urlscan.io logo urlscan.io
SecurityTrails logo

www.bewitchedgdr.it Open in urlscan Pro
2606:4700:30::681b:abdc  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bewitchedgdr.it/
Effective URL: http://www.bewitchedgdr.it/
Submission: On January 16 via manual from CO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 17 HTTP transactions. The main IP is 2606:4700:30::681b:abdc, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.bewitchedgdr.it.
This is the only time www.bewitchedgdr.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2606:4700:30:... 13335 (CLOUDFLAR...)
4 2606:4700:30:... 13335 (CLOUDFLAR...)
2 205.185.208.52 20446 (HIGHWINDS3)
3 94.31.29.138 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
17 8
4    2606:4700:30::681b:aadc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
bewitchedgdr.it
www.bewitchedgdr.it
4    2606:4700:30::681b:abdc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.bewitchedgdr.it
2    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
3    94.31.29.138 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.138.IPYX-077437-ZYO.above.net
cdn.jsdelivr.net
1    2a00:1450:4001:806::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:81f::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
1    2606:4700:30::681c:597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
freegeoip.app
1    2a00:1450:4001:818::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
s.ytimg.com
Domain Requested by
7 www.bewitchedgdr.it www.bewitchedgdr.it
code.jquery.com
3 cdn.jsdelivr.net www.bewitchedgdr.it
cdn.jsdelivr.net
2 www.youtube.com www.bewitchedgdr.it
s.ytimg.com
2 code.jquery.com www.bewitchedgdr.it
1 s.ytimg.com www.youtube.com
1 freegeoip.app cdn.jsdelivr.net
1 fonts.googleapis.com www.bewitchedgdr.it
1 bewitchedgdr.it 1 redirects
17 8
Subject Issuer Validity Valid
cdn.jsdelivr.net
COMODO RSA Domain Validation Secure Server CA		 2014-04-20 -
2019-04-19		 5 years crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh
sni190379.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-01-03 -
2019-07-12		 6 months crt.sh

This page contains 2 frames:

Primary Page: http://www.bewitchedgdr.it/
Frame ID: 3B2D99786C6A89951C7EB5C6D2661BA5
Requests: 16 HTTP requests in this frame

Frame: https://www.youtube.com/embed/tgryDIU1tl4?autoplay=1&controls=0&showinfo=0&modestbranding=1&loop=1&fs=1&cc_load_policy=1&iv_load_policy=1&autohide=1&playlist=tgryDIU1tl4&enablejsapi=1&origin=http%3A%2F%2Fwww.bewitchedgdr.it&widgetid=1
Frame ID: 688E2759C1267DEF9E0F00A4BECCE67E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bewitchedgdr.it/ HTTP 302
    http://www.bewitchedgdr.it/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

17
Requests

47 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

911 kB
Transfer

1011 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bewitchedgdr.it/ HTTP 302
    http://www.bewitchedgdr.it/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.bewitchedgdr.it/
Redirect Chain
  • http://bewitchedgdr.it/
  • http://www.bewitchedgdr.it/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.bewitchedgdr.it/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:abdc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.6.31
Resource Hash
5448af3304b040a37c59a4ecd24e3c832eefb2fec39662d5a073a6ef9dbd4609

Request headers

Host
www.bewitchedgdr.it
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d565592fe74f8672066bcd68cfc5e05bb1547608475
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 16 Jan 2019 03:14:35 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
X-Powered-By
PHP/5.6.31
Set-Cookie
PHPSESSID=ve7doc6pap05jg2e362sd97k34; path=/
Server
cloudflare
CF-RAY
499d69ac75a6635b-FRA
Content-Encoding
gzip

Redirect headers

Date
Wed, 16 Jan 2019 03:14:35 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d565592fe74f8672066bcd68cfc5e05bb1547608475; expires=Thu, 16-Jan-20 03:14:35 GMT; path=/; domain=.bewitchedgdr.it; HttpOnly PHPSESSID=o60re9eq6r32a1nj8vda4o0qe6; path=/
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
http://www.bewitchedgdr.it
X-Powered-By
PHP/5.6.31
Server
cloudflare
CF-RAY
499d69ab8382c2f1-FRA
style.css
www.bewitchedgdr.it/style/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.bewitchedgdr.it/style/style.css?6
Requested by
Host: www.bewitchedgdr.it
URL: http://www.bewitchedgdr.it/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:abdc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
df54c7101f802e460f6c7f7dd691603d4f93cc5958ce44dcb85f898c640c4e39

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.bewitchedgdr.it
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.bewitchedgdr.it/
Cookie
__cfduid=d565592fe74f8672066bcd68cfc5e05bb1547608475; PHPSESSID=ve7doc6pap05jg2e362sd97k34
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.bewitchedgdr.it/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 16 Jan 2019 03:14:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sun, 16 Sep 2018 17:25:26 GMT
Server
cloudflare
ETag
W/"247dd641e24dd41:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
499d69acc5b3635b-FRA
Expires
Wed, 16 Jan 2019 07:14:35 GMT
jquery-1.11.2.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/jquery-1.11.2.min.js
Requested by
Host: www.bewitchedgdr.it
URL: http://www.bewitchedgdr.it/
Protocol
HTTP/1.1
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Referer
http://www.bewitchedgdr.it/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 16 Jan 2019 03:14:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Dec 2014 16:05:21 GMT
Server
nginx
ETag
W/"5491a9c1-176bb"
Vary
Accept-Encoding
X-HW
1547608475.dop009.pa1.t,1547608475.cds035.pa1.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33262
jquery-migrate-1.2.1.min.js
code.jquery.com/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by
Host: www.bewitchedgdr.it
URL: http://www.bewitchedgdr.it/
Protocol
HTTP/1.1
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Referer
http://www.bewitchedgdr.it/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 16 Jan 2019 03:14:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
W/"54499a48-1c1f"
Vary
Accept-Encoding
X-HW
1547608475.dop008.pa1.t,1547608475.cds009.pa1.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3264
cookiebar-latest.min.js
cdn.jsdelivr.net/npm/cookie-bar/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?forceLang=it&thirdparty=1&always=1
Requested by
Host: www.bewitchedgdr.it
URL: http://www.bewitchedgdr.it/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.138 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.138.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
7d953a6e77e4e38aa06922b4a0016d23e5691f4ce449dcadb45409f8b5f7d53d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bewitchedgdr.it/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 16 Jan 2019 03:14:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"1648-LjXCTIk7j0xHpkYemuRmvIHiQtU"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
HIT
content-type
application/javascript; charset=utf-8
status
200
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
vary
Accept-Encoding
x-served-by
cache-ams21040-AMS, cache-hhn1523-HHN
logomini.png
www.bewitchedgdr.it/img/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bewitchedgdr.it/img/logomini.png
Requested by
Host: www.bewitchedgdr.it
URL: http://www.bewitchedgdr.it/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:aadc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ae09cfd85f6f007e5300dc0ce2d72494bf01dec607f27955acb136655632374

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.bewitchedgdr.it
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.bewitchedgdr.it/
Cookie
__cfduid=d565592fe74f8672066bcd68cfc5e05bb1547608475; PHPSESSID=ve7doc6pap05jg2e362sd97k34
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.bewitchedgdr.it/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 16 Jan 2019 03:14:35 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Mon, 12 Mar 2018 19:12:40 GMT
Server
cloudflare
ETag
"8245411736bad31:0"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
499d69acd0f564d5-FRA
Content-Length
47600
Expires
Wed, 16 Jan 2019 07:14:35 GMT
css
fonts.googleapis.com/ 		457 B
390 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Gloria+Hallelujah
Requested by
Host: www.bewitchedgdr.it
URL: http://www.bewitchedgdr.it/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
2b75e39b6a9482230a38c9b2cf154104d66553f9f1aab2ea81bfa3dec6d26c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.bewitchedgdr.it/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 16 Jan 2019 03:14:35 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 16 Jan 2019 03:14:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Wed, 16 Jan 2019 03:14:35 GMT
iframe_api
www.youtube.com/ 		859 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.bewitchedgdr.it
URL: http://www.bewitchedgdr.it/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
9d15d6be9c463e262a90401362a498e9142ee8579fe021614d89c8640c078105
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

Referer
http://www.bewitchedgdr.it/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 16 Jan 2019 03:14:35 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
859
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
expires
Tue, 27 Apr 1971 19:44:06 EST
bgnight.png
www.bewitchedgdr.it/img/ 		352 KB
353 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bewitchedgdr.it/img/bgnight.png
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.11.2.min.js
Protocol
HTTP/1.1
Server
2606:4700:30::681b:aadc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7ffcbd42b9d693e1fe6e41e0ba07a35e31765f41c225dc7c2c6dfb3881f9ce

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.bewitchedgdr.it
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.bewitchedgdr.it/
Cookie
__cfduid=d565592fe74f8672066bcd68cfc5e05bb1547608475; PHPSESSID=ve7doc6pap05jg2e362sd97k34
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.bewitchedgdr.it/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 16 Jan 2019 03:14:35 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 06 Jun 2018 17:35:56 GMT
Server
cloudflare
ETag
"3e3a41d3bcfdd31:0"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
499d69ad611564d5-FRA
Content-Length
360849
Expires
Wed, 16 Jan 2019 07:14:35 GMT
nuvolenight.png
www.bewitchedgdr.it/img/ 		293 KB
293 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bewitchedgdr.it/img/nuvolenight.png
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.11.2.min.js
Protocol
HTTP/1.1
Server
2606:4700:30::681b:abdc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7091bfb090543674a4fdf1b3d29aae21b8aa05fbbee4e3f451927b65174813

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.bewitchedgdr.it
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.bewitchedgdr.it/
Cookie
__cfduid=d565592fe74f8672066bcd68cfc5e05bb1547608475; PHPSESSID=ve7doc6pap05jg2e362sd97k34
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.bewitchedgdr.it/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 16 Jan 2019 03:14:35 GMT
CF-Cache-Status
HIT
Last-Modified
Mon, 12 Mar 2018 22:02:13 GMT
Server
cloudflare
ETag
"64621ac74dbad31:0"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
499d69ad65cb635b-FRA
Content-Length
299930
Expires
Wed, 16 Jan 2019 07:14:35 GMT
logindrape.png
www.bewitchedgdr.it/img/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bewitchedgdr.it/img/logindrape.png
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.11.2.min.js
Protocol
HTTP/1.1
Server
2606:4700:30::681b:abdc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bf683efb31d6e4c2f46baf9a88c69095ac8d106db6b993ad77664a4468a6586

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.bewitchedgdr.it
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.bewitchedgdr.it/
Cookie
__cfduid=d565592fe74f8672066bcd68cfc5e05bb1547608475; PHPSESSID=ve7doc6pap05jg2e362sd97k34
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.bewitchedgdr.it/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 16 Jan 2019 03:14:35 GMT
CF-Cache-Status
HIT
Last-Modified
Mon, 12 Mar 2018 18:55:32 GMT
Server
cloudflare
ETag
"8bfb7cb233bad31:0"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
499d69ad672fbf0c-FRA
Content-Length
117859
Expires
Wed, 16 Jan 2019 07:14:35 GMT
avatarVelvet.png
www.bewitchedgdr.it/img/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bewitchedgdr.it/img/avatarVelvet.png
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.11.2.min.js
Protocol
HTTP/1.1
Server
2606:4700:30::681b:aadc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ae35395efddf6ee66cbb52a47a4349f73cc1949bd4903b51adbe4b1a92117f1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.bewitchedgdr.it
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.bewitchedgdr.it/style/style.css?6
Cookie
__cfduid=d565592fe74f8672066bcd68cfc5e05bb1547608475; PHPSESSID=ve7doc6pap05jg2e362sd97k34
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.bewitchedgdr.it/style/style.css?6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 16 Jan 2019 03:14:35 GMT
CF-Cache-Status
HIT
Last-Modified
Mon, 04 Jan 2016 04:51:12 GMT
Server
cloudflare
ETag
"f395889ab46d11:0"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
499d69ad6744c28d-FRA
Content-Length
44087
Expires
Wed, 16 Jan 2019 07:14:35 GMT
/
freegeoip.app/json/ 		251 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freegeoip.app/json/
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?forceLang=it&thirdparty=1&always=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
76d6b98ff3f8a11906046fc0dbbb0580bcadaa65035f203bfad47e8465a3b821

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.bewitchedgdr.it/
Origin
http://www.bewitchedgdr.it

Response headers

date
Wed, 16 Jan 2019 03:14:35 GMT
content-encoding
br
server
cloudflare
status
200
x-cache-status
MISS
vary
Origin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
access-control-allow-origin
http://www.bewitchedgdr.it
x-ratelimit-remaining
19999
access-control-allow-credentials
true
x-ratelimit-reset
3600
x-ratelimit-limit
20000
x-database-date
Wed, 09 Jan 2019 09:16:11 GMT
cf-ray
499d69adb952bf1b-FRA
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflHdGmps/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflHdGmps/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
27a9d5da522a9269ce5317f99cc458e95bcf4b13acb90fa0d6ee43910553f880
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.bewitchedgdr.it/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 15 Jan 2019 23:21:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13969
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
7729
x-xss-protection
1; mode=block
last-modified
Tue, 15 Jan 2019 13:23:00 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Wed, 23 Jan 2019 23:21:46 GMT
cookiebar.min.css
cdn.jsdelivr.net/npm/cookie-bar/themes/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookie-bar/themes/cookiebar.min.css
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?forceLang=it&thirdparty=1&always=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.138 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.138.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2f9c996d2403389c04bfb532f548c91efd52a3534cfbde48b9f7acdf344ae7fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bewitchedgdr.it/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 16 Jan 2019 03:14:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"1117-Xg8+49wiY+/JEiuQOLX1rjWzA48"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
vary
Accept-Encoding
x-served-by
cache-ams21029-AMS, cache-iad2626-IAD
it.html
cdn.jsdelivr.net/npm/cookie-bar/lang/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookie-bar/lang/it.html
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?forceLang=it&thirdparty=1&always=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.138 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.138.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
6e250caac7446ace580c83deb4a8b5f4fd94fd755a0df967ae8e457976bb7d3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.bewitchedgdr.it/
Origin
http://www.bewitchedgdr.it

Response headers

date
Wed, 16 Jan 2019 03:14:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
NetDNA-cache/2.2
status
200
etag
W/"e77-HQWzohmMulEWAzGf/+5uDan2KaU"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
HIT
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
vary
Accept-Encoding
x-served-by
cache-ams21026-AMS, cache-bwi5023-BWI
tgryDIU1tl4
www.youtube.com/embed/ Frame 688E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/tgryDIU1tl4?autoplay=1&controls=0&showinfo=0&modestbranding=1&loop=1&fs=1&cc_load_policy=1&iv_load_policy=1&autohide=1&playlist=tgryDIU1tl4&enablejsapi=1&origin=http%3A%2F%2Fwww.bewitchedgdr.it&widgetid=1
Requested by
Host: s.ytimg.com
URL: https://s.ytimg.com/yts/jsbin/www-widgetapi-vflHdGmps/www-widgetapi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/tgryDIU1tl4?autoplay=1&controls=0&showinfo=0&modestbranding=1&loop=1&fs=1&cc_load_policy=1&iv_load_policy=1&autohide=1&playlist=tgryDIU1tl4&enablejsapi=1&origin=http%3A%2F%2Fwww.bewitchedgdr.it&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.bewitchedgdr.it/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.bewitchedgdr.it/

Response headers

status
200
expires
Tue, 27 Apr 1971 19:44:06 EST
cache-control
no-cache
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
date
Wed, 16 Jan 2019 03:14:35 GMT
server
YouTube Frontend Proxy
set-cookie
VISITOR_INFO1_LIVE=4yJJurph71I; path=/; domain=.youtube.com; expires=Mon, 15-Jul-2019 03:14:35 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Mon, 16-Sep-2019 15:07:35 GMT VISITOR_INFO1_LIVE=4yJJurph71I; path=/; domain=.youtube.com; expires=Mon, 15-Jul-2019 03:14:35 GMT; httponly YSC=JEWPFJCSdXY; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Wed, 16-Jan-2019 03:44:35 GMT
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| setupCookieBar object| CookieLanguages object| cookieLawStates object| tag object| firstScriptTag function| onYouTubeIframeAPIReady string| path object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| promptContent object| thirdparty object| tracking object| scrolling object| privacyPage object| privacyLink object| mainBarPrivacyLink

6 Cookies

Domain/Path Name / Value
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: YSC
Value: JEWPFJCSdXY
.bewitchedgdr.it/ Name: __cfduid
Value: d565592fe74f8672066bcd68cfc5e05bb1547608475
.youtube.com/ Name: PREF
Value: f1=50000000
www.bewitchedgdr.it/ Name: PHPSESSID
Value: ve7doc6pap05jg2e362sd97k34
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 4yJJurph71I

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bewitchedgdr.it
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
freegeoip.app
s.ytimg.com
www.bewitchedgdr.it
www.youtube.com
205.185.208.52
2606:4700:30::681b:aadc
2606:4700:30::681b:abdc
2606:4700:30::681c:597
2a00:1450:4001:806::200a
2a00:1450:4001:818::200e
2a00:1450:4001:81f::200e
94.31.29.138
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
27a9d5da522a9269ce5317f99cc458e95bcf4b13acb90fa0d6ee43910553f880
2b75e39b6a9482230a38c9b2cf154104d66553f9f1aab2ea81bfa3dec6d26c8f
2bf683efb31d6e4c2f46baf9a88c69095ac8d106db6b993ad77664a4468a6586
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2f9c996d2403389c04bfb532f548c91efd52a3534cfbde48b9f7acdf344ae7fe
5448af3304b040a37c59a4ecd24e3c832eefb2fec39662d5a073a6ef9dbd4609
5ae09cfd85f6f007e5300dc0ce2d72494bf01dec607f27955acb136655632374
5d7ffcbd42b9d693e1fe6e41e0ba07a35e31765f41c225dc7c2c6dfb3881f9ce
6ae35395efddf6ee66cbb52a47a4349f73cc1949bd4903b51adbe4b1a92117f1
6e250caac7446ace580c83deb4a8b5f4fd94fd755a0df967ae8e457976bb7d3a
76d6b98ff3f8a11906046fc0dbbb0580bcadaa65035f203bfad47e8465a3b821
7d953a6e77e4e38aa06922b4a0016d23e5691f4ce449dcadb45409f8b5f7d53d
8c7091bfb090543674a4fdf1b3d29aae21b8aa05fbbee4e3f451927b65174813
9d15d6be9c463e262a90401362a498e9142ee8579fe021614d89c8640c078105
df54c7101f802e460f6c7f7dd691603d4f93cc5958ce44dcb85f898c640c4e39