www.desertwitchretreats.com
Open in
urlscan Pro
23.229.223.162
Public Scan
Submitted URL: https://mail.desertwitchretreats.com/
Effective URL: https://www.desertwitchretreats.com/
Submission Tags: phishingrod
Submission: On March 23 via api from DE — Scanned from DE
Effective URL: https://www.desertwitchretreats.com/
Submission Tags: phishingrod
Submission: On March 23 via api from DE — Scanned from DE
Summary
This website contacted 14 IPs
in 2 countries
across 11 domains to perform 42 HTTP transactions.
The main IP is 23.229.223.162, located in
United States and
belongs to GO-DADDY-COM-LLC, US.
The main domain is www.desertwitchretreats.com.
TLS certificate: Issued by R3 on March 23rd 2024. Valid for: 3 months.
This is the only time www.desertwitchretreats.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on March 23rd 2024. Valid for: 3 months.
This is the only time www.desertwitchretreats.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 7 | 23.229.223.162 23.229.223.162 | 398101 (GO-DADDY-...) (GO-DADDY-COM-LLC) | |
| 13 | 2606:4700:440... 2606:4700:4400::ac40:9a69 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:82f::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 7 | 151.101.130.133 151.101.130.133 | 54113 (FASTLY) (FASTLY) | |
| 1 2 | 2.19.120.32 2.19.120.32 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 2606:4700:440... 2606:4700:4400::6812:2108 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:82f::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a02:26f0:480... 2a02:26f0:480:d::210:f15c | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 3 | 151.101.194.133 151.101.194.133 | 54113 (FASTLY) (FASTLY) | |
| 1 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 151.101.2.133 151.101.2.133 | 54113 (FASTLY) (FASTLY) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2606:4700:440... 2606:4700:4400::6812:255d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 42 | 14 |
7
23.229.223.162
(United States)
ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 162.223.229.23.host.secureserver.net
ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 162.223.229.23.host.secureserver.net
| mail.desertwitchretreats.com | |
| www.desertwitchretreats.com |
1
2a00:1450:4001:82f::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
2.19.120.32
(Düsseldorf, Germany)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-120-32.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-120-32.deploy.static.akamaitechnologies.com
| img1.wsimg.com |
2
2a02:26f0:480:d::210:f15c
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| events.api.secureserver.net |
3
151.101.194.133
(United States)
ASN54113 (FASTLY, US)
ASN54113 (FASTLY, US)
| static-tracking.klaviyo.com | |
| static-forms.klaviyo.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 13 |
nitrocdn.com
cdn-kedmd.nitrocdn.com |
518 KB |
| 11 |
klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 3282 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4058 fast.a.klaviyo.com — Cisco Umbrella Rank: 4643 static-forms.klaviyo.com — Cisco Umbrella Rank: 4151 |
75 KB |
| 7 |
desertwitchretreats.com
1 redirects
mail.desertwitchretreats.com www.desertwitchretreats.com |
287 KB |
| 2 |
getnitropack.com
to.getnitropack.com — Cisco Umbrella Rank: 31083 |
350 B |
| 2 |
secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 20883 |
580 B |
| 2 |
wsimg.com
1 redirects
img1.wsimg.com — Cisco Umbrella Rank: 15626 |
21 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110 |
1 KB |
| 1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1728 |
262 B |
| 1 |
gstatic.com
fonts.gstatic.com |
17 KB |
| 1 |
nitroscripts.com
nitroscripts.com — Cisco Umbrella Rank: 30992 |
13 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114 |
97 KB |
| 42 | 11 |
| Domain | Requested by | |
|---|---|---|
| 13 | cdn-kedmd.nitrocdn.com |
www.desertwitchretreats.com
|
| 7 | static.klaviyo.com |
www.desertwitchretreats.com
static.klaviyo.com |
| 6 | www.desertwitchretreats.com |
www.desertwitchretreats.com
cdn-kedmd.nitrocdn.com |
| 2 | to.getnitropack.com |
nitroscripts.com
|
| 2 | static-tracking.klaviyo.com |
static.klaviyo.com
|
| 2 | events.api.secureserver.net |
cdn-kedmd.nitrocdn.com
|
| 2 | img1.wsimg.com |
1 redirects
www.desertwitchretreats.com
|
| 1 | fonts.googleapis.com |
client
|
| 1 | static-forms.klaviyo.com |
static.klaviyo.com
|
| 1 | fast.a.klaviyo.com |
static.klaviyo.com
|
| 1 | region1.google-analytics.com |
www.googletagmanager.com
|
| 1 | fonts.gstatic.com |
cdn-kedmd.nitrocdn.com
|
| 1 | nitroscripts.com |
www.desertwitchretreats.com
|
| 1 | www.googletagmanager.com |
www.desertwitchretreats.com
|
| 1 | mail.desertwitchretreats.com | 1 redirects |
| 42 | 15 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.instagram.com |
| www.linkedin.com |
| www.pinterest.com |
| www.schoolofembodiedliving.com |
| www.freelancer.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| desertwitchretreats.com R3 |
2024-03-23 - 2024-06-21 |
3 months | crt.sh |
| nitrocdn.com Cloudflare Inc ECC CA-3 |
2024-02-23 - 2024-12-31 |
10 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
| static.klaviyo.com R3 |
2024-03-13 - 2024-06-11 |
3 months | crt.sh |
| nitroscripts.com GTS CA 1P5 |
2024-03-03 - 2024-06-01 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
| *.api.secureserver.net Starfield Secure Certificate Authority - G2 |
2023-07-10 - 2024-08-10 |
a year | crt.sh |
| static-tracking.klaviyo.com R3 |
2024-03-21 - 2024-06-19 |
3 months | crt.sh |
| fast.a.klaviyo.com R3 |
2024-03-13 - 2024-06-11 |
3 months | crt.sh |
| static-forms.klaviyo.com R3 |
2024-02-20 - 2024-05-20 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
| getnitropack.com Cloudflare Inc ECC CA-3 |
2024-01-13 - 2024-12-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.desertwitchretreats.com/
Frame ID: 309C87C1BEE28A3BE7D68CF942226212
Requests: 51 HTTP requests in this frame
Screenshot
Page Title
Desert Witch RetreatsPage URL History Show full URLs
-
https://mail.desertwitchretreats.com/
HTTP 301
https://www.desertwitchretreats.com/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googleapis\.com/.+webfont
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Klaviyo
(Marketing automation)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- klaviyo\.com
Swiper Slider
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- swiper(?:\.min)?\.js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
URL: https://www.instagram.com/yourdesertwitch/
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/in/laurenlovettsw
Search URL Search Domain Scan URL
URL: https://www.pinterest.com/laurenloves13
Search URL Search Domain Scan URL
URL: https://www.schoolofembodiedliving.com/creative-process
Title: Learn More
Title: Learn More
Search URL Search Domain Scan URL
URL: https://www.freelancer.com/u/CoderCrew
Title: Developed by CODERCREW
Title: Developed by CODERCREW
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://mail.desertwitchretreats.com/
HTTP 301
https://www.desertwitchretreats.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
- https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
42 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.desertwitchretreats.com/ Redirect Chain
|
111 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0241718195d8f38d6358df6823e061b7.css2
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/desktop/source/rev-52c7305/fonts.googleapis.com/ |
2 KB 753 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f3255c439ed0710d94e71cc0ad66c652.css2
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/desktop/source/rev-52c7305/fonts.googleapis.com/ |
2 KB 645 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fa-brands-400.woff2
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/static/source/rev-52c7305/www.desertwitchretreats.com/wp-content/themes/lauren/inc/assets/webfonts/ |
77 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nitro-min-noimport-3e4a789ac76ebd8d5aaccd9010a0e4d3-stylesheet.css
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/static/optimized/rev-52c7305/www.desertwitchretreats.com/externalFontFace/ |
54 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
render-blocking-nitro-min-d371fd8f77f7d5651d41621e944237f8-nitro.js
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/static/optimized/rev-52c7305/www.desertwitchretreats.com/combinedJs/ |
99 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
290 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
klaviyo.js
static.klaviyo.com/onsite/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
render-blocking-nitro-min-0f2267edcd8e99bf1f89d8d31d3c2837-nitro.js
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/static/optimized/rev-52c7305/www.desertwitchretreats.com/combinedJs/ |
336 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
render-blocking-nitro-min-1e8adfb454f2c6a72a33f47844b361a5-nitro.js
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/static/optimized/rev-52c7305/www.desertwitchretreats.com/combinedJs/ |
40 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
render-blocking-nitro-min-16fb0c6237eaa0636bed1a4f8128f2b1-nitro.js
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/static/optimized/rev-52c7305/www.desertwitchretreats.com/combinedJs/ |
46 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
scc-c2.min.js
img1.wsimg.com/signals/js/clients/scc-c2/ Redirect Chain
|
103 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nitro-min-599f2f5696c7ac2bc6edb52d76a754a8._jb_static
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/desktop/optimized/rev-52c7305/www.desertwitchretreats.com/ |
615 KB 79 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA
nitroscripts.com/ |
41 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
95 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
nitro-min-e9bd40bc2a1c58108eeb87ba7c81a00f.animations.min.css
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/static/optimized/rev-52c7305/www.desertwitchretreats.com/wp-content/plugins/elementor/assets/lib/animations/ |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
neILzCirqoswsqX9zoKmM4MwWJU.woff2
fonts.gstatic.com/s/lobster/v30/ |
16 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
e7e1de96-6970-40fe-809e-9eff82184e47
https://www.desertwitchretreats.com/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 290 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
WhatsApp-Image-2022-10-11-at-5.50.51-PM.jpeg
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/images/optimized/rev-5c7d092/www.desertwitchretreats.com/wp-content/uploads/2022/10/ |
38 KB 38 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
89230b5345a37210b4b96a96bfe7fb53.Picture3-min.png
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/images/source/rev-5c7d092/i0.wp.com/www.desertwitchretreats.com/wp-content/uploads/2022/12/ |
138 KB 138 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
b1d17313b57187a3663a9246f2ab3353.SacredSong_FrontCoverNoScript_HiRes.jpg
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/images/optimized/rev-5c7d092/i0.wp.com/www.desertwitchretreats.com/wp-content/uploads/2022/09/ |
26 KB 26 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fender_analytics.ef4116f665b9b33c638e.js
static-tracking.klaviyo.com/onsite/js/ |
31 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
static.500134348b1f0969ffe3.js
static-tracking.klaviyo.com/onsite/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
runtime.043c5fc48859f5b8755f.js
static.klaviyo.com/onsite/js/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sharedUtils.bbdc726a6cc83452dd13.js
static.klaviyo.com/onsite/js/ |
44 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendors~signup_forms~onsite-triggering.864cb3176bd70af21590.js
static.klaviyo.com/onsite/js/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendors~signup_forms.e707d6d405eecdf67185.js
static.klaviyo.com/onsite/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default~signup_forms~onsite-triggering.f802a18932c79492ad38.js
static.klaviyo.com/onsite/js/ |
30 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
signup_forms.b6b6f28ee33b9d03e436.js
static.klaviyo.com/onsite/js/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
9eedbc81-179c-416e-97b8-7dc448eec618
https://www.desertwitchretreats.com/ |
256 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-emoji-release.min.js
www.desertwitchretreats.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 262 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
swiper.min.js
www.desertwitchretreats.com/wp-content/plugins/elementor/assets/lib/swiper/ |
136 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Picture2-min.png
www.desertwitchretreats.com/wp-content/uploads/2022/12/ |
99 KB 99 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Picture1-min.png
www.desertwitchretreats.com/wp-content/uploads/2022/12/ |
123 KB 124 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
text-editor.2c35aafbe5bf0e127950.bundle.min.js
www.desertwitchretreats.com/wp-content/plugins/elementor/assets/js/ |
1 KB 703 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
onsite
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ |
1 KB 970 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
full-forms
static-forms.klaviyo.com/forms/api/v7/QWaReS/ |
38 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 290 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
dropoff
to.getnitropack.com/ |
20 B 72 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
to.getnitropack.com/ |
20 B 278 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
57 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| e object| NPSH object| NitroScrollHelper boolean| IS_NITROPACK string| NITROPACK_STATE object| nitro_lazySizesConfig object| lazySizes object| NitroPack object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer undefined| proxyPurgeOnly undefined| nitroData undefined| xhr object| wpcf7 object| jetpackLazyImagesL10n object| klUser function| klIdentifyBrowser object| swv function| EvEmitter function| imagesLoaded object| AOS function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Waypoint function| Swiper object| webpackChunkelementor object| elementorModules object| elementorFrontendConfig object| elementorFrontend object| _trfd boolean| _tcclPageReqFired object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| tccl object| scc-c2 object| _learnq string| __klKey object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunk_klaviyo_onsite_modules object| core object| _klOnsite object| klaviyo object| twemoji object| wp object| _trfq6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.desertwitchretreats.com/ | Name: nitroCachedPage Value: 1 |
|
| .desertwitchretreats.com/ | Name: _tccl_visitor Value: 0ad83097-c834-50d1-9f94-80c67f6e23cb |
|
| .desertwitchretreats.com/ | Name: _tccl_visit Value: 0ad83097-c834-50d1-9f94-80c67f6e23cb |
|
| .desertwitchretreats.com/ | Name: _ga_0GPP49VB7H Value: GS1.1.1711160553.1.0.1711160553.0.0.0 |
|
| .desertwitchretreats.com/ | Name: _ga Value: GA1.1.731608960.1711160553 |
|
| www.desertwitchretreats.com/ | Name: __kla_id Value: eyJjaWQiOiJZekF5WlRrNVkySXROR1kyTWkwMFl6UmpMVGc1WldJdE9XTTNNalEyTmpNMk5HVmsiLCIkcmVmZXJyZXIiOnsidHMiOjE3MTExNjA1NTQsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmRlc2VydHdpdGNocmV0cmVhdHMuY29tLyJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTcxMTE2MDU1NCwidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly93d3cuZGVzZXJ0d2l0Y2hyZXRyZWF0cy5jb20vIn19 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn-kedmd.nitrocdn.com
events.api.secureserver.net
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
img1.wsimg.com
mail.desertwitchretreats.com
nitroscripts.com
region1.google-analytics.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.klaviyo.com
to.getnitropack.com
www.desertwitchretreats.com
www.googletagmanager.com
151.101.130.133
151.101.194.133
151.101.2.133
2.19.120.32
2001:4860:4802:32::36
23.229.223.162
2606:4700:4400::6812:2108
2606:4700:4400::6812:255d
2606:4700:4400::ac40:9a69
2a00:1450:4001:813::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a02:26f0:480:d::210:f15c
0aac2fd96d4494069207dc0d2dd79b8d354c636811c951d345e739b44fe23207
0cfc6feaf772463db9d793918685d8957788c62a4f2b82fa7f11ed826338f389
0d344cb3d0bce1f3d9d2cb37800e0a0e018d2c9bf37fdd27dbe3aca177f1e979
1a90927f303dc7235f84001e46a9cfae37507000c124f2ba86fb455b3f4f8457
1b310d352b99571ec2df0eb10f3f87d82ad2c50e0b65162b6f0678e6cda1475f
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
2683218c800e07655327e7edb99cc6dd3529c0e1aa6a2db69caf73df1c3ddc6f
2e57d977289f8a47f0789e0c6ff46205dd25a0c81b7f5d765fb5c0fce7d5538b
3303ed47a5f82f811c9a0334a51e739f5fedb2ec5fd3b36ea979678a27444cf2
381b37762970831071baa2916dcb4008f0039de83e6db97e20085b3c61daff54
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45b1d8d84825569ef3ca3108bb2861da82988fae6acc37588d56cf829f0eda2e
46ade2015c8f9b9cabbf67dfde5da6664f4690725cd94ee6215eeacfe9b19b3f
4b8a3d5894eb52918f2cb453624a6f7058f4de5d54035d709a49cb037217896b
4dcabb967a6a348a2508cb74415e86cabe70f4c921e9d36581047e0e89f20555
4e03be949642d58ff54506feed064bf07bbb2a5747f6b2d4ebf451aff85ce327
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50c8d9a0964160d888754d64ac1e103842784a75de0110745a324d7c537bbe45
51140a14751a131c4e9515869615db9771d03c95720238bc2028379a2f27e70f
54c3f968d138e3ea93f90292000f9db8fe3af48967c7b126ea6a3a3956678f70
56443508006a5d0c896d1e0bc4a41cff0c0c0d28991ec9751da2c384a264d437
5cdc1e048efb330c38f1a8448f79f5c7675121fcdf4b5df8d431760cc846bb22
5df7dc222579e9a41a85e45742e22bb37d8f728e01887c1d14fe5ae00f905d70
69d57ebcfc53c24cdf2839e7cc75f613e9f2a4e6bbefa122a26c4bd653a0d914
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
80fe94755091f74fcd7089fe69561fce463c4c816c678dbfd42d975ec1329793
8fe3651d5cbb3660fe8fecf5c9779047d4136a6ed9ef6252a35d4eb5277a482d
9a36da947c8c70de79dd8d2e3c50c62874034aaa2d2e33927e15584501786a85
9c640e6366fb98b2f3182584843529b2bcfed7e8f9178b2a43708110020cf4eb
a0ae489b203fbd25bd7497fc94e529749f01bf2fd7e934b21b8cd5b357198239
a44e0881b9be6c56f97f206cef5701cb062c5a59df30f092eea43e33f1b3e147
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
ae3a0f820a82bd18edbc4c3c7efb48861b4c418efd3be5f6eb482086eb684bcd
af51a75bb968828da85345186574cd1fb0575e1b7d3faa6ba697248add728e06
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
bb8d8f1ac92076838afbc5d039b1f60ad83c1dcb38911112059afeae7dc4583d
c015611a3ff41f198edde4088f3a83fbdeedc4469df6998dbdd4cd963d13012b
c33ac6bac0d25dcb6f29eca048dfb3fcc7e0e50ef3df9aecb3f5375f7b1300b9
c8897d2e544b210584f860689c274c2e8436099519d6e535d4b297a129128d23
d32eb598d06797c30eb0ab0f472c07bb6798f03654f4829a964a70d5c4dec9da
de5993e6eb07a28001574b388e4b4ef82ba60b8ec0801a7e103fac12795f3972
e301943f5f3cb3486ab3f4c75c0315e96891268a76b8663b6a490324e39d1664
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0cc59e30a12dd4ca34ef844e0a8e80d86fb07ddff9f8803b2c8eb4a7e7d9f5c
f5478093cbd10c6f050a10a8b06ea68f587a3b237718cd1a1b1f9b8b37ccff4a
fd4f550185bf7d09e35468a5e8069cf5f2ea4f48cdf619f8239b3bd824fba3ad