urlscan.io logo urlscan.io
SecurityTrails logo

wickedsister.rosem.com Open in urlscan Pro
192.185.226.161  Public Scan

Go To Rescan Add Verdict Report
URL: https://wickedsister.rosem.com/
Submission Tags: phishingrod
Submission: On July 22 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 8 domains to perform 48 HTTP transactions. The main IP is 192.185.226.161, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is wickedsister.rosem.com.
TLS certificate: Issued by R3 on May 21st 2024. Valid for: 3 months.
This is the only time wickedsister.rosem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 192.185.226.161 46606 (UNIFIEDLA...)
7 151.101.194.40 54113 (FASTLY)
2 4 151.101.66.83 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
48 5
Apex Domain
Subdomains		 Transfer
7 tripadvisor.com
www.tripadvisor.com — Cisco Umbrella Rank: 11171
40 KB
2 tacdn.com
static.tacdn.com — Cisco Umbrella Rank: 14115
3 KB
2 jscache.com
www.jscache.com — Cisco Umbrella Rank: 23007
1 KB
2 rosem.com
wickedsister.rosem.com
8 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 10
0 textripple.com Failed
gateway.textripple.com Failed
0 googleapis.com Failed
fonts.googleapis.com Failed
0 wickedsistersault.com Failed
wickedsistersault.com Failed
48 8
Domain Requested by
7 www.tripadvisor.com wickedsister.rosem.com
www.jscache.com
2 static.tacdn.com www.tripadvisor.com
2 www.jscache.com 2 redirects
2 wickedsister.rosem.com
1 www.google.com wickedsister.rosem.com
0 gateway.textripple.com Failed wickedsister.rosem.com
0 fonts.googleapis.com Failed wickedsister.rosem.com
0 wickedsistersault.com Failed wickedsister.rosem.com
48 8

This site contains links to these domains. Also see Links.

Domain
wickedsistersault.com
www.tripadvisor.com
www.facebook.com
www.google.com
www.yelp.com
Subject Issuer Validity Valid
mail.wickedsistersault.com
R3		 2024-05-21 -
2024-08-19		 3 months crt.sh
www.tripadvisor.com
GlobalSign RSA OV SSL CA 2018		 2024-05-23 -
2025-06-24		 a year crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
static.tacdn.com
GlobalSign RSA OV SSL CA 2018		 2024-02-23 -
2025-03-26		 a year crt.sh

This page contains 3 frames:

Primary Page: https://wickedsister.rosem.com/
Frame ID: BC9E14A19E2209B819DF6692608D498A
Requests: 46 HTTP requests in this frame

Frame: https://gateway.textripple.com/iw/?cid=mithew0001&keyword=wicked&source=1
Frame ID: DC18870B98D841D68C689A8613552058
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d10986.783129244975!2d-84.350482!3d46.494336!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xfe3c9b9c555cf81a!2sThe+Wicked+Sister!5e0!3m2!1sen!2sus!4v1428105295647
Frame ID: 7872053AD30BE12EDD233F49EC834890
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Wicked Sister |

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • tripadvisor\.[\w]+/WidgetEmbed
Overall confidence: 100%
Detected patterns
  • (?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)

Page Statistics

48
Requests

21 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

5
IPs

2
Countries

51 kB
Transfer

86 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=801&locationId=7761790&lang=en_US&year=2017&display_version=2 HTTP 301
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=801&locationId=7761790&lang=en_US&year=2017&display_version=2
Request Chain 23
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=706&locationId=7761790&lang=en_US&year=2016&display_version=2 HTTP 301
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=706&locationId=7761790&lang=en_US&year=2016&display_version=2

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wickedsister.rosem.com/ 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wickedsister.rosem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.226.161 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
isamisa.com.pe
Software
Apache /
Resource Hash
055996c610f6ec6a48e386d2396d812356072503ef3a049c37ac67c40d9550e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
7665
content-type
text/html; charset=UTF-8
date
Mon, 22 Jul 2024 00:14:50 GMT
link
<https://wickedsistersault.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://wickedsistersault.com/>; rel=shortlink
server
Apache
vary
Accept-Encoding
style.css
wickedsistersault.com/wp-content/themes/eatery/ 		0
0
nivo-slider.css
wickedsistersault.com/wp-content/plugins/jj-nextgen-jquery-slider/stylesheets/ 		0
0
meanmenu.css
wickedsistersault.com/wp-content/themes/eatery/css/ 		0
0
superfish.css
wickedsistersault.com/wp-content/themes/eatery/css/ 		0
0
prettyPhoto.css
wickedsistersault.com/wp-content/themes/eatery/css/ 		0
0
default.css
wickedsistersault.com/wp-content/themes/eatery/css/nivo/default/ 		0
0
nivo-slider.css
wickedsistersault.com/wp-content/themes/eatery/css/ 		0
0
1140.css
wickedsistersault.com/wp-content/themes/eatery/css/ 		0
0
1140-responsive.css
wickedsistersault.com/wp-content/themes/eatery/css/ 		0
0
jquery.js
wickedsistersault.com/wp-includes/js/jquery/ 		0
0
jquery-migrate.min.js
wickedsistersault.com/wp-includes/js/jquery/ 		0
0
jquery.nivo.slider.pack.js
wickedsistersault.com/wp-content/plugins/jj-nextgen-jquery-slider/script/ 		0
0
jquery.jj_ngg_shuffle.js
wickedsistersault.com/wp-content/plugins/jj-nextgen-jquery-slider/script/ 		0
0
jjnggutils.js
wickedsistersault.com/wp-content/plugins/jj-nextgen-jquery-slider/script/ 		0
0
jquery.meanmenu.js
wickedsistersault.com/wp-content/themes/eatery/js/ 		0
0
jqsf.js
wickedsistersault.com/wp-content/themes/eatery/js/ 		0
0
superfish.js
wickedsistersault.com/wp-content/themes/eatery/js/ 		0
0
window.load.js
wickedsistersault.com/wp-content/themes/eatery/js/ 		0
0
social_media.css
wickedsistersault.com/wp-content/themes/eatery/css/ 		0
0
wicked-sister-logo_small.gif
wickedsistersault.com/wp-content/uploads/2015/04/ 		0
0
CoE2017_WidgetAsset-14348-2.png
www.tripadvisor.com/img/cdsi/img2/awards/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tripadvisor.com/img/cdsi/img2/awards/CoE2017_WidgetAsset-14348-2.png
Requested by
Host: wickedsister.rosem.com
URL: https://wickedsister.rosem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
3aebf6db9aaaf52fe69a8f63d9585c4616db237a4d2993b00da224459f2cad1a

Request headers

Referer
https://wickedsister.rosem.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 22 Jul 2024 00:14:51 GMT
via
1.1 varnish
expires
Mon, 22 Jul 2024 12:14:51 GMT
server
envoy
x-timer
S1721607291.294461,VS0,VE154
x-cache
MISS
content-type
image/png
cache-control
private, max-age=43200
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
x-request-id
e7ab95c7-3cf8-4b03-a5ce-40ada60b8a8a
x-served-by
cache-fra-etou8220157-FRA
wejs
www.tripadvisor.com/
Redirect Chain
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=801&locationId=7761790&lang=en_US&year=2017&display_version=2
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=801&locationId=7761790&lang=en_US&year=2017&display_version=2
276 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=801&locationId=7761790&lang=en_US&year=2017&display_version=2
Requested by
Host: wickedsister.rosem.com
URL: https://wickedsister.rosem.com/
Protocol
H2
Server
151.101.194.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
9f27e70a80881dab529cee72d6d159b98e5b6f4d76bd76a441193569470ea1d9

Request headers

Referer
https://wickedsister.rosem.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 22 Jul 2024 00:14:51 GMT
content-encoding
br
via
1.1 varnish
x-cache
MISS
x-request-id
33aeec2d-bae3-49b5-a92a-bbca5508e792
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
envoy
x-timer
S1721607292.563375,VS0,VE106
vary
Accept-Encoding
content-type
application/x-javascript;charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0

Redirect headers

x-cache-hits
0
date
Mon, 22 Jul 2024 00:14:51 GMT
via
1.1 varnish
x-cache
MISS
content-length
0
x-request-id
7fbd8352-b028-4a07-b290-dd8b1430778a
x-served-by
cache-fra-etou8220075-FRA
pragma
no-cache
server
envoy
x-timer
S1721607291.424941,VS0,VE107
content-type
text/plain; charset=utf-8
location
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=801&locationId=7761790&lang=en_US&year=2017&display_version=2
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0
CoE2016_WidgetAsset-14348-2.png
www.tripadvisor.com/img/cdsi/img2/awards/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tripadvisor.com/img/cdsi/img2/awards/CoE2016_WidgetAsset-14348-2.png
Requested by
Host: wickedsister.rosem.com
URL: https://wickedsister.rosem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
de5eadb63d4e626464eef3fe8f38dfba6b4cae07c09d42c90509d57a5c7e7ae7

Request headers

Referer
https://wickedsister.rosem.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 22 Jul 2024 00:14:51 GMT
via
1.1 varnish
expires
Mon, 22 Jul 2024 12:14:51 GMT
server
envoy
x-timer
S1721607291.329899,VS0,VE149
x-cache
MISS
content-type
image/png
cache-control
private, max-age=43200
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
x-request-id
37012ffe-600e-4a03-8a0e-f91cce4c52af
x-served-by
cache-fra-etou8220157-FRA
wejs
www.tripadvisor.com/
Redirect Chain
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=706&locationId=7761790&lang=en_US&year=2016&display_version=2
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=706&locationId=7761790&lang=en_US&year=2016&display_version=2
276 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=706&locationId=7761790&lang=en_US&year=2016&display_version=2
Requested by
Host: wickedsister.rosem.com
URL: https://wickedsister.rosem.com/
Protocol
H2
Server
151.101.194.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
8520e6f2e0b24e6582bb4a7ea6295d5b68f96b05bbf3e1e2efe8f2aa7e3ff06b

Request headers

Referer
https://wickedsister.rosem.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 22 Jul 2024 00:14:51 GMT
content-encoding
br
via
1.1 varnish
x-cache
MISS
x-request-id
c57c6f52-049f-4e50-996c-58b710139510
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
envoy
x-timer
S1721607292.576621,VS0,VE106
vary
Accept-Encoding
content-type
application/x-javascript;charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0

Redirect headers

x-cache-hits
0
date
Mon, 22 Jul 2024 00:14:51 GMT
via
1.1 varnish
x-cache
MISS
content-length
0
x-request-id
b0c52b7a-425a-4c78-bea5-9d5ff1c5cfc5
x-served-by
cache-fra-etou8220075-FRA
pragma
no-cache
server
envoy
x-timer
S1721607291.425022,VS0,VE120
content-type
text/plain; charset=utf-8
location
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=706&locationId=7761790&lang=en_US&year=2016&display_version=2
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0
jquery.nivo.slider.js
wickedsistersault.com/wp-content/themes/eatery/js/nivo-slider/ 		0
0
19123_463405140481645_362555199078516937_n.jpg
wickedsistersault.com/wp-content/uploads/2015/04/ 		0
0
11021273_455742617914564_8678589069801325068_n.jpg
wickedsistersault.com/wp-content/uploads/2015/04/ 		0
0
11018732_459142310907928_7117060334685034083_n.jpg
wickedsistersault.com/wp-content/uploads/2015/04/ 		0
0
11052511_469218929900266_7259168503747119841_n.jpg
wickedsistersault.com/wp-content/uploads/2015/04/ 		0
0
11113600_474608489361310_3249585699858670592_n.jpg
wickedsistersault.com/wp-content/uploads/2015/04/ 		0
0
11077866_470633376425488_1522594094950701552_n.jpg
wickedsistersault.com/wp-content/uploads/2015/04/ 		0
0
chamber_bucks_5-150x150.jpg
wickedsistersault.com/wp-content/uploads/2015/04/ 		0
0
comment-reply.min.js
wickedsistersault.com/wp-includes/js/ 		0
0
wp-embed.min.js
wickedsistersault.com/wp-includes/js/ 		0
0
wp-emoji-release.min.js
wickedsistersault.com/wp-includes/js/ 		0
0
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
wallpaper.png
wickedsistersault.com/wp-content/uploads/2015/04/ 		0
0
WidgetEmbed-certificateOfExcellence
www.tripadvisor.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2017&locationId=7761790&display_version=2&uniq=801&lang=en_US
Requested by
Host: www.jscache.com
URL: https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=801&locationId=7761790&lang=en_US&year=2017&display_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
caa830cb84c5c364a60766b90ad3f92f25ce21d3e1828fada920cede1e82dcef

Request headers

Referer
https://wickedsister.rosem.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 22 Jul 2024 00:14:51 GMT
content-encoding
br
via
1.1 varnish
x-cache
MISS
x-request-id
21511343-19d0-43ae-b759-87d04743d545
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
envoy
x-timer
S1721607292.704010,VS0,VE133
vary
User-Agent,Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0
WidgetEmbed-certificateOfExcellence
www.tripadvisor.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2016&locationId=7761790&display_version=2&uniq=706&lang=en_US
Requested by
Host: www.jscache.com
URL: https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=706&locationId=7761790&lang=en_US&year=2016&display_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
c00c438e66bb3e93e18bd8f81c654fd06d514c2744318a51e3f7faa37add1ea3

Request headers

Referer
https://wickedsister.rosem.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 22 Jul 2024 00:14:51 GMT
content-encoding
br
via
1.1 varnish
x-cache
MISS
x-request-id
940bb06e-7945-4f6c-9067-5901efabf759
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
envoy
x-timer
S1721607292.717674,VS0,VE159
vary
User-Agent,Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0
/
gateway.textripple.com/iw/ Frame DC18 		0
0
embed
www.google.com/maps/ Frame 7872 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d10986.783129244975!2d-84.350482!3d46.494336!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xfe3c9b9c555cf81a!2sThe+Wicked+Sister!5e0!3m2!1sen!2sus!4v1428105295647
Requested by
Host: wickedsister.rosem.com
URL: https://wickedsister.rosem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-wNLmDeXVopPeONFGR3VJGg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wickedsister.rosem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1470
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-wNLmDeXVopPeONFGR3VJGg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Mon, 22 Jul 2024 00:14:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0
soc_0.png
wickedsistersault.com/wp-content/themes/eatery/images/ 		0
0
t4b_widget_coe-v2381509749a.css
static.tacdn.com/css2/build/concat/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tacdn.com/css2/build/concat/t4b_widget_coe-v2381509749a.css
Requested by
Host: www.tripadvisor.com
URL: https://www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2017&locationId=7761790&display_version=2&uniq=801&lang=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.83 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
68a2a01d74effffbc2ed6c93f957b61e637528068c560b32a42473262a1e6625

Request headers

Referer
https://wickedsister.rosem.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits
1456
date
Mon, 22 Jul 2024 00:14:51 GMT
content-encoding
br
via
1.1 varnish
age
1630459
x-cache
HIT
content-length
1968
x-request-id
ba77704d-db98-4a91-bc1f-bd164f6d956d
x-served-by
cache-fra-etou8220075-FRA
last-modified
Thu, 20 Jun 2024 11:40:38 GMT
server
envoy
x-timer
S1721607292.883005,VS0,VE0
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Jul 2025 03:20:33 GMT
cdswidgets_min-c-v2395114504a.js
static.tacdn.com/js3/build/concat/widget/ 		2 KB
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tacdn.com/js3/build/concat/widget/cdswidgets_min-c-v2395114504a.js
Requested by
Host: www.tripadvisor.com
URL: https://www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2017&locationId=7761790&display_version=2&uniq=801&lang=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.83 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
c99528654d193b123e3f9dd7668529eeffa9c956ddcf0ea8d84ec589b3fdd5cd

Request headers

Referer
https://wickedsister.rosem.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits
2186
date
Mon, 22 Jul 2024 00:14:51 GMT
content-encoding
br
via
1.1 varnish
age
2929514
x-cache
HIT
content-length
570
x-request-id
ddd60c9f-86c4-4415-aabc-762a3e003007
x-served-by
cache-fra-etou8220075-FRA
last-modified
Wed, 05 Jun 2024 11:38:45 GMT
server
envoy
x-timer
S1721607292.883121,VS0,VE0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 02:29:38 GMT
coe-14348-2.png
www.tripadvisor.com/img/cdsi/img2/awards/v2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tripadvisor.com/img/cdsi/img2/awards/v2/coe-14348-2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
63cddeb808a52e0aa99d3fa1503739c927c4fce451f41d312610b1104626bd5c

Request headers

Referer
https://wickedsister.rosem.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 22 Jul 2024 00:14:52 GMT
via
1.1 varnish
expires
Mon, 22 Jul 2024 12:14:52 GMT
server
envoy
x-timer
S1721607292.214377,VS0,VE102
x-cache
MISS
content-type
image/png
cache-control
private, max-age=43200
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
x-request-id
70f024fe-7718-4936-8eef-b098524eca2d
x-served-by
cache-fra-etou8220157-FRA
favicon.ico
wickedsister.rosem.com/ 		746 B
553 B 		Other
General
Check archive.org
Download Go to
Full URL
https://wickedsister.rosem.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.226.161 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
isamisa.com.pe
Software
Apache /
Resource Hash
63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666

Request headers

Referer
https://wickedsister.rosem.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 00:14:52 GMT
content-encoding
gzip
last-modified
Tue, 23 Apr 2019 05:22:04 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
462

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/themes/eatery/style.css
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/plugins/jj-nextgen-jquery-slider/stylesheets/nivo-slider.css?ver=4.9.26
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/themes/eatery/css/meanmenu.css?ver=4.9.26
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/themes/eatery/css/superfish.css?ver=1.4.8
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/themes/eatery/css/prettyPhoto.css?ver=3.1.4
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/themes/eatery/css/nivo/default/default.css?ver=3.1
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/themes/eatery/css/nivo-slider.css?ver=3.1
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/themes/eatery/css/1140.css?ver=1.0.0
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/themes/eatery/css/1140-responsive.css?ver=1.0.0
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/plugins/jj-nextgen-jquery-slider/script/jquery.nivo.slider.pack.js?ver=2.4
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/plugins/jj-nextgen-jquery-slider/script/jquery.jj_ngg_shuffle.js?ver=4.9.26
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/plugins/jj-nextgen-jquery-slider/script/jjnggutils.js?ver=4.9.26
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/themes/eatery/js/jquery.meanmenu.js?ver=1
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/themes/eatery/js/jqsf.js?ver=4.9.26
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/themes/eatery/js/superfish.js?ver=1.4.8
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/themes/eatery/js/window.load.js?ver=4.9.26
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/themes/eatery/css/social_media.css
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/uploads/2015/04/wicked-sister-logo_small.gif
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/themes/eatery/js/nivo-slider/jquery.nivo.slider.js?ver=1.0
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/uploads/2015/04/19123_463405140481645_362555199078516937_n.jpg
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/uploads/2015/04/11021273_455742617914564_8678589069801325068_n.jpg
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/uploads/2015/04/11018732_459142310907928_7117060334685034083_n.jpg
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/uploads/2015/04/11052511_469218929900266_7259168503747119841_n.jpg
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/uploads/2015/04/11113600_474608489361310_3249585699858670592_n.jpg
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/uploads/2015/04/11077866_470633376425488_1522594094950701552_n.jpg
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/uploads/2015/04/chamber_bucks_5-150x150.jpg
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-includes/js/comment-reply.min.js?ver=4.9.26
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-includes/js/wp-embed.min.js?ver=4.9.26
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.26
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Arvo
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=PT+Sans
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/uploads/2015/04/wallpaper.png
Domain
gateway.textripple.com
URL
https://gateway.textripple.com/iw/?cid=mithew0001&keyword=wicked&source=1
Domain
wickedsistersault.com
URL
https://wickedsistersault.com/wp-content/themes/eatery/images/soc_0.png

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _wpemojiSettings object| newSS object| newJs function| checkHomePageLink function| injectcertificateOfExcellence2349 object| taValList number| taValIndex function| taValidate function| taAddValidator function| injectcertificateOfExcellence5395 object| ta number| ii function| fname

1 Cookies

Domain/Path Name / Value
.wickedsistersault.com/ Name: __cf_bm
Value: WRPeC7HmSLghbIgwJEEN76Fif95gQVoiaojReYmY6FM-1721607291-1.0.1.1-FcfIeOHGhmk33Ave9w6zmf2USEw_hJLoL6xxb0hrID1q5Ns7rC_qB2stOnkDP3uFBFqjcgCcza8pPkUjWrammw

44 Console Messages

Source Level URL
Text
security warning URL: https://wickedsister.rosem.com/
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/wicked-sister-logo_small.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wickedsister.rosem.com/
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/19123_463405140481645_362555199078516937_n.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wickedsister.rosem.com/
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/11021273_455742617914564_8678589069801325068_n.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wickedsister.rosem.com/
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/11018732_459142310907928_7117060334685034083_n.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wickedsister.rosem.com/
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/11052511_469218929900266_7259168503747119841_n.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wickedsister.rosem.com/
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/11113600_474608489361310_3249585699858670592_n.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wickedsister.rosem.com/
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/11077866_470633376425488_1522594094950701552_n.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wickedsister.rosem.com/
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/chamber_bucks_5-150x150.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://wickedsistersault.com/wp-content/themes/eatery/css/prettyPhoto.css?ver=3.1.4
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/themes/eatery/css/1140.css?ver=1.0.0
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/themes/eatery/css/superfish.css?ver=1.4.8
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/themes/eatery/css/social_media.css
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/themes/eatery/css/meanmenu.css?ver=4.9.26
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/themes/eatery/style.css
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/themes/eatery/css/1140-responsive.css?ver=1.0.0
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/themes/eatery/css/nivo-slider.css?ver=3.1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/themes/eatery/css/nivo/default/default.css?ver=3.1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/themes/eatery/js/window.load.js?ver=4.9.26
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/themes/eatery/js/jquery.meanmenu.js?ver=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/themes/eatery/js/superfish.js?ver=1.4.8
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/themes/eatery/js/jqsf.js?ver=4.9.26
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
security error URL: https://wickedsister.rosem.com/(Line 212)
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Arvo'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://wickedsister.rosem.com/(Line 216)
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=PT+Sans'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://wickedsister.rosem.com/(Line 270)
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/wicked-sister-logo_small.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://wickedsistersault.com/wp-content/uploads/2015/04/wicked-sister-logo_small.gif
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
security warning URL: https://wickedsister.rosem.com/
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/wallpaper.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://wickedsistersault.com/wp-content/themes/eatery/js/nivo-slider/jquery.nivo.slider.js?ver=1.0
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/uploads/2015/04/11021273_455742617914564_8678589069801325068_n.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/uploads/2015/04/19123_463405140481645_362555199078516937_n.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/uploads/2015/04/11113600_474608489361310_3249585699858670592_n.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/uploads/2015/04/chamber_bucks_5-150x150.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/uploads/2015/04/11052511_469218929900266_7259168503747119841_n.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/uploads/2015/04/11077866_470633376425488_1522594094950701552_n.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/uploads/2015/04/11018732_459142310907928_7117060334685034083_n.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsistersault.com/wp-content/uploads/2015/04/wallpaper.png
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
security warning URL: https://wickedsister.rosem.com/(Line 318)
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/19123_463405140481645_362555199078516937_n.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wickedsister.rosem.com/(Line 318)
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/11021273_455742617914564_8678589069801325068_n.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wickedsister.rosem.com/(Line 318)
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/11018732_459142310907928_7117060334685034083_n.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wickedsister.rosem.com/(Line 318)
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/11052511_469218929900266_7259168503747119841_n.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wickedsister.rosem.com/(Line 318)
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/11113600_474608489361310_3249585699858670592_n.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wickedsister.rosem.com/(Line 318)
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/11077866_470633376425488_1522594094950701552_n.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wickedsister.rosem.com/(Line 318)
Message:
Mixed Content: The page at 'https://wickedsister.rosem.com/' was loaded over HTTPS, but requested an insecure element 'http://wickedsistersault.com/wp-content/uploads/2015/04/chamber_bucks_5-150x150.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://wickedsistersault.com/wp-content/themes/eatery/images/soc_0.png
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://wickedsister.rosem.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()