witchygirlanna.com Open in urlscan Pro
2a09:8280:1:9032:60eb:1797:5542:d0db Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://witchygirlanna.com/
Effective URL:
https://witchygirlanna.com/
Submission: On April 15 via api (April 15th 2023, 7:42:14 am UTC) from US — Scanned from DE

Summary HTTP 82 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 24 IPs in 2 countries across 16 domains to perform 82 HTTP transactions. The main IP is 2a09:8280:1:9032:60eb:1797:5542:d0db, located in United States and belongs to FLY, US. The main domain is witchygirlanna.com.
TLS certificate: Issued by R3 on February 20th 2023. Valid for: 3 months.

This is the only time witchygirlanna.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	2a09:8280:1:9... 2a09:8280:1:9032:60eb:1797:5542:d0db	40509 (FLY) (FLY)
3	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:f000:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
7	2606:4700:10:... 2606:4700:10::ac43:14b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
10	2606:4700:10:... 2606:4700:10::6816:2762	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:8d:... 2a04:4e42:8d::720	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	35.160.240.154 35.160.240.154	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
82	24

25 2a09:8280:1:9032:60eb:1797:5542:d0db (United States) 1 redirects

ASN40509 (FLY, US)

witchygirlanna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:f000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::ac43:14b6 (United States)

ASN13335 (CLOUDFLARENET, US)

beacons.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::6816:2762 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.beacons.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)

images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.160.240.154 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-240-154.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	witchygirlanna.com 1 redirects witchygirlanna.com	746 KB
17	beacons.ai beacons.ai — Cisco Umbrella Rank: 65390 cdn.beacons.ai — Cisco Umbrella Rank: 98210	2 MB
10	youtube.com 1 redirects youtube.com — Cisco Umbrella Rank: 55 www.youtube.com — Cisco Umbrella Rank: 85	858 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1176 q.stripe.com — Cisco Umbrella Rank: 6857 m.stripe.com — Cisco Umbrella Rank: 1155	127 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	69 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39 jnn-pa.googleapis.com — Cisco Umbrella Rank: 226	32 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 260	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2400	20 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1232	18 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	139 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 241	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 109	26 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
1	unsplash.com images.unsplash.com — Cisco Umbrella Rank: 4754	127 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 910	44 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 247	442 B
82	16

	Domain	Requested by
25	witchygirlanna.com	1 redirects witchygirlanna.com
10	cdn.beacons.ai	witchygirlanna.com
9	www.youtube.com	witchygirlanna.com www.youtube.com
7	beacons.ai	witchygirlanna.com
4	jnn-pa.googleapis.com	www.youtube.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	q.stripe.com	witchygirlanna.com
3	js.stripe.com	witchygirlanna.com js.stripe.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	region1.google-analytics.com	www.googletagmanager.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.googletagmanager.com	witchygirlanna.com www.googleoptimize.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	m.stripe.com	m.stripe.network
1	fonts.googleapis.com	witchygirlanna.com
1	images.unsplash.com	witchygirlanna.com
1	youtube.com	1 redirects
1	www.google-analytics.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	sentry.io	witchygirlanna.com
82	24

This site contains links to these domains. Also see Links.

Domain
tiktok.com
instagram.com
youtu.be
beacons.ai
billing.stripe.com
www.youtube.com
www.tiktok.com
www.instagram.com

Subject Issuer	Validity	Valid
witchygirlanna.com R3	`2023-02-20` - `2023-05-21`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-07-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
beacons.ai E1	`2023-02-19` - `2023-05-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
cdn.beacons.ai E1	`2023-02-19` - `2023-05-20`	3 months	crt.sh
images.unsplash.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-12` - `2024-04-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://witchygirlanna.com/
Frame ID: C9E8A320A474BFF19CC18416E5173C54
Requests: 49 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 04174DAC7751C3E912DE9C45AB0E3FBF
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 653F02903DD1C9485B0B956BBDD5C926
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube.com/embed/VSfvaC5DVGw
Frame ID: 5D36A8C83AFB4EF1CBE28F0B7A155FD0
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

witchygirlanna.comtiktok.com/@instagram.com/youtube.com/

Page URL History Show full URLs

http://witchygirlanna.com/ HTTP 302
https://witchygirlanna.com/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

82
Requests

99 %
HTTPS

83 %
IPv6

16
Domains

24
Subdomains

24
IPs

2
Countries

4016 kB
Transfer

8406 kB
Size

10
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://tiktok.com/@witchygirlanna
Title: tiktok.com/@

Search URL Search Domain Scan URL

URL: https://instagram.com/witchygirlanna
Title: instagram.com/

Search URL Search Domain Scan URL

URL: https://youtu.be/VSfvaC5DVGw
Title: youtube.com/

Search URL Search Domain Scan URL

URL: https://beacons.ai/signup?c=witchygirlanna&utm_source=beacons_user&utm_medium=lib_referral_program&utm_campaign=witchygirlanna
Title: Get a $20 Beacons Credit discount code Use this link to get $20 credit!

Search URL Search Domain Scan URL

URL: http://billing.stripe.com/p/login/28odSJ45zgK0cJGaEE
Title: subscribe & join witchygirlanna’s goddess clubembrace your inner divine

Search URL Search Domain Scan URL

URL: http://www.youtube.com/@witchygirlanna
Title: YouTubewitchygirlanna

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@witchygirlanna
Title: TikTokwitchygirlanna

Search URL Search Domain Scan URL

URL: https://www.instagram.com/witchygirlanna/
Title: Instagramwitchygirlanna

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://witchygirlanna.com/ HTTP 302
https://witchygirlanna.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://youtube.com/embed/VSfvaC5DVGw HTTP 301
https://www.youtube.com/embed/VSfvaC5DVGw

Request Chain 64

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

82 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
witchygirlanna.com/
Redirect Chain

http://witchygirlanna.com/
https://witchygirlanna.com/

47 KB
22 KB

211ms
170ms

Document
text/html

2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: f22d676e5d29323343fc977ba6091b95e4d85b7feac2d769b803d81c9aea6603

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 07:42:07 GMT
etag: W/"ba0a-P978j5TBuycxxh3YFX6X1zZPZbg"
fly-cache-status: MISS
fly-request-id: 01GY1XTFAGM7296E8ZHS91ZMXN-fra
server: Fly/ad79467d (2023-04-14)
via: 2 fly.io
x-powered-by: Express

Redirect headers

connection: keep-alive
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 07:42:07 GMT
fly-request-id: 01GY1XTF606T4MG3CN1AZ3P249-fra
keep-alive: timeout=30
location: https://witchygirlanna.com/
server: Fly/ad79467d (2023-04-14)
transfer-encoding: chunked
vary: Accept
via: 1.1 fly.io
x-powered-by: Express

GET
H2 200 beaconsPolyfill.min.js Show response
witchygirlanna.com/ 30 KB
13 KB 111ms
110ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/beaconsPolyfill.min.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 38f4a39da149d1fceb410d4a54a14f654f25fc2a1ffc31cc2e45c7ffa9773889

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFFYARHSTFPZW5RSBDJE-fra
x-powered-by: Express
etag: W/"776d-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 v3 Show response
js.stripe.com/ 460 KB
124 KB 87ms
19ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: witchygirlanna.com
URL: https://witchygirlanna.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

019d6f47a324531a1902c422cc514fd85f2314af59a730992a819e989bbed578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 07:42:07 GMT
via: 1.1 varnish
age: 12
x-cache: HIT
content-length: 126243
x-request-id: 99bae57c-908b-4370-be6f-ceee8c451809
x-served-by: cache-hhn-etou8220043-HHN
last-modified: Fri, 14 Apr 2023 20:32:19 GMT
server: Fastly
etag: "bb29ba46bab33e92994209c90b6bda16"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 main.97a6a0df.js Show response
witchygirlanna.com/static/js/ 902 KB
377 KB 106ms
105ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 1338d0fd472538384e53e52371016f8e1f9b113f6bafdfd87a1ca918dfef7d30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFKWVVJ1577P49SZE2NA-fra
x-powered-by: Express
etag: W/"e19d3-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 main.0960a5ed.css
witchygirlanna.com/static/css/ 142 KB
38 KB 103ms
103ms Stylesheet
text/css 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/css/main.0960a5ed.css
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 25db6331b7c5a04b0b2c33969a75d6c9a9e141bd4ae2907a57bc24088aa29752

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFFYJEM6F1AQW9FADK8V-fra
x-powered-by: Express
etag: W/"2370f-18782b9a428"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

POST
H/1.1 200
OK / Show response
sentry.io/api/1516749/envelope/ 2 B
442 B 605ms
129ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1516749/envelope/?sentry_key=334b820bd2344df2945a43c3aa2c17f7&sentry_version=7&sentry_client=sentry.javascript.react%2F7.41.0

Requested by

Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://witchygirlanna.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 07:42:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
vary: origin,access-control-request-method,access-control-request-headers
Content-Type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 2

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 0417 200 B
787 B 20ms
20ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://witchygirlanna.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 11079425
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 07:42:07 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 07 Dec 2022 23:30:12 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1082942
x-content-type-options: nosniff
x-request-id: 7c51df90-d32b-4e7c-a76a-05d9ccf50546
x-served-by: cache-hhn-etou8220043-HHN

GET
H2 200 4270.d40395d2.chunk.js Show response
witchygirlanna.com/static/js/ 15 KB
7 KB 110ms
110ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/4270.d40395d2.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 0ae07a56a2e50d75768a815d320bce4aa614380332b5f4c5affa2d4a1b5d90fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFXAH9PMZNRWYAX1PZ3M-fra
x-powered-by: Express
etag: W/"3b71-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 1889.c08ba47e.chunk.js Show response
witchygirlanna.com/static/js/ 7 KB
3 KB 113ms
113ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/1889.c08ba47e.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: affc28e40f37eafc1a2537d0d76ff8d1d872a825eb41a63c022d966540199b61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFXBJYAS4435T1TN8YCG-fra
x-powered-by: Express
etag: W/"1a77-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 2967.bb1256cd.chunk.js Show response
witchygirlanna.com/static/js/ 11 KB
6 KB 106ms
105ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/2967.bb1256cd.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 795b9c9fbbc11b86bed3e8c446ee6e7a54e89f09f65255c0db1ed1ae2d1d9357

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFXB128MRS5X3QJJMW2K-fra
x-powered-by: Express
etag: W/"2d13-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 9107.9898f6ad.chunk.js Show response
witchygirlanna.com/static/js/ 22 KB
10 KB 112ms
112ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/9107.9898f6ad.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: fd00320c73391d4e2d2e4e2b42e154186f6c5dd96de9664b2bca20e6437be326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFXBQRP3F7BGZJ97B2MT-fra
x-powered-by: Express
etag: W/"5672-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 48.43f83dd5.chunk.js Show response
witchygirlanna.com/static/js/ 20 KB
10 KB 110ms
110ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/48.43f83dd5.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 4b8d3aa81118380a4ee3869282254067e7fe72442ef787f57123db62e39c46ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFXB61ZGDT2FGS0CJ7MF-fra
x-powered-by: Express
etag: W/"4f44-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 7143.09e70d59.chunk.js Show response
witchygirlanna.com/static/js/ 173 KB
27 KB 110ms
110ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/7143.09e70d59.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 9ceec79c3dd157b37e2adf79fdf916730a430200fb1276f3f0fea4429f7d580a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFXBW1RPYF6QTSSS3K2X-fra
x-powered-by: Express
etag: W/"2b2b5-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 7391.d4d5699c.chunk.js Show response
witchygirlanna.com/static/js/ 59 KB
25 KB 111ms
111ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/7391.d4d5699c.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 410b0bedd565c9a17c0b01e08246e212c2f085a2d5137622c379707cc77d1d14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFXBNR1RB86ZG9SM7X43-fra
x-powered-by: Express
etag: W/"eb9c-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 3909.652fd5f1.chunk.js Show response
witchygirlanna.com/static/js/ 33 KB
16 KB 105ms
105ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/3909.652fd5f1.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 505ae64b5f5c7ab9421878f97b2859e81cccdb54df834baec7a09bc30573d0c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFXC24W4Q7F7MVBVM4YW-fra
x-powered-by: Express
etag: W/"85ed-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 1972.2c527b71.chunk.js Show response
witchygirlanna.com/static/js/ 26 KB
14 KB 112ms
111ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/1972.2c527b71.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 854c917ca272599d26f98cd77b292462031a00de2e95937bc56e8a2eee59e612

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFXC2H3H1Z8J6ANQNV07-fra
x-powered-by: Express
etag: W/"69f5-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 9848.5d7a5eb9.chunk.js Show response
witchygirlanna.com/static/js/ 8 KB
4 KB 106ms
106ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/9848.5d7a5eb9.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 4a0cc5182faa1e1183499e64c7d384d044aaa14bb8472f2fe5fb20ef10d37da7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFXCJV9068P1PK4JSADY-fra
x-powered-by: Express
etag: W/"1fc9-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 1116.72a6c2f4.chunk.js Show response
witchygirlanna.com/static/js/ 42 KB
18 KB 122ms
122ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/1116.72a6c2f4.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 0fe79d62d4f5f6efa957cc813482428fb09dbed1a57ebbd3ecd3aa664d5960bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFXZJBQWGQZ3PT53SZ58-fra
x-powered-by: Express
etag: W/"a791-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 1035.83e8264a.chunk.js Show response
witchygirlanna.com/static/js/ 75 KB
28 KB 122ms
122ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/1035.83e8264a.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: e402bd7b78faf479094503549a5402243db778e0e48e1922246518e83d31e235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFXZK2X3NJ6130BK3NRB-fra
x-powered-by: Express
etag: W/"12dd8-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 2398.9f5c8090.chunk.js Show response
witchygirlanna.com/static/js/ 20 KB
10 KB 130ms
130ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/2398.9f5c8090.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 6aee3cbbddc78ce01efe79339d1f03340c14b0ee2aba959b537e77d3dfa0f7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFY0W8TN6SXYZRJBMXYQ-fra
x-powered-by: Express
etag: W/"4f79-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 5319.65014de0.chunk.js Show response
witchygirlanna.com/static/js/ 23 KB
9 KB 126ms
126ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/5319.65014de0.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 8676e1ed89f49d16f729309f51fe36cc8b6405125517f0002d45cd5602db0cf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFY0HR6EZJH3TQA5Q4DD-fra
x-powered-by: Express
etag: W/"5cc7-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 4629.75188791.chunk.js Show response
witchygirlanna.com/static/js/ 197 KB
75 KB 125ms
125ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/4629.75188791.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 45758018f069cc2a22a3e44fc85cde613ee442c975a8c30abd9b3a2eca1a8e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFY01QSC3Q25DMHG8TAH-fra
x-powered-by: Express
etag: W/"31575-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 3820.f491aa38.chunk.js Show response
witchygirlanna.com/static/js/ 19 KB
7 KB 131ms
129ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/3820.f491aa38.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 42949cfff2c33122ee42df9e8968ab129db58bb8175ef12de61a09d29cd2773b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFY044P69KG7S2H1Y169-fra
x-powered-by: Express
etag: W/"4cf8-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 6666.2521904a.chunk.js Show response
witchygirlanna.com/static/js/ 16 KB
6 KB 131ms
128ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/6666.2521904a.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 914168914235540a7117e4b20d435c022a0d356f02f25ca3f31ed929d4b0f891

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFY0FT1DYZ1GB8NW4BHS-fra
x-powered-by: Express
etag: W/"3ff8-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 829.0ddbb1f1.chunk.js Show response
witchygirlanna.com/static/js/ 16 KB
8 KB 131ms
128ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/829.0ddbb1f1.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: b06e5ad0d7f8fb38b68580d2f54d8a18cef9fb44946e3acf2c3a0291a55eef2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFY07Y09EDMHADHECBS0-fra
x-powered-by: Express
etag: W/"402e-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 1404.40270b4c.chunk.js Show response
witchygirlanna.com/static/js/ 15 KB
8 KB 126ms
123ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/1404.40270b4c.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: 99e7792a9d2fca589922bfa715e45bee923baa4cf1fe5f2ba90c2ba093a25a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFY1WKZBCZJBWR0Q0GCG-fra
x-powered-by: Express
etag: W/"3bc5-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 2547.8a735c4e.chunk.js Show response
witchygirlanna.com/static/js/ 7 KB
3 KB 129ms
127ms Script
application/javascript 2a09:8280:1:9032:60eb:1797:5542:d0db
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://witchygirlanna.com/static/js/2547.8a735c4e.chunk.js
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ad79467d (2023-04-14) / Express
Resource Hash: d1664891105db859e30c93cf66e11ba4f393733fa6ba331d3b926ceb2c474e76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Sat, 15 Apr 2023 02:23:37 GMT
server: Fly/ad79467d (2023-04-14)
fly-request-id: 01GY1XTFY1G85EYEFDZ2F1J0D3-fra
x-powered-by: Express
etag: W/"1b21-18782b9a428"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
62 KB 80ms
32ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5CT2DBW

Requested by

Host: witchygirlanna.com
URL: https://witchygirlanna.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56b32c337629bdfc37d24ff1d9868e1c5eba23b76d511e5fc1e213fca6c50c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63169
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Apr 2023 07:42:07 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 0417 0
716 B 603ms
191ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: witchygirlanna.com
URL: https://witchygirlanna.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1681544528305059
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1681544528304615
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 0417 0
717 B 603ms
190ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: witchygirlanna.com
URL: https://witchygirlanna.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1681544528304917
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1681544528304648
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0417 631 B
461 B 19ms
19ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 07:42:07 GMT
via: 1.1 varnish
age: 11079425
x-cache: HIT
content-length: 332
x-request-id: c65d83c7-3e40-4f65-89b7-ba95176e74ec
x-served-by: cache-hhn-etou8220043-HHN
last-modified: Wed, 07 Dec 2022 23:30:11 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 981704

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 653F 930 B
2 KB 121ms
24ms Document
text/html 2600:9000:2057:f000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:f000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 49
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 07:41:18 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-id: BFUrr9w3D9wR9gEdJBMIkODy1Vqmlf-oLGqDkBsuPHNFPxdd_KJiRA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 112 KB
44 KB 194ms
29ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NTWKDCS

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CT2DBW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

375b2e2103fec7c53b8561c4a17f9d8d97dd179c8bc382fa74e79f8b24cdd29e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44826
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Apr 2023 07:42:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 190ms
22ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CT2DBW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 06:11:32 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5436
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 15 Apr 2023 08:11:32 GMT

POST
H2 200 link_actions Show response
beacons.ai/api/ 5 B
144 B 178ms
176ms XHR
application/json 2606:4700:10::ac43:14b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beacons.ai/api/link_actions

Requested by

Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:14b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a279376551117f31ed9d92797023d0f89b376a6392801c7d6626e4cb7877e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept: application/json, text/plain, */*
Referer: https://witchygirlanna.com/
X-Beacons-Application-Viewed: web
X-Beacons-Release: 10.8.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
strict-transport-security: max-age=31556926
cf-cache-status: DYNAMIC
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5
x-served-by: cache-fra-eddf8230092-FRA
server: cloudflare
x-timer: S1681544528.306091,VS0,VE139
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 1f8006bf646890fc3c81c916bf86a437
cache-control: private
accept-ranges: bytes
cf-ray: 7b828cd5cec96919-FRA
x-orig-accept-language: de-DE,de;q=0.9
access-control-allow-headers: Content-Type
x-country-code: DE
x-cache-hits: 0

POST
H2 200 page_visit Show response
beacons.ai/api/rtanalytics/ 2 B
118 B 186ms
185ms XHR
text/html 2606:4700:10::ac43:14b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beacons.ai/api/rtanalytics/page_visit

Requested by

Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:14b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept: application/json, text/plain, */*
Referer: https://witchygirlanna.com/
X-Beacons-Release: 10.8.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: DYNAMIC
x-powered-by: Express
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230050-FRA
server: cloudflare
x-timer: S1681544528.311410,VS0,VE132
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: b2798b2d6b93bea39853351e7658613e
cache-control: private
x-orig-accept-language: de-DE,de;q=0.9
cf-ray: 7b828cd5beaa6919-FRA
x-country-code: DE
x-cache-hits: 0

GET
H2

200

VSfvaC5DVGw Show response
www.youtube.com/embed/ Frame 5D36
Redirect Chain

https://youtube.com/embed/VSfvaC5DVGw
https://www.youtube.com/embed/VSfvaC5DVGw

72 KB
31 KB

145ms
100ms

Document
text/html

2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/VSfvaC5DVGw

Requested by

Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1dee0f650ac746b9efb69bbe99705e471f5498d287c0c73aa127b2205849a1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://witchygirlanna.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 07:42:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=31536000
content-length: 0
content-type: application/binary
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 07:42:08 GMT
expires: Sat, 15 Apr 2023 07:42:08 GMT
location: https://www.youtube.com/embed/VSfvaC5DVGw
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 profile_witchygirlanna.png
cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/ 284 KB
285 KB 433ms
365ms Image
image/png 2606:4700:10::6816:2762
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/profile_witchygirlanna.png?t=1671537972728
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2762 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b8f0ad91caedcbe2ebb6538c2190310ce5bab56d97fe8273d8561e7036f0385

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycduCkCv3KMm3bhdCdg-2pwCetf4HSBz7hXAjQFmWAOhF_hDRW19gCJd-n6GvGgUb0SjxhuqWFZMHw7uzU92s_3TFSr6cd8XH
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''profile_witchygirlanna.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 291161
last-modified: Tue, 20 Dec 2022 12:06:12 GMT
server: cloudflare
etag: "2733120a041197ccf20403759e79edeb"
vary: Accept-Encoding
x-goog-generation: 1671537972355904
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=N75izQ==, md5=JzMSCgQRl8zyBAN1nnnt6w==
access-control-expose-headers: Content-Type, x-guploader-uploadid, x-goog-acl
cache-control: public, max-age=14400
x-goog-stored-content-length: 291161
x-goog-meta-firebasestoragedownloadtokens: 07b125c5-7abf-4aae-96f1-250e3fdb2244
accept-ranges: bytes
cf-ray: 7b828cd4a9e137fc-FRA
expires: Sat, 15 Apr 2023 08:42:08 GMT

GET
H2 200 beacons_padded.png
cdn.beacons.ai/images/beacons_assets/ 2 KB
3 KB 104ms
36ms Image
image/png 2606:4700:10::6816:2762
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.beacons.ai/images/beacons_assets/beacons_padded.png
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2762 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94dcc5a6e325b41d229e028c325f0d61f46d4e8bbaa21b1bd14a4dfb79becb76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
cf-cache-status: HIT
age: 1460
cf-polished: origSize=3086, status=vary_header_present
x-guploader-uploadid: ADPycdv-ZLU7FLY5iRylQagMh0cBV7Hsvcw99PK9TpYo4d5uI85FzL3yDO5EC-dIYL0k4k6P-Igz_hySXsWoAFIvIg0Y
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''beacons_padded.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1806
cf-bgj: imgq:100,h2pri
last-modified: Fri, 18 Dec 2020 09:14:14 GMT
server: cloudflare
etag: "f035d255bf53daeb9397a16ac89df3af"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1608282854262303
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=AAr4Yg==, md5=8DXSVb9T2uuTl6FqyJ3zrw==
access-control-expose-headers: Content-Type, x-guploader-uploadid, x-goog-acl
cache-control: public, max-age=14400
x-goog-stored-content-length: 3086
x-goog-meta-firebasestoragedownloadtokens: d88599a3-2349-488a-b2c6-0890c80537d9
accept-ranges: bytes
cf-ray: 7b828cd4a9e337fc-FRA
expires: Sat, 15 Apr 2023 07:35:45 GMT

GET
H2 200 87bc09c9-86e6-411b-ab42-8c5cfba0e237.png
cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/link_images/ 196 KB
196 KB 512ms
444ms Image
image/png 2606:4700:10::6816:2762
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/link_images/87bc09c9-86e6-411b-ab42-8c5cfba0e237.png?t=1671560685097
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2762 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b37b4b8cdd10d35d2a711d9bbc2272462c4bdd53453edf6a999879efc217930

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdvcsYSpowcXHdevdCMT1k6UhcbdxmxjozJnOmmoxPdiYxKvhDbcHfnzs_tNpyKdnlLouP4akaDo-uSrGdLHYJvJ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''87bc09c9-86e6-411b-ab42-8c5cfba0e237.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 200291
last-modified: Tue, 20 Dec 2022 18:24:44 GMT
server: cloudflare
etag: "ba2239c2f0b0a894747af5df8e0a07d7"
vary: Accept-Encoding
x-goog-generation: 1671560684695703
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=lSuWxw==, md5=uiI5wvCwqJR0evXfjgoH1w==
access-control-expose-headers: Content-Type, x-guploader-uploadid, x-goog-acl
cache-control: public, max-age=14400
x-goog-stored-content-length: 200291
x-goog-meta-firebasestoragedownloadtokens: ecb17ba3-8a8a-43de-b6c0-ba2fb3c47061
accept-ranges: bytes
cf-ray: 7b828cd4a9e437fc-FRA
expires: Sat, 15 Apr 2023 08:42:08 GMT

GET
H2 200 photo-1518531933037-91b2f5f229cc
images.unsplash.com/ 127 KB
127 KB 251ms
171ms Image
image/jpeg 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1518531933037-91b2f5f229cc?ixid=MnwxMTAwMjh8MHwxfHJhbmRvbXx8fHx8fHx8fDE2NzI1NjY3ODM&ixlib=rb-4.0.3&q=80&fm=jpg&crop=entropy&fit=max&h=1080

Requested by

Host: witchygirlanna.com
URL: https://witchygirlanna.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

a48246193efe999e94950e3ea17559a2d60d4f2d063a4712afb3917dbb68090c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
x-content-type-options: nosniff
age: 259889
x-cache: HIT, MISS
x-imgix-id: 6f170eec35e5907be8064f59e38ee0cd4d030cfe
cross-origin-resource-policy: cross-origin
content-length: 129662
x-served-by: cache-sjc10029-SJC, cache-fra-eddf8230134-FRA
x-imgix-render-farm: 01.9288
last-modified: Wed, 12 Apr 2023 07:30:39 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 3923e3e2-e1ef-434d-8780-d7a52e2937dc.jpeg
cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/booking_files/ 115 KB
115 KB 518ms
452ms Image
image/jpeg 2606:4700:10::6816:2762
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/booking_files/3923e3e2-e1ef-434d-8780-d7a52e2937dc.jpeg?t=1671540330187
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2762 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d7b1cd2df111a059e1003a1daf38b3c8818abec0cca0d6cf6421b2bcab74224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycduue3bfXFhaAjDbXNn4SXo0FuVoGLfwh4nTIak_MLTEpXGJlXN32qnCNSUnOPWtKAcJLYbK4X63BPX_5ASVvuu2K47Dis9T
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''3923e3e2-e1ef-434d-8780-d7a52e2937dc.jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117438
last-modified: Tue, 20 Dec 2022 12:45:29 GMT
server: cloudflare
etag: "2d07d849a2fb3a80b85430194019117c"
vary: Accept-Encoding
x-goog-generation: 1671540329817971
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=NQS82g==, md5=LQfYSaL7OoC4VDAZQBkRfA==
access-control-expose-headers: Content-Type, x-guploader-uploadid, x-goog-acl
cache-control: public, max-age=14400
x-goog-stored-content-length: 117438
x-goog-meta-firebasestoragedownloadtokens: c8bc9e01-1338-434b-8dfd-5c2445534b28
accept-ranges: bytes
cf-ray: 7b828cd4a9e637fc-FRA
expires: Sat, 15 Apr 2023 08:42:08 GMT

GET
H2 200 d040a550-eb3e-4db2-a130-871b407ba2ad.jpeg
cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/booking_files/ 130 KB
131 KB 470ms
404ms Image
image/jpeg 2606:4700:10::6816:2762
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/booking_files/d040a550-eb3e-4db2-a130-871b407ba2ad.jpeg?t=1671540448877
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2762 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8df4212a1e80e652dd51006082e1bb02be5eb57baaddc33d996f9aee32481106

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdslvr6JF5edOvinwgyfZb_TSX4-qmQzfl_cLiVd1h4w-apvty0Wio_6M7jY6wdNVPtCi7mY_USoZCnSRYt-VpsP9C-Ngi6t
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''d040a550-eb3e-4db2-a130-871b407ba2ad.jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 133331
last-modified: Tue, 20 Dec 2022 12:47:28 GMT
server: cloudflare
etag: "7d38869f7c2630870eb92987f0340233"
vary: Accept-Encoding
x-goog-generation: 1671540448454155
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=aCdDVA==, md5=fTiGn3wmMIcOuSmH8DQCMw==
access-control-expose-headers: Content-Type, x-guploader-uploadid, x-goog-acl
cache-control: public, max-age=14400
x-goog-stored-content-length: 133331
x-goog-meta-firebasestoragedownloadtokens: 15b05335-2554-431d-b18b-b1bd2ae53f94
accept-ranges: bytes
cf-ray: 7b828cd4a9e737fc-FRA
expires: Sat, 15 Apr 2023 08:42:08 GMT

GET
H2 200 577bc0cf-c0d9-40c3-af41-70e65cd48abd.jpeg
cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/booking_files/ 236 KB
237 KB 518ms
453ms Image
image/jpeg 2606:4700:10::6816:2762
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/booking_files/577bc0cf-c0d9-40c3-af41-70e65cd48abd.jpeg?t=1671540124618
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2762 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dc4b2d5309f9dbf09408a1442c4973c2e346b72332bd9449ea56007f261de53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdvHM3t_aXiILASeh6J2xXTkX8cpua8Yp4Z0Cadwpp1fD2wh8kv3Gm70p_AojwJSnbZiyJgIY_VSNvUKydmIv_3Azk0KzXAH
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''577bc0cf-c0d9-40c3-af41-70e65cd48abd.jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 241938
last-modified: Tue, 20 Dec 2022 12:42:04 GMT
server: cloudflare
etag: "b1db177245076d0b42d62504e4364236"
vary: Accept-Encoding
x-goog-generation: 1671540124323652
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=1rO6JA==, md5=sdsXckUHbQtC1iUE5DZCNg==
access-control-expose-headers: Content-Type, x-guploader-uploadid, x-goog-acl
cache-control: public, max-age=14400
x-goog-stored-content-length: 241938
x-goog-meta-firebasestoragedownloadtokens: 2b8e0888-8a49-47d3-b4eb-5bfb354ee2b9
accept-ranges: bytes
cf-ray: 7b828cd4a9e837fc-FRA
expires: Sat, 15 Apr 2023 08:42:08 GMT

GET
H2 200 6ea48f26-b3b7-432a-bdc4-e7a8e37eb48a.jpeg
cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/booking_files/ 143 KB
144 KB 425ms
424ms Image
image/jpeg 2606:4700:10::6816:2762
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/booking_files/6ea48f26-b3b7-432a-bdc4-e7a8e37eb48a.jpeg?t=1671540566942
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2762 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fda3029057ef721c9d8077fa669d060094b724a406fc6b4d65fc796486f75dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdsPJThHmhpLtX1UenmTv5rttoIK0wa1RhFRCgYi2BdCB4xBzmeoc9GttTxYvsGJGBJzFGS9DH8CpIEa43zcICsV6UNU9Atj
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''6ea48f26-b3b7-432a-bdc4-e7a8e37eb48a.jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 146716
last-modified: Tue, 20 Dec 2022 12:49:26 GMT
server: cloudflare
etag: "8bf6d5c0254b964703eb57ee209178df"
vary: Accept-Encoding
x-goog-generation: 1671540566613119
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=dGfDhw==, md5=i/bVwCVLlkcD61fuIJF43w==
access-control-expose-headers: Content-Type, x-guploader-uploadid, x-goog-acl
cache-control: public, max-age=14400
x-goog-stored-content-length: 146716
x-goog-meta-firebasestoragedownloadtokens: 9167a51b-f0cc-44b2-8ebb-c2b0d844f1c2
accept-ranges: bytes
cf-ray: 7b828cd4da1c37fc-FRA
expires: Sat, 15 Apr 2023 08:42:08 GMT

GET
H2 200 16d31afe-d395-4191-9328-7916d8cd5850.jpeg
cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/booking_files/ 136 KB
136 KB 425ms
424ms Image
image/jpeg 2606:4700:10::6816:2762
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/booking_files/16d31afe-d395-4191-9328-7916d8cd5850.jpeg?t=1671543856420
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2762 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea4bf6ffa01a54ce4b9543001a0992e2b74d31af497315b34d459aa558c030e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdtBzyNgkL4Cmewv-XDqNHZLor47Bg6cZ6Nf3RDachnNowefE4fWzoRG_Yjcnlw3yEP_4whETKhHAELb0oVMQ017F3WpE_WA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''16d31afe-d395-4191-9328-7916d8cd5850.jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 139060
last-modified: Tue, 20 Dec 2022 13:44:16 GMT
server: cloudflare
etag: "7e4a320797e15b4f310aa6e427dfe97d"
vary: Accept-Encoding
x-goog-generation: 1671543856130001
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=5hpK0g==, md5=fkoyB5fhW08xCqbkJ9/pfQ==
access-control-expose-headers: Content-Type, x-guploader-uploadid, x-goog-acl
cache-control: public, max-age=14400
x-goog-stored-content-length: 139060
x-goog-meta-firebasestoragedownloadtokens: f8aa6257-e7d5-4f41-87fb-842d4f579e38
accept-ranges: bytes
cf-ray: 7b828cd4da1e37fc-FRA
expires: Sat, 15 Apr 2023 08:42:08 GMT

GET
H2 200 68aafae4-a500-41ae-ad22-adf1c56947e6.jpeg
cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/booking_files/ 131 KB
132 KB 425ms
425ms Image
image/jpeg 2606:4700:10::6816:2762
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/booking_files/68aafae4-a500-41ae-ad22-adf1c56947e6.jpeg?t=1671540205054
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2762 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c39d909bd761a803ea44747bfb053acc2ff2953503bc7339557d4eba10d7cc44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdvINeRDrfz2OPCQ0YgmxBOU_ri5JQDLNX7uDLQrLw68JJHS3ImN1MjuzDQVTuQ3xh4zkF2XGHx124c7L4RPtNcQiyrDxsBk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''68aafae4-a500-41ae-ad22-adf1c56947e6.jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 134035
last-modified: Tue, 20 Dec 2022 12:43:24 GMT
server: cloudflare
etag: "e35ae04c2282a90b83d77cfea3233da2"
vary: Accept-Encoding
x-goog-generation: 1671540204652541
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=MqkyTw==, md5=41rgTCKCqQuD13z+oyM9og==
access-control-expose-headers: Content-Type, x-guploader-uploadid, x-goog-acl
cache-control: public, max-age=14400
x-goog-stored-content-length: 134035
x-goog-meta-firebasestoragedownloadtokens: 5dc351f4-6799-44cc-b508-74dfa35bd054
accept-ranges: bytes
cf-ray: 7b828cd4da2037fc-FRA
expires: Sat, 15 Apr 2023 08:42:08 GMT

OPTIONS
H2 204 link_actions
beacons.ai/api/ Frame 0
0 320ms
181ms Preflight
text/html 2606:4700:10::ac43:14b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beacons.ai/api/link_actions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:14b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-beacons-application-viewed,x-beacons-release
Access-Control-Request-Method: POST
Origin: https://witchygirlanna.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Content-Type, Authorization, X-Beacons-Token, X-Beacons-Release, X-Beacons-Application-Viewed
access-control-allow-methods: GET, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7b828cd4ad8b6919-FRA
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 07:42:08 GMT
server: cloudflare
strict-transport-security: max-age=31556926
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: a5b4c56693593868534bea5ee11b91ab
x-country-code: DE
x-served-by: cache-hhn-etou8220053-HHN
x-timer: S1681544528.124865,VS0,VE137

OPTIONS
H2 204 page_visit
beacons.ai/api/rtanalytics/ Frame 0
0 311ms
173ms Preflight
text/html 2606:4700:10::ac43:14b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beacons.ai/api/rtanalytics/page_visit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:14b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-beacons-release
Access-Control-Request-Method: POST
Origin: https://witchygirlanna.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-beacons-release
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7b828cd4ad8c6919-FRA
content-type: text/html
date: Sat, 15 Apr 2023 07:42:08 GMT
server: cloudflare
strict-transport-security: max-age=31556926
vary: Access-Control-Request-Headers,cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: 977774639135d899d3b45e2fd47412fd
x-country-code: DE
x-powered-by: Express
x-served-by: cache-fra-eddf8230092-FRA
x-timer: S1681544528.124211,VS0,VE133

OPTIONS
H2 204 user_profile
beacons.ai/api/ Frame 0
0 225ms
183ms Preflight
text/html 2606:4700:10::ac43:14b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beacons.ai/api/user_profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:14b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-beacons-application-viewed,x-beacons-release
Access-Control-Request-Method: POST
Origin: https://witchygirlanna.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Content-Type, Authorization, X-Beacons-Token, X-Beacons-Release, X-Beacons-Application-Viewed
access-control-allow-methods: GET, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7b828cd4ad8d6919-FRA
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 07:42:08 GMT
server: cloudflare
strict-transport-security: max-age=31556926
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: 0122280e2573ec008a6e23de0df1f537
x-country-code: DE
x-served-by: cache-fra-eddf8230050-FRA
x-timer: S1681544528.136226,VS0,VE132

GET
H2 200 css
fonts.googleapis.com/ 701 B
778 B 86ms
29ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cutive+Mono:400,700|sans-serif:400,700

Requested by

Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/1404.40270b4c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7a7def8f2ff913811bf04ec3107fad082b0f4e3e931636131a7958869e0d118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 07:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 07:42:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 07:42:08 GMT

POST
H2 200 user_profile Show response
beacons.ai/api/ 5 KB
1 KB 409ms
409ms XHR
application/json 2606:4700:10::ac43:14b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beacons.ai/api/user_profile

Requested by

Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:14b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5d54b1d1ac6021d7725139fd9e9109f9c68dfca1261fbf5e785f08575eb4378

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept: application/json, text/plain, */*
Referer: https://witchygirlanna.com/
X-Beacons-Application-Viewed: web
X-Beacons-Release: 10.8.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: DYNAMIC
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-hhn-etou8220053-HHN
server: cloudflare
x-timer: S1681544528.306166,VS0,VE371
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 628bf0319c1c9e2eb194ab28e6f32cb0
cache-control: private
cf-ray: 7b828cd5decc6919-FRA
x-orig-accept-language: de-DE,de;q=0.9
access-control-allow-headers: Content-Type
x-country-code: DE
x-cache-hits: 0

GET
H2 200 document_service Show response
beacons.ai/api/ 27 KB
8 KB 265ms
224ms XHR
application/json 2606:4700:10::ac43:14b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beacons.ai/api/document_service?f=1ISYu5WYsJXanlHajRXa39Cdpt2XhlGZl1mINmL

Requested by

Host: witchygirlanna.com
URL: https://witchygirlanna.com/static/js/main.97a6a0df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:14b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d270f0600f69888ecd2cc8ae08830ad8a8df2249d30a46f4b8969073a2e5145e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept: application/json, text/plain, */*
Referer: https://witchygirlanna.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: DYNAMIC
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230024-FRA
server: cloudflare
x-timer: S1681544528.130698,VS0,VE178
etag: W/"6a14-Vce8TGs1e/NYSbmU+38gUSipEeU"
vary: Origin,cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://witchygirlanna.com
x-cloud-trace-context: fe71b1d7ea2ffc007a20c00885a2d3d6
cache-control: private
function-execution-id: o64gxxoyp4q2
x-orig-accept-language: de-DE,de;q=0.9
cf-ray: 7b828cd4ad8f6919-FRA
x-country-code: DE
x-cache-hits: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 653F 0
490 B 243ms
196ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: witchygirlanna.com
URL: https://witchygirlanna.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1681544528305959
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1681544528304728
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 m8JWjfRfY7WVjVi2E-K9H6RCTm4.woff2
fonts.gstatic.com/s/cutivemono/v14/ 20 KB
21 KB 66ms
18ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cutivemono/v14/m8JWjfRfY7WVjVi2E-K9H6RCTm4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cutive+Mono:400,700|sans-serif:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dd84c2fc735188403aa78de990dc765792fd9413bfd3d126e59580015c91532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://witchygirlanna.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 15:33:04 GMT
x-content-type-options: nosniff
age: 58144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20720
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 15:33:04 GMT

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 653F 86 KB
16 KB 24ms
23ms Script
text/javascript 2600:9000:2057:f000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:f000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 07:40:58 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 71
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: rJxUa0UmPW_CJsNavNsf24vno9w-Is4MABA0LAmIM8K11yscwNqeKg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
77 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3BHKD2SX9X&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-NTWKDCS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73ceaaae193060e1787b394b16628ff23d74213bef12b38914e761b6ef6eba12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79082
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Apr 2023 07:42:08 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 653F 156 B
669 B 913ms
198ms XHR
application/json 35.160.240.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.240.154 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-240-154.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

550b129b34802d8c91c9b59fa9e31408db9d234da3da74768d144f55be48ae1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sat, 15 Apr 2023 07:42:09 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1681544529102034
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1681544529101734
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 81ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3BHKD2SX9X&gtm=45je34c0&_p=725140701&cid=299187255.1681544528&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681544528&sct=1&seg=0&dl=https%3A%2F%2Fwitchygirlanna.com%2F&dt=witchygirlanna.com&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3BHKD2SX9X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 07:42:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://witchygirlanna.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/36754c51/ Frame 5D36 399 KB
51 KB 20ms
19ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/36754c51/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VSfvaC5DVGw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfb14c36ee35bd07cb95bb56428c4b63c99a2818ed5fb70c4fe81f8bc10c8126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/VSfvaC5DVGw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15057
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51993
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 00:21:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 14 Apr 2024 03:31:11 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/36754c51/www-embed-player.vflset/ Frame 5D36 349 KB
108 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/36754c51/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VSfvaC5DVGw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9d7f0384afc048bb87d17f73d7636ed88251864d13d29f3be46cc6abbda067f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/VSfvaC5DVGw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:39:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110882
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 00:21:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 14 Apr 2024 07:39:11 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/ Frame 5D36 2 MB
619 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VSfvaC5DVGw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b7bf70786630f93ce0accd9c42a90918e77a0617a266fbdf317ed54b65a57a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/VSfvaC5DVGw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 12:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68750
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 633325
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 00:21:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 13 Apr 2024 12:36:18 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/36754c51/fetch-polyfill.vflset/ Frame 5D36 9 KB
3 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/36754c51/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VSfvaC5DVGw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/VSfvaC5DVGw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 05:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 00:21:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 14 Apr 2024 05:21:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5D36 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VSfvaC5DVGw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:05 GMT
x-content-type-options: nosniff
age: 335463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5D36 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VSfvaC5DVGw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:02 GMT
x-content-type-options: nosniff
age: 335466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:02 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 5D36
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

32ms
32ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VSfvaC5DVGw

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45bab40c3643c1f2e6995cd574f47bdb81fab279cc851a7b610743582927f6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 15 Apr 2023 07:42:08 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 5D36 29 B
495 B 68ms
19ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:36:10 GMT
x-content-type-options: nosniff
age: 358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 07:51:10 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 87ms
33ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 15 Apr 2023 07:42:08 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5D36 66 KB
31 KB 45ms
37ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6138745ce43b27744d949dbc8704b0e6ef652e095f270447d185f8f58a3b4753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31200
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/ Frame 5D36 116 KB
36 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23f0974f5a5a9578fa2bf2b7211a29d4c6df1fca74f8291e5258c43482df534b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/VSfvaC5DVGw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 02:14:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36566
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 00:21:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 14 Apr 2024 02:14:27 GMT

GET
H2 200 2ordrZu4NrapatEoBxceaXJmOvBRJ7YLOguyZYZ11AQ.js Show response
www.google.com/js/th/ Frame 5D36 36 KB
15 KB 69ms
22ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/2ordrZu4NrapatEoBxceaXJmOvBRJ7YLOguyZYZ11AQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8addad9bb836b6a96ad12807171e6972663af05127b60b3a0bb2658675d404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 02:39:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 277368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14321
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 02:39:20 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/VSfvaC5DVGw/ Frame 5D36 25 KB
26 KB 139ms
74ms Image
image/webp 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/VSfvaC5DVGw/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VSfvaC5DVGw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf8ba545628a4fbb147c824327ef1b1dfbb102e08997617dc66db085e72858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
x-content-type-options: nosniff
server: sffe
etag: "1655018753"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25822
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 15 Apr 2023 09:42:08 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/ Frame 5D36 29 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c4dc5924fd04f9ebd8bb7367ace6362e2e9f497d3b4cd556b10eb1215785ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/VSfvaC5DVGw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 229733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9035
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 00:21:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 11 Apr 2024 15:53:15 GMT

GET
DATA 200
OK truncated
/ Frame 5D36 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lyekPquLuI7gktktEzCYQOMn09r8X8-jnRs9sPIIa29uA2lRvwIH5-duxmYqcDSr2h_9xTao9g=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 5D36 3 KB
3 KB 214ms
165ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/lyekPquLuI7gktktEzCYQOMn09r8X8-jnRs9sPIIa29uA2lRvwIH5-duxmYqcDSr2h_9xTao9g=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VSfvaC5DVGw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7e1d8f0fe176d0b586a506c972e4ddc84295622af8c8cc466cd70a6bc262c1f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2795
x-xss-protection: 0
expires: Sun, 16 Apr 2023 07:42:08 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 5D36 4 KB
2 KB 81ms
31ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 07:42:08 GMT

GET
H2 200 witchygirlanna_mediakit_header_background.png
cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/ 405 KB
406 KB 385ms
384ms Image
image/png 2606:4700:10::6816:2762
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.beacons.ai/user_content/G7W6jL3Z6ZUYaXaYApVAK24Fbvo1/witchygirlanna_mediakit_header_background.png?t=1670152386053
Requested by: Host: witchygirlanna.com
URL: https://witchygirlanna.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2762 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3c3003f1fb10b03954cb9ad9fcd1276435197f17311d5615f43a4c84572fc39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:09 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdudlkl3yc2YV0segCsyfgM6oioknlwSrMyIZzgIxb7FPAJu-m0BubFzYXQQStBTfQ54K_P6E8ecNsw1IajeOsST2Pyn-GDQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''witchygirlanna_mediakit_header_background.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 414355
last-modified: Sun, 04 Dec 2022 11:13:05 GMT
server: cloudflare
etag: "3907d33d0abdfa54fc820ef0004a38c2"
vary: Accept-Encoding
x-goog-generation: 1670152385723957
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=Aa0sRg==, md5=OQfTPQq9+lT8gg7wAEo4wg==
access-control-expose-headers: Content-Type, x-guploader-uploadid, x-goog-acl
cache-control: public, max-age=14400
x-goog-stored-content-length: 414355
x-goog-meta-firebasestoragedownloadtokens: f8d9afb7-328f-4c14-a3fd-2d51a1eee01c
accept-ranges: bytes
cf-ray: 7b828cd88e8837fc-FRA
expires: Sat, 15 Apr 2023 08:42:08 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 5D36 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?p29YsQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/VSfvaC5DVGw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/VSfvaC5DVGw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 30ms
30ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 15 Apr 2023 07:42:08 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5D36 90 B
134 B 31ms
31ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ed543fdb93576e2f43fdf8da6abebba280dcbac06f9abd74d3b160dc033edc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 15 Apr 2023 07:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/112/ Frame 5D36 50 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/112/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 16:06:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 15 Apr 2023 13:19:30 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 5D36 28 B
54 B 31ms
30ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
X-Goog-Request-Time: 1681544530568
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/VSfvaC5DVGw
X-YouTube-Client-Version: 1.20230411.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs4ZEY0anZqREpZMCjQqumhBg%3D%3D
X-YouTube-Ad-Signals: dt=1681544528468&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C600%2C338&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 15 Apr 2023 07:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 15 Apr 2023 07:42:10 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 27ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3BHKD2SX9X&gtm=45je34c0&_p=725140701&cid=299187255.1681544528&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1681544528&sct=1&seg=0&dl=https%3A%2F%2Fwitchygirlanna.com%2F&dt=witchygirlanna.com&en=scroll&epn.percent_scrolled=90&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3BHKD2SX9X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://witchygirlanna.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 07:42:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://witchygirlanna.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
witchygirlanna.com/	1970-01-20 11:15:49	Name: _bSignupSelfRef Value: witchygirlanna
witchygirlanna.com/	1969-12-31 23:59:59	Name: _bLinkInBioViewed Value: witchygirlanna
.unsplash.com/	1970-01-20 19:51:20	Name: ugid Value: 7a4c0fe8e6132980c1912638c8d9816e5605148
.witchygirlanna.com/	1970-01-20 20:41:44	Name: _ga Value: GA1.1.299187255.1681544528
.witchygirlanna.com/	1970-01-20 20:41:44	Name: _ga_3BHKD2SX9X Value: GS1.1.1681544528.1.0.1681544528.0.0.0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 0dVwBZHo1-4
.youtube.com/	1970-01-20 15:24:56	Name: VISITOR_INFO1_LIVE Value: 8dF4jvjDJY0
m.stripe.com/	1970-01-20 20:41:44	Name: m Value: e70454d4-014e-41b6-a226-0370596c9ff00fcf0a
.witchygirlanna.com/	1970-01-20 19:51:20	Name: __stripe_mid Value: 16c35120-eb24-4f83-97c6-f827469fd2af5bcdad
.witchygirlanna.com/	1970-01-20 11:05:46	Name: __stripe_sid Value: a4dc302e-6b8e-4ad4-b345-e3b3a8277e3f8d8979

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacons.ai
cdn.beacons.ai
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
images.unsplash.com
jnn-pa.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
region1.google-analytics.com
sentry.io
static.doubleclick.net
witchygirlanna.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
youtube.com
yt3.ggpht.com
151.101.128.176
2001:4860:4802:34::36
2600:9000:2057:f000:19:7d10:bd80:93a1
2606:4700:10::6816:2762
2606:4700:10::ac43:14b6
2a00:1450:4001:806::2001
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2006
2a00:1450:4001:811::2003
2a00:1450:4001:811::2016
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2008
2a00:1450:4001:82b::2004
2a00:1450:4001:830::200e
2a04:4e42:8d::720
2a09:8280:1:9032:60eb:1797:5542:d0db
35.160.240.154
35.188.42.15
54.186.23.98
019d6f47a324531a1902c422cc514fd85f2314af59a730992a819e989bbed578
0ae07a56a2e50d75768a815d320bce4aa614380332b5f4c5affa2d4a1b5d90fc
0fe79d62d4f5f6efa957cc813482428fb09dbed1a57ebbd3ecd3aa664d5960bd
1338d0fd472538384e53e52371016f8e1f9b113f6bafdfd87a1ca918dfef7d30
1b37b4b8cdd10d35d2a711d9bbc2272462c4bdd53453edf6a999879efc217930
1d7b1cd2df111a059e1003a1daf38b3c8818abec0cca0d6cf6421b2bcab74224
1dee0f650ac746b9efb69bbe99705e471f5498d287c0c73aa127b2205849a1b0
23f0974f5a5a9578fa2bf2b7211a29d4c6df1fca74f8291e5258c43482df534b
24a279376551117f31ed9d92797023d0f89b376a6392801c7d6626e4cb7877e5
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
25db6331b7c5a04b0b2c33969a75d6c9a9e141bd4ae2907a57bc24088aa29752
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
375b2e2103fec7c53b8561c4a17f9d8d97dd179c8bc382fa74e79f8b24cdd29e
38f4a39da149d1fceb410d4a54a14f654f25fc2a1ffc31cc2e45c7ffa9773889
3b8f0ad91caedcbe2ebb6538c2190310ce5bab56d97fe8273d8561e7036f0385
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
410b0bedd565c9a17c0b01e08246e212c2f085a2d5137622c379707cc77d1d14
42949cfff2c33122ee42df9e8968ab129db58bb8175ef12de61a09d29cd2773b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45758018f069cc2a22a3e44fc85cde613ee442c975a8c30abd9b3a2eca1a8e7d
45bab40c3643c1f2e6995cd574f47bdb81fab279cc851a7b610743582927f6e7
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a0cc5182faa1e1183499e64c7d384d044aaa14bb8472f2fe5fb20ef10d37da7
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4b8d3aa81118380a4ee3869282254067e7fe72442ef787f57123db62e39c46ad
505ae64b5f5c7ab9421878f97b2859e81cccdb54df834baec7a09bc30573d0c3
550b129b34802d8c91c9b59fa9e31408db9d234da3da74768d144f55be48ae1b
56b32c337629bdfc37d24ff1d9868e1c5eba23b76d511e5fc1e213fca6c50c96
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6138745ce43b27744d949dbc8704b0e6ef652e095f270447d185f8f58a3b4753
62cf8ba545628a4fbb147c824327ef1b1dfbb102e08997617dc66db085e72858
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6aee3cbbddc78ce01efe79339d1f03340c14b0ee2aba959b537e77d3dfa0f7bf
6dc4b2d5309f9dbf09408a1442c4973c2e346b72332bd9449ea56007f261de53
6dd84c2fc735188403aa78de990dc765792fd9413bfd3d126e59580015c91532
73ceaaae193060e1787b394b16628ff23d74213bef12b38914e761b6ef6eba12
795b9c9fbbc11b86bed3e8c446ee6e7a54e89f09f65255c0db1ed1ae2d1d9357
7e1d8f0fe176d0b586a506c972e4ddc84295622af8c8cc466cd70a6bc262c1f6
7ed543fdb93576e2f43fdf8da6abebba280dcbac06f9abd74d3b160dc033edc0
7fda3029057ef721c9d8077fa669d060094b724a406fc6b4d65fc796486f75dd
854c917ca272599d26f98cd77b292462031a00de2e95937bc56e8a2eee59e612
8676e1ed89f49d16f729309f51fe36cc8b6405125517f0002d45cd5602db0cf5
87b7bf70786630f93ce0accd9c42a90918e77a0617a266fbdf317ed54b65a57a
8df4212a1e80e652dd51006082e1bb02be5eb57baaddc33d996f9aee32481106
914168914235540a7117e4b20d435c022a0d356f02f25ca3f31ed929d4b0f891
94dcc5a6e325b41d229e028c325f0d61f46d4e8bbaa21b1bd14a4dfb79becb76
99e7792a9d2fca589922bfa715e45bee923baa4cf1fe5f2ba90c2ba093a25a0c
9c4dc5924fd04f9ebd8bb7367ace6362e2e9f497d3b4cd556b10eb1215785ebd
9ceec79c3dd157b37e2adf79fdf916730a430200fb1276f3f0fea4429f7d580a
a3c3003f1fb10b03954cb9ad9fcd1276435197f17311d5615f43a4c84572fc39
a48246193efe999e94950e3ea17559a2d60d4f2d063a4712afb3917dbb68090c
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
affc28e40f37eafc1a2537d0d76ff8d1d872a825eb41a63c022d966540199b61
b06e5ad0d7f8fb38b68580d2f54d8a18cef9fb44946e3acf2c3a0291a55eef2d
bea4bf6ffa01a54ce4b9543001a0992e2b74d31af497315b34d459aa558c030e
bfb14c36ee35bd07cb95bb56428c4b63c99a2818ed5fb70c4fe81f8bc10c8126
c39d909bd761a803ea44747bfb053acc2ff2953503bc7339557d4eba10d7cc44
d1664891105db859e30c93cf66e11ba4f393733fa6ba331d3b926ceb2c474e76
d270f0600f69888ecd2cc8ae08830ad8a8df2249d30a46f4b8969073a2e5145e
d5d54b1d1ac6021d7725139fd9e9109f9c68dfca1261fbf5e785f08575eb4378
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da8addad9bb836b6a96ad12807171e6972663af05127b60b3a0bb2658675d404
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e402bd7b78faf479094503549a5402243db778e0e48e1922246518e83d31e235
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f22d676e5d29323343fc977ba6091b95e4d85b7feac2d769b803d81c9aea6603
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f7a7def8f2ff913811bf04ec3107fad082b0f4e3e931636131a7958869e0d118
f9d7f0384afc048bb87d17f73d7636ed88251864d13d29f3be46cc6abbda067f
fd00320c73391d4e2d2e4e2b42e154186f6c5dd96de9664b2bca20e6437be326

witchygirlanna.com Open in urlscan Pro 2a09:8280:1:9032:60eb:1797:5542:d0db Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

82 Requests

99 %HTTPS

83 %IPv6

16 Domains

24 Subdomains

24 IPs

2 Countries

4016 kBTransfer

8406 kBSize

10 Cookies

8 Outgoing links

Page URL History

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

witchygirlanna.com Open in urlscan Pro
2a09:8280:1:9032:60eb:1797:5542:d0db Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

99 %
HTTPS

83 %
IPv6

16
Domains

24
Subdomains

24
IPs

2
Countries

4016 kB
Transfer

8406 kB
Size

10
Cookies

82 HTTP transactions
1 data transactions