg.cloudfront.net
ecomm.events
fonts.sitebuilderhost.net
pixel.yola.com
t.paypal.com
thebellamagicpuff.fun
www.paypal.com
www.thebellamagicpuff.fun
104.16.88.87
104.17.25.14
13.33.216.204
151.101.1.35
151.101.193.21
172.64.153.80
18.172.112.55
18.245.62.63
2600:1f18:243f:2d00:f500:498d:ede8:13bc
2600:9000:2057:8800:1f:f560:8d00:21
2600:9000:2491:da00:1c:b536:2c40:21
2600:9000:2724:9200:13:2031:2340:21
2606:4700::6810:5c3f
2606:4700::6810:7d31
2a00:4b40:1000:4:37:9:169:171
44.196.202.103
52.2.192.9
52.29.90.131
52.57.212.200
08649d0ed38fdcabb96d939b1783d7e3619f223f3e475d52240b93c953a65f9a
10ee2aa681020f3df563a3e6f9cebb14957ded4afb5e7e6dd1340622b1dc109b
13b7e8991556dcbec53fb7fb0c9d2bd315e3a608bed0f13720f86e93f2428009
215b414860a3b4c0bb2f98759adea4a5c7dbc666210a833f0d4e5c8b622f8b9b
226ec688938fbbdef46821e2ca587b5edfaaeef916d5b97b7e5956472a9c6393
25ffa04ead9e030cc993e7bb3381bcce88fe07f5524f39157d1502c024a2ef1a
275a01f1acd9f75999ab2ad94c17ede896b2789ae9600625c19ef075f73ea670
27f15bee126b425173fe08f2a1ead52e5fb8b4c1a96801f34ab4dc82c15eccf8
2930abb6f894a4b3dd61bc624ac2241d78917cd12b40fa1742620cb78d0f474d
29c4c1bd1681ff7c3209c696b654ad11041ecb75866cc7fdf3ee49dd4c146f5a
2abc47b4e253d9498d1064b2010816cee30f02983f9f68536ac4cd36eb2afad0
2ceefa91802a84ed07b405c0438741cf7837628bbbd4a39f79d357a6313be3bb
42c24795b06275d6f13047bfd21ef2dbfc02469aa3f3c88fc34a1f05fb211a78
42ca4c58df3031540b3ff25bb5363d298b5159fb1bb9cc2feb4d1558e63a5fa4
4d5025affb8876d434063c49882197beac121211da1605fb853733cf78c82a9f
57cc6a6fbd7da68b868f26c9d87114dec00a1d14f0c5491f198b85940fa80d24
6183e69cacfda3f5a63d2ce60215c5d65558b8c008d214cca22a3a7b3a40a766
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6df445b1227b7c7e78d4f65df00194b8f177435b84e35104d8f6169d4a9c8e3c
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
75ac2e167a569073768d2f8cec7ff040d2644a2af37d9d6f966aa10b883f3c80
76a4097c6b5bea873185949154808197cad1971693544ee617c1bfbf7c692986
7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7
83369cbba1aefec5fa0339c2a0959b9ac51319345b3cbf2822758032a6468a33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f56cbf641450bd5d9eec2370f5671fcb432a9f2d9d91a1189ab58f12e44ce6
910b5e39c128b27bf4693aa6c553851fa0c5f06c1a8444a2ce0d7a325d1fa823
9cca325e1db08583f7d7c9ff4012d2fd9ee24a62ac3a54dccc71673f137a6244
9cf870c005cf25293cb65841a5ee1c5aa2ade60d8a8e6da6e050355fcf571ef3
9f0741ec8fb5ea88a59f7a6bb9f0b8fdb9fde7e6d47670b1df55aa028846b088
a6fccd5c9548d80892bc9b256191fecc947c170d696b9fcbbd96bd218b34cd31
ae01b3acdb4a3d28d514bc8b2d03033ccfe6c5f7cd49176ce7a42169e0d99ad3
b217085d53c7d087e07e2232840e7e84aa09f9eea3fc1736d63d2b2f8e969021
b3a66878a09dd1d4368baf7e88323142c6bf2086e95e33475663d362bb28916d
b40041399747fb3f0d11901b0df5eb98b702bd7e8398e3af13defd379e5b6639
b4926f1c816e798a29c917dba18ac1ca5ff07750a53963e39731362df22dae28
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6
d5c487d736f75c279901c789ba1ade14b713d3cec79951052ab9acad624c170e
d8381088163451e36b7231302b2eb48e96177e63594f88f74b4dad88c5906db0
df2dfdd9b79a0c862b0c5155960433f958c9e12328b7af12140d4b2241f5908d
df9c4bf14fc31cf05887c4d94695481545bcdec594d33158e45eeb467aa07ca7
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e13e95d86a244ac1b4dff0ffff2f2b3579b76898a090fa2c799495be65700650
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3147b70a6ddc97e656de931e2ff0771f4aeb2abce1d1107f840ba3b52d4b74d
f91e7ff67c52effa6a84267b7c327eed1d253ff8deae4efc29c03e10be0d0e68

www.thebellamagicpuff.fun Open in urlscan Pro 172.64.153.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

37 %IPv6

11 Domains

19 Subdomains

19 IPs

4 Countries

3713 kBTransfer

10560 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thebellamagicpuff.fun Open in urlscan Pro
172.64.153.80 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

37 %
IPv6

11
Domains

19
Subdomains

19
IPs

4
Countries

3713 kB
Transfer

10560 kB
Size

5
Cookies

48 HTTP transactions
8 data transactions