URL: https://bestwitches.com/
Submission Tags: phishingrod
Submission: On September 24 via api from DE — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3036::6815:4698, located in United States and belongs to CLOUDFLARENET, US. The main domain is bestwitches.com.
TLS certificate: Issued by WE1 on September 23rd 2024. Valid for: 3 months.
This is the only time bestwitches.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 108.167.135.213 19871 (NETWORK-S...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 185.138.83.89 203318 (ASBIZWAY)
40 5
Apex Domain
Subdomains
Transfer
35 bestwitches.com
bestwitches.com
383 KB
2 prnx.net
t8.prnx.net — Cisco Umbrella Rank: 224436
4 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 803
12 KB
1 realtracker.com
web4.realtracker.com — Cisco Umbrella Rank: 226904
246 B
1 homestead.com
bestwitches.homestead.com
82 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
5 KB
40 6
Domain Requested by
35 bestwitches.com 1 redirects bestwitches.com
2 t8.prnx.net bestwitches.com
2 unpkg.com 1 redirects bestwitches.com
1 web4.realtracker.com bestwitches.com
1 bestwitches.homestead.com bestwitches.com
1 fonts.googleapis.com bestwitches.com
40 6
Subject Issuer Validity Valid
bestwitches.com
WE1
2024-09-23 -
2024-12-22
3 months crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.homestead.com
Sectigo RSA Domain Validation Secure Server CA
2023-10-10 -
2024-11-09
a year crt.sh
t8.prnx.net
Network Solutions RSA DV SSL CA 3
2024-04-16 -
2025-05-17
a year crt.sh

This page contains 1 frames:

Primary Page: https://bestwitches.com/
Frame ID: B17EDE3F91D846F80ABA76A53E020BC5
Requests: 40 HTTP requests in this frame

Screenshot

Page Title

Death by Chocolate

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

93 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

485 kB
Transfer

650 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://bestwitches.com/~site/Scripts_ExternalRedirect/ExternalRedirect.dll?CMD=CMDGetJavaScript&H_SITEID=RTK3&H_AltURL=%2F~site%2FRealTracker%2Fibc90006.js&HSGOTOURL=https%3A%2F%2Fweb4.realtracker.com%2Fnetpoll%2Fjs%2Fibc90006.js HTTP 302
  • https://bestwitches.com/~site/javascript/site_statistics.ffhtml?RTK=https%3a%2f%2fweb4%2erealtracker%2ecom%2fnetpoll%2fjs%2fibc90006%2ejs
Request Chain 31
  • https://unpkg.com/cursor-effects@latest/dist/esm.js HTTP 302
  • https://unpkg.com/cursor-effects@1.0.15/dist/esm.js

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bestwitches.com/
19 KB
5 KB
Document
General
Full URL
https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d1d9575f3b9ff03ef8811676ccbe525251f8614a9157fb23fa1d42231e384b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8c7f7e8069489bd0-FRA
content-encoding
br
content-type
text/html
date
Tue, 24 Sep 2024 02:55:11 GMT
last-modified
Mon, 23 Sep 2024 19:40:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dBRHlDavU7SoKIpT5rCSZOnbS82FHe6bO0eM3RBNdIGRT8RcfxJ72CkEEFPYeCtWRVPZeed98Z5rkh2v2oWRbiuRnocNIcpwReqcjMjH1buP4XVykXjIRYU39mhRvIoypMjcyYIeMdChcREMkB4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-server
WEB05
speculation
bestwitches.com/cdn-cgi/
128 B
555 B
Other
General
Full URL
https://bestwitches.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bestwitches.com
Referer
https://bestwitches.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R1KiUIVa%2BuqodB%2BRfYh3znhOKuGVA%2Bbr5n6fB522wNcxDfX18SnAfFLado1web7n%2B%2BrH0qL6Mjwh9Iyu4cxX7lUbjlaTgGxyw1dNodFDHuPQaQoowBbSA4KU%2BIJida3MiyZl0JBMJbw%2BpxBmFvY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e81da139bd0-FRA
access-control-allow-origin
https://bestwitches.com
content-length
128
date
Tue, 24 Sep 2024 02:55:11 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
font_styles_ns4.css
bestwitches.com/~media/elements/Text/
5 KB
1 KB
Stylesheet
General
Full URL
https://bestwitches.com/~media/elements/Text/font_styles_ns4.css
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59179a508a3206069bf2ee2e908d83f2b9e878ababa3fd2a0e1b8af1bf25e0b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"f0cdab53246bd41:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sojQ46oHCTxYC0loudLoGOrzcdff8M9IJopLUvTjoBMIc3mxH1%2Fztm7Xvi6T7ZUobbRQeiEg7VvDZCVrQw7nFLstksKG3M5e%2BtaEvA3OCis4ilOQNrmxt3xPFPFp1QmGfzw%2FLtUU9tFMb7xSmxU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e81da149bd0-FRA
accept-ranges
bytes
content-length
894
date
Tue, 24 Sep 2024 02:55:11 GMT
content-type
text/css
last-modified
Tue, 23 Oct 2018 23:01:26 GMT
x-server
WEB07
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/
54 KB
5 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Abril+Fatface|Allerta|Arvo|Bitter|Bree+Serif|Cabin|Cookie|Domine|Droid+Sans|Droid+Serif|Grand+Hotel|Josefin+Slab|Lato|Lobster|Lora|Merriweather|Monda|Montserrat|Offside|Old+Standard+TT|Open+Sans|Open+Sans+Condensed|Oswald|Playfair+Display|PT+Sans|PT+Serif|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Sanchez|Source+Sans+Pro|Tangerine|Ubuntu|Vollkorn|Yanone+Kaffeesatz
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a64719c0bddab42941bdb976df382d71be1b6d5b5702327dc973f3406751e043
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 02:55:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 02:55:11 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 24 Sep 2024 02:10:10 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
font_styles.css
bestwitches.com/~media/elements/Text/
45 KB
9 KB
Stylesheet
General
Full URL
https://bestwitches.com/~media/elements/Text/font_styles.css
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2c46cb1cabd1fc25ea1075183b27d4ce89e76f2bf834c67a30764b9c97e170b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"f0cdab53246bd41:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tCv%2BydE%2FslfhnkXCVAW7xMbgcewLCmZ8spG3ubsPAI87dXt8fbAAGOdSKY9CDw0jp05rpzr0k4mgTc5OhnUtY58V4UT7YOVWWYugj6Q%2B8c%2BVovvDoDmFRGsTKG7Smn%2FCvJ0Mv0kvjAOyCfHP%2BpM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e81da179bd0-FRA
accept-ranges
bytes
content-length
8562
date
Tue, 24 Sep 2024 02:55:11 GMT
content-type
text/css
last-modified
Tue, 23 Oct 2018 23:01:26 GMT
x-server
WEB09
server
cloudflare
vary
Accept-Encoding
FormValidation.js
bestwitches.com/~site/Elements/HCUser_Forms_Submit/
7 KB
3 KB
Script
General
Full URL
https://bestwitches.com/~site/Elements/HCUser_Forms_Submit/FormValidation.js
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0766571f3338b148db406a94840c9b4e1d1d70de1f2d29d3c5d536a8cea4b37f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"f0c9f52b246bd41:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZEdQYzbObW7bRL8pugj8xRQb%2BCQAGhd%2FJk9yAjXOEJhaKp1DzcVCIpNuI4bKElOvBJ1X8RSnq5%2BlGGs6dzqTqpvr%2FlGs7kREZs6cHQgvBaHn2qP7ZC5rnP0bTl5HQHD7vNbiCKnTkP6n9R1ZoUs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e81da199bd0-FRA
accept-ranges
bytes
content-length
2981
date
Tue, 24 Sep 2024 02:55:11 GMT
content-type
application/javascript
last-modified
Tue, 23 Oct 2018 23:00:20 GMT
x-server
WEB03
server
cloudflare
vary
Accept-Encoding
Bon.gif
bestwitches.com/
1 KB
2 KB
Image
General
Full URL
https://bestwitches.com/Bon.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d05010936aaa14dc7a04c7e39e8d07462d8ab1d8fbc473a642fc98624432a5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"51788cb6f4ed31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9SOFhRvjT7e5O5jYG%2FjS8RqE3qnM3tsTSM%2FdQhMn0UVaDHjRTXz5ndj2nDZ3szIHiNHncVBeij2dJ1w%2B5zClcJ6YeQZCzelz1mNekui%2BLSl1IfOIbkYrEAmZIZohiPM19fc%2FWLVG0VTtyNItwHI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e83fb439bd0-FRA
accept-ranges
bytes
content-length
1447
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Thu, 26 Oct 2017 15:33:38 GMT
x-server
WEB04
server
cloudflare
vary
Accept-Encoding
Death.gif
bestwitches.com/
1 KB
2 KB
Image
General
Full URL
https://bestwitches.com/Death.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8ecdd8d4442c7652ed908fbda6a383b1e1cb6ce320436a29dac8f1cf2b19c64

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"2a28eb61ca4ad31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jtQ74wmG2BHaZdBJhCT7Lh%2FOl%2BKE1d9nZMXNcOiFYOkA8rNk3uON226nA%2BnVLrLyAG3hVdXgzb65WKyAiMQ3Ufa86pOtQHnHOJ5Z8Y8VuHwB4V%2BVrmjoUC7znyMJHxajJWEMWyf%2BrmGXnPSsDhs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e83fb4e9bd0-FRA
accept-ranges
bytes
content-length
1366
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Sun, 22 Oct 2017 00:12:01 GMT
x-server
WEB14
server
cloudflare
vary
Accept-Encoding
streets.jpg
bestwitches.com/
13 KB
13 KB
Image
General
Full URL
https://bestwitches.com/streets.jpg
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a586989e517ba745c9294cbf8178cc388d222dfdb08e77c40a697c5a7fb499b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"553d1162ca4ad31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VtO6dJA7KxuCZbjHEibRQ%2Fu3Era2JDApqWfot0ko%2FOTFVBzEloEwxv01LppLCf5X48%2B4frNnoZRIRdd5AmEBa2PQzKFKZjGP58ooJfCtkT9DQeQ9e90WXfQAfCQOs02MNg5PYOch77NJrvJhgpg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e81da1b9bd0-FRA
accept-ranges
bytes
content-length
13031
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/jpeg
last-modified
Sun, 22 Oct 2017 00:12:01 GMT
x-server
WEB28
server
cloudflare
vary
Accept-Encoding
hh.gif
bestwitches.com/
6 KB
6 KB
Image
General
Full URL
https://bestwitches.com/hh.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37f2d9a526a600820fc07e9506aa3035eac6682540680b521688e1a22e5ac25e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"98ed4c9b8ebd81:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Ad%2FW3sTym3%2FivijUZ0KFUa%2B21NBEAW19gWkj5MQCRqBgpwd%2Fjoz%2BEKT4NEMl2sbmMOBRwkjkv6J3vmKdm8xWS8nDoa%2F9bfc78IO2fiCcnjEXd2kijdRZBdScFb7DD819lYwViGKnnEj8MDCFkc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e81da1c9bd0-FRA
accept-ranges
bytes
content-length
6048
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Fri, 28 Oct 2022 20:05:20 GMT
x-server
WEB01
server
cloudflare
vary
Accept-Encoding
taffy.gif
bestwitches.com/
4 KB
4 KB
Image
General
Full URL
https://bestwitches.com/taffy.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
633033ca26ae2a4db456bed189c254e76a967a5215e31e1616665740734b2199

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"aecaa962ca4ad31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mRgEZ0hsDMz4l0Aph7WyyiAlckJlQ%2FwIDKZ1FoA4wrHAgZbcaET9B7dYd8Eh43bNswUPWK8ZdVCVo4npj%2FsJ2ren2da75FbJ%2F9Qwbl3iCb1%2FJFMo9b9ppvVu69se2mXZUFYPAzoz37lD3ZqEIZU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e83fb489bd0-FRA
accept-ranges
bytes
content-length
3666
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Sun, 22 Oct 2017 00:12:02 GMT
x-server
WEB10
server
cloudflare
vary
Accept-Encoding
cane.gif
bestwitches.com/
5 KB
6 KB
Image
General
Full URL
https://bestwitches.com/cane.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a7696014181ba08d90068319d3bdd7fe33c97869486e991667e7964901de5b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"f14d85f1cf4ad31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPxkHDmllf67wzJnjT7jHqc%2BBFZhcAGjGOYOa0sWI%2FbHuf0sUtnfHSzhKR3n09DUCWOVj2rNmS%2FlUqXIILC4XpiTJ8E8i%2F49h7wYLjosR9P51xo57oFVedptM1%2Fkkz1JsaftrLs1mZ4Hfe0QA%2Fg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e83fb509bd0-FRA
accept-ranges
bytes
content-length
5442
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Sun, 22 Oct 2017 00:51:49 GMT
x-server
WEB12
server
cloudflare
vary
Accept-Encoding
Hershy.gif
bestwitches.com/
6 KB
6 KB
Image
General
Full URL
https://bestwitches.com/Hershy.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebb29fee3748c62ac6f208993a97fd8aa5895c6b8b55af8722a7b3d32fd14e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"9c84a9f1cf4ad31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XE4PqqnC3IqHpM%2Bjn7Eyjrp2oaGYwdyc1lZaaBaIdhtqsvan69KiD7eVqQJZn4IgKIGVnU2KUHLhb5V8kWEeee8VvOT3K33%2FqrF2fgevn8fLmBJBFyRyketyBcgbhq796XqqhwCw0AOP%2FhneAHg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e83fb3f9bd0-FRA
accept-ranges
bytes
content-length
5952
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Sun, 22 Oct 2017 00:51:49 GMT
x-server
WEB25
server
cloudflare
vary
Accept-Encoding
M.gif
bestwitches.com/
6 KB
6 KB
Image
General
Full URL
https://bestwitches.com/M.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ba7ae6b53386cb269418718e07b8afff04d1c755ad97faa3cf2103041563d38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"45ef7f1cf4ad31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tpncec8hPq7%2FqtjYcUJWv1HMglTMs8U1A9%2FuT83VudlWbZ6ldfQJSGCFCfzjOZkUrl5RWmAdxtBmXP54x3bjTRCJOIso52KvJZVh0cbCWKcBmkMBjuwQ%2FWpTDuYlAub%2BpbaqbI8POJ7BJF1djhM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e83fb4a9bd0-FRA
accept-ranges
bytes
content-length
5981
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Sun, 22 Oct 2017 00:51:50 GMT
x-server
WEB22
server
cloudflare
vary
Accept-Encoding
Pumpkin.gif
bestwitches.com/
15 KB
16 KB
Image
General
Full URL
https://bestwitches.com/Pumpkin.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a860f581339c3eb3f83a0126c393674fcf260d7a2016451c655237ab4f2fa626

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"9e4841f2cf4ad31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9jt4PpFdMdxQGbvBAHRbMDZIqE1DvB6utaDLxMoRd2nBK6uG%2FalS80zRxS0%2FyySfj5VxSYIPQou6FmBFnNLWzNfJv1oTMYJxff4EyRtB0CK4osWtnBUqd7rM7D3AF6qkHTVv6QHjacYd60m%2FrCk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e83fb4f9bd0-FRA
accept-ranges
bytes
content-length
15831
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Sun, 22 Oct 2017 00:51:50 GMT
x-server
WEB18
server
cloudflare
vary
Accept-Encoding
tootsiestop.gif
bestwitches.com/
4 KB
4 KB
Image
General
Full URL
https://bestwitches.com/tootsiestop.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29c49515b9822f88890fbf972223cb0807b5bc5010550c46bb6a8af7fa9f2ab5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"73e457c96c4ed31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xn8T8nfG8XcHdKto2jz4QDcpjLkf8rWk89hKiQJWLGoKcCzRp5hNC%2FuPgYDq942DP7fWiPSrgeGb2RKw3pJPjjeyW7z7%2BquyPpC5Ff3KIkhk9tTgj%2B2iDcvNs%2FtV%2FGR3ye%2FevfdB81%2BacMVMUxM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e83fb4d9bd0-FRA
accept-ranges
bytes
content-length
3937
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Thu, 26 Oct 2017 15:12:06 GMT
x-server
WEB08
server
cloudflare
vary
Accept-Encoding
22.gif
bestwitches.homestead.com/
82 KB
82 KB
Image
General
Full URL
https://bestwitches.homestead.com/22.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.167.135.213 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-135-213.unifiedlayer.com
Software
/
Resource Hash
f5921c4965da62d28c217f78417adc341b58317c60b0306f922d1aed8df43556

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

X-Robots-Tag
noindex, nofollow
ETag
"b2e696887570d41:0"
Accept-Ranges
bytes
Content-Length
83540
Date
Tue, 24 Sep 2024 02:55:12 GMT
Content-Type
image/gif
Last-Modified
Tue, 30 Oct 2018 17:25:20 GMT
X-Server
SSL16
BF.gif
bestwitches.com/
12 KB
12 KB
Image
General
Full URL
https://bestwitches.com/BF.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69bc060c2774752b2d08642f4a2b12234a7a7fcaa5b94727200c5aad1534c310

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"f543921fc150d31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RXnjXUGA5ahTvGS9Ml%2Bh%2FHb8WXxv5jRP9nZ8Itgnft10UkRb35BRsdm9iTaV43Kf6K6gWsLKWJMrl2ud2YzgIDNx5BLWvqSnIgkefYDUz38iW6GvmVoR1SUESIhADYxrhbD2JsBo1HW8fbRNpJ4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e840b599bd0-FRA
accept-ranges
bytes
content-length
11903
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Sun, 29 Oct 2017 14:20:51 GMT
x-server
WEB03
server
cloudflare
vary
Accept-Encoding
trail.jpg
bestwitches.com/
28 KB
28 KB
Image
General
Full URL
https://bestwitches.com/trail.jpg
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94b7952a9871d011e73f3014e2b2650dd388219f9c078cbdf973a05fb95ac090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"feabd033d14ad31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJMlb8k%2B%2BIVgTMbkQCZxFMNK%2FHfXF8UMj2dBFF7klNHLBaV4UZqb7zA4MqvsoKwnoybfCo14i%2BHQEnDvfUJBQxfqFqG87rAq%2BjsIKEZu3sX5Ozmgi%2Ff1CnvqeKn1NOvVrJZTHUueYwUtR8l%2BljI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e83fb419bd0-FRA
accept-ranges
bytes
content-length
28342
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/jpeg
last-modified
Sun, 22 Oct 2017 01:00:50 GMT
x-server
WEB02
server
cloudflare
vary
Accept-Encoding
Spider.gif
bestwitches.com/
18 KB
18 KB
Image
General
Full URL
https://bestwitches.com/Spider.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5315b86a0d6057abdcc812988c66500814abcdcdc7b9fee7451af8be893c863a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"ef52f5df5b52d31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Ps75CNxynVbXUDuh%2BZo9lK31YrMuviTkfKXegvizywe6FCX6kdHEOiDjAWvAJz%2FnsJd%2Ff1tHHEYDlHlH%2BZnvQoLE%2FqApoViRM0mZ5kCwpMeVoSyvW1jH6QHOXB1NRTB43P8aqlfxgvy3WS%2BTsg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e840b549bd0-FRA
accept-ranges
bytes
content-length
18216
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Tue, 31 Oct 2017 15:21:07 GMT
x-server
WEB16
server
cloudflare
vary
Accept-Encoding
Reeses.gif
bestwitches.com/
16 KB
16 KB
Image
General
Full URL
https://bestwitches.com/Reeses.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a451244b0d9b1af37097f825f846cf2f724c234185e392b5edebf29790b66711

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"68b48598ffead81:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lUfkET7TGB%2F%2Fsiq224lo0ITtPt2SkjOv09CbTQAgXTVhvtsgVyc9kclrv8dDGh1trNOcO2umeyhGXk4KwPE7Z1EK3A46oWIpClMpAv8kh8%2FFB39twQjXdb6HzCjIsadw6z4b%2FA1gUxTvSpzxSBU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e840b579bd0-FRA
accept-ranges
bytes
content-length
16431
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Fri, 28 Oct 2022 19:00:50 GMT
x-server
WEB28
server
cloudflare
vary
Accept-Encoding
Milk_Duds.gif
bestwitches.com/
11 KB
11 KB
Image
General
Full URL
https://bestwitches.com/Milk_Duds.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37576766313231a5c49b8bd78bd9dc7d13e367c90ecb1e29dfff0ba2eb980106

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"c4983c0ebd81:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O2DUdqWzVknbE6mfzVrVeR56K6R5Kzuq1Rn1%2FEsGcyUxCtebIGHgRPZGx59RcMLz1CdUZQ2siO16gMIXZtg2RsnW9DGBzGGPNC6nG%2FUaw%2BpQIH0OZRo9NaG74FuZ2AocZQFez6ELcf7OcUaQSzE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e840b559bd0-FRA
accept-ranges
bytes
content-length
10930
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Fri, 28 Oct 2022 19:04:04 GMT
x-server
WEB24
server
cloudflare
vary
Accept-Encoding
index~~element90.gif
bestwitches.com/publishImages/
916 B
1 KB
Image
General
Full URL
https://bestwitches.com/publishImages/index~~element90.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20b34e54628a54cb53bfa1c4ee5f5e92afdd75aae2bdb2924784df5b6da74ff0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"40ca847cf0ddb1:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5lgu4%2BlhsfNYwPdbIr2E%2F7UyEhS5FQjMcjFXx5%2FWkD8YrvxEL0dMaygIgCZ6A1FjHQZLP50QnhD2DK7TupoE1l7xQvysfGer1jRpcEJLV8BqKuA%2BIKtEq2d3bdpET2UHF96U0PPh5Jd%2BzwFxbTU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e840b5e9bd0-FRA
accept-ranges
bytes
content-length
916
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Mon, 23 Sep 2024 19:40:46 GMT
x-server
WEB01
server
cloudflare
vary
Accept-Encoding
AJJ.gif
bestwitches.com/
72 KB
72 KB
Image
General
Full URL
https://bestwitches.com/AJJ.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b3735f3ee5a956845d9868b807e4114b6aff6f2ecbd08ce7b34c62952357e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"d03ed76aa2ebd81:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KOUPVCTy%2FkdajcZ8nARe%2BRGF0IJ%2F1dnjeagpqMMhU5Snk48lI2a4sq0JoeQHxILbZzK3qHWCeGQZKydfl6kPK1gb2LGeMCB7skUsvVJ%2FHz91AT9dGwdNl7H0PXqxxHY8eCTTMpa0kf2G1eaNc7c%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e840b539bd0-FRA
accept-ranges
bytes
content-length
73340
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Sat, 29 Oct 2022 14:26:21 GMT
x-server
WEB20
server
cloudflare
vary
Accept-Encoding
Chunky.gif
bestwitches.com/
17 KB
17 KB
Image
General
Full URL
https://bestwitches.com/Chunky.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c652379ae059f15b8b20288b380b96c1a9560c2d6f7943aa6d2acadd90a778c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"2c6cab3edebd81:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tmn%2FdVHDatZhcNxdeWWnL4fSmO%2Ft2gQU1g%2B99ldCtZ%2FIFpupV6hI5y%2BILMgPG69S0HLFzqOlbYq4u2V8zcPzOJYEQzSLumEVY0DaHjA92eoPVAksXTyYZLoESz2tLyFLUbY9h7DyH%2F9UvoXJjQQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e840b589bd0-FRA
accept-ranges
bytes
content-length
17156
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Sat, 29 Oct 2022 23:25:16 GMT
x-server
WEB26
server
cloudflare
vary
Accept-Encoding
Swirl.gif
bestwitches.com/
4 KB
4 KB
Image
General
Full URL
https://bestwitches.com/Swirl.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28d66507153cf1886d6daadc14498b382c096a383c4a5895a6a95598cf5a523d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"196a6cf7c350d31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nEiYgPRWjN9UnNw7li7M6gphgHkVXSIIoDc5FZMUR%2Bki%2B5SO9nQEuymM5orgRTZI91u0sDz%2FeilgkAkoSoBPM%2Br2PmdIxDViSR6z%2FnEMwrA6LSF74Vk%2FmjpOvMefYLyR%2BmC4I%2ByYEEDsMfkgwVc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e840b5b9bd0-FRA
accept-ranges
bytes
content-length
3865
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Sun, 29 Oct 2017 14:41:12 GMT
x-server
WEB07
server
cloudflare
vary
Accept-Encoding
kiss.gif
bestwitches.com/
5 KB
5 KB
Image
General
Full URL
https://bestwitches.com/kiss.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
067b467a594b89566e2dcf5c4154aa3f3b2cb1741c76136a614f21e99bd50dbe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"f1ecbf1cf4ad31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATk5I9NHwY%2Fa5jKAgnaNoqAt%2FrYbYGPXd9eR6QfyE36HzGG4Y278SYWLDPSZxtvRKm3DuZqgmCFBzRDZyPg8FQGDEGUO%2FmmqflQChDp7zPgiY%2FI2oZccGZqqjZJvWLntH2I5wxI8YSJqv9lk3dM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e840b529bd0-FRA
accept-ranges
bytes
content-length
4837
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Sun, 22 Oct 2017 00:51:49 GMT
x-server
WEB09
server
cloudflare
vary
Accept-Encoding
Corn.gif
bestwitches.com/
3 KB
3 KB
Image
General
Full URL
https://bestwitches.com/Corn.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a02091250c81ea8ae721cd53d143392c72c91d85af15d7f9d0a3780fac9b721d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"8ff1692b834fd31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nYJzRTM2Gt3Uf01Ex4VyUBsBnghSeM0z8SQEQxdKNVoGuhollqo9idAIzw1NWk3I4cc%2FalgMhenQpcLSn1yaH7H9JvzthG%2F2uiOQEMLcDZTOrOTb4Vf5XTeCfYAEmgige3xV98Mn4RuhUp7enDs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e840b5c9bd0-FRA
accept-ranges
bytes
content-length
3069
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Sat, 28 Oct 2017 00:24:51 GMT
x-server
WEB09
server
cloudflare
vary
Accept-Encoding
guestbook.gif
bestwitches.com/~site/tool/Homestead/HC_Objects/Images/HCUser_Guestbook/dignified/
3 KB
3 KB
Image
General
Full URL
https://bestwitches.com/~site/tool/Homestead/HC_Objects/Images/HCUser_Guestbook/dignified/guestbook.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f02e34a0909601311a0437ffbfd9256329020de9fe754a27fcfef3dc7cb800f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"f0f41f4a246bd41:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nk3bVZEH%2FDgJ1urbK2fbgBj%2F5GoIBA3Ze5GXt0iP0ob1hdYfOmyYjr5MyaqTwn%2BByWSyqEvHYIPbLrSof9%2F9utgJj3pYrMj8jluCCLCJ2LzpmvN4OclFFklWYWWPtcVnQg5%2Fa4XGPqKvvB3Kgjk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e840b569bd0-FRA
accept-ranges
bytes
content-length
2866
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/gif
last-modified
Tue, 23 Oct 2018 23:01:10 GMT
x-server
WEB05
server
cloudflare
vary
Accept-Encoding
site_statistics.ffhtml
bestwitches.com/~site/javascript/
Redirect Chain
  • https://bestwitches.com/~site/Scripts_ExternalRedirect/ExternalRedirect.dll?CMD=CMDGetJavaScript&H_SITEID=RTK3&H_AltURL=%2F~site%2FRealTracker%2Fibc90006.js&HSGOTOURL=https%3A%2F%2Fweb4.realtracker...
  • https://bestwitches.com/~site/javascript/site_statistics.ffhtml?RTK=https%3a%2f%2fweb4%2erealtracker%2ecom%2fnetpoll%2fjs%2fibc90006%2ejs
498 B
884 B
Script
General
Full URL
https://bestwitches.com/~site/javascript/site_statistics.ffhtml?RTK=https%3a%2f%2fweb4%2erealtracker%2ecom%2fnetpoll%2fjs%2fibc90006%2ejs
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc79e92101acae4d7c153f8d01b11f68eeed0518c4b79e1b02fbaf2ed03b7ca9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vd6z4yGu6tL%2F6CCmRCAOzSUsTGSjHlMASwPx4qg3MnW%2FpZuFtKzm6hsYjXZCQvFkVI5IRv4WUqp6Fk%2Btjfq1R9%2FtUdQujEeu5iWFoRYE8L%2BfCSueHzhXsnwOEgUoS40IE1tjZVUBXoyls5tH2Qw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e855c419bd0-FRA
expires
0
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
text/html
vary
Accept-Encoding
x-server
WEB05
server
cloudflare

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
//bestwitches.com/~site/javascript/site_statistics.ffhtml?RTK=https%3a%2f%2fweb4%2erealtracker%2ecom%2fnetpoll%2fjs%2fibc90006%2ejs
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oZXW3wDyfwl6VmE852z6IFlrStGD0fHjAN4dobnbttRJucJct3R1u7ZZMV%2BCEYTAIYCvFqpbc1gfkJfBkqCmq8V2e5946UZQGSy0HusVQ858SG44po%2BIz%2F2xPSSp5eRHyj7z1%2B7RvOkndUoIikQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e83fb429bd0-FRA
expires
0
content-length
268
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
application/x-javascript
vary
Accept-Encoding
x-server
WEB27
server
cloudflare
back.jpg
bestwitches.com/
58 KB
58 KB
Image
General
Full URL
https://bestwitches.com/back.jpg
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45ccb979f5d04f2cbc3800dfa1f2a92c725c2363f66a0b28eb32b6dc4de78ee5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"a88bc661ca4ad31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YtI8KApZa1rG1KpoTGztExo18BvSvLE634hlVnHCg%2F5LOTta4uHDMsFSmRU%2Bo4iANCCFmZFRM2NPYY68TbHjHljw%2FCW6jWxAH53rXGMhXiQvf3u%2BnS5LW1Ixy2P9XfIzWBlW9N4x7VNtk%2BXf0ws%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e83fb4c9bd0-FRA
accept-ranges
bytes
content-length
59188
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/jpeg
last-modified
Sun, 22 Oct 2017 00:12:00 GMT
x-server
WEB06
server
cloudflare
vary
Accept-Encoding
Witch.gif
bestwitches.com/
103 B
103 B
Image
General
Full URL
https://bestwitches.com/Witch.gif
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgP6N3YLfi7zRkRzemBmk3qpoN4G24bPsj7JS3Lmd35FVKEbkcrCHl9jE4Sszo2Ne5HEKGeRMhJ1DOshXBmDtlNnJXUo5RL1hE50CkTP8G4OQi3s9shIeMxBrZxRxW28%2B19tnEHj3vgmBHAwphg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e877dbc9bd0-FRA
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
text/html
vary
Accept-Encoding
x-server
WEB14
server
cloudflare
esm.js
unpkg.com/cursor-effects@1.0.15/dist/
Redirect Chain
  • https://unpkg.com/cursor-effects@latest/dist/esm.js
  • https://unpkg.com/cursor-effects@1.0.15/dist/esm.js
33 KB
12 KB
Script
General
Full URL
https://unpkg.com/cursor-effects@1.0.15/dist/esm.js
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H2
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fff26b4745ee59a6899b87629a817cb4d697be2597dc528b5a086c418427bd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"8358-jkHgBcSSfjiUapWWczN/6yX2coI"
age
7090010
x-content-type-options
nosniff
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J1XNPPC1A429ABS7WE655AGF-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8c7f7e8818275d8e-FRA
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/cursor-effects@1.0.15/dist/esm.js
content-encoding
br
cf-cache-status
EXPIRED
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8c7f7e842f445d8e-FRA
access-control-allow-origin
*
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01J8GZ8KNBANR05AJ3DDKYTCMG-fra
server
cloudflare
ibc90006.js
web4.realtracker.com/netpoll/js/
7 B
246 B
Script
General
Full URL
https://web4.realtracker.com/netpoll/js/ibc90006.js
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/~site/Scripts_ExternalRedirect/ExternalRedirect.dll?CMD=CMDGetJavaScript&H_SITEID=RTK3&H_AltURL=%2F~site%2FRealTracker%2Fibc90006.js&HSGOTOURL=https%3A%2F%2Fweb4.realtracker.com%2Fnetpoll%2Fjs%2Fibc90006.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.138.83.89 , Netherlands, ASN203318 (ASBIZWAY, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
237522f2734e24eb505a8c7a6e71cb4434f8cd987f7003b33d7d7d17287711e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=31536000,public
etag
"975949e09f7d91:0"
accept-ranges
bytes
access-control-allow-origin
*
p3p
policyref="http://t8.prnx.net/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND NAV COM"
content-length
7
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
application/javascript
last-modified
Wed, 04 Oct 2023 21:29:37 GMT
server
Microsoft-IIS/10.0
tc.js
t8.prnx.net/js/
4 KB
4 KB
Script
General
Full URL
https://t8.prnx.net/js/tc.js
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/~site/Scripts_ExternalRedirect/ExternalRedirect.dll?CMD=CMDGetJavaScript&H_SITEID=RTK3&H_AltURL=%2F~site%2FRealTracker%2Fibc90006.js&HSGOTOURL=https%3A%2F%2Fweb4.realtracker.com%2Fnetpoll%2Fjs%2Fibc90006.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.138.83.89 , Netherlands, ASN203318 (ASBIZWAY, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
21c5aad15b9cdccb38edda0f65723d863be154ab7958b2291a337523614aa647

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=2592000
etag
"4d03fe09f7d91:0"
accept-ranges
bytes
access-control-allow-origin
*
content-length
4103
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
application/javascript
last-modified
Wed, 04 Oct 2023 21:29:37 GMT
server
Microsoft-IIS/10.0
prnx_track.js
bestwitches.com/~site/javascript/
110 B
545 B
Script
General
Full URL
https://bestwitches.com/~site/javascript/prnx_track.js
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/~site/Scripts_ExternalRedirect/ExternalRedirect.dll?CMD=CMDGetJavaScript&H_SITEID=RTK3&H_AltURL=%2F~site%2FRealTracker%2Fibc90006.js&HSGOTOURL=https%3A%2F%2Fweb4.realtracker.com%2Fnetpoll%2Fjs%2Fibc90006.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04eb8622ee6d5665eae38bf9029378e41032cd1c6f313fc23f5f21d3adfdeda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"f0e18dd82336d51:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6gth3saVOjPyMTOB6NT6Up7oSznuw6pxprI4Nm6roEl%2BAJQuFNLUjqbkPH5oltUR3727MonD%2BM2FNXpe3fecwHVqRaF3RMR75bedSOIltoogOn6AtPah7PdFyeAoY7GLhpYiXpvuCosoOxSSQEU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e861d099bd0-FRA
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
application/javascript
last-modified
Tue, 09 Jul 2019 06:59:26 GMT
x-server
WEB15
server
cloudflare
vary
Accept-Encoding
jQuery-1.6.3.min.js
bestwitches.com/~site/javascript/
89 KB
42 KB
Script
General
Full URL
https://bestwitches.com/~site/javascript/jQuery-1.6.3.min.js
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/~site/Scripts_ExternalRedirect/ExternalRedirect.dll?CMD=CMDGetJavaScript&H_SITEID=RTK3&H_AltURL=%2F~site%2FRealTracker%2Fibc90006.js&HSGOTOURL=https%3A%2F%2Fweb4.realtracker.com%2Fnetpoll%2Fjs%2Fibc90006.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac530615021b32e91adcf225c7d0e5cdf197fee0b343440bf936904605c8fea9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"043ab51246bd41:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6c41l8lCxAQtLqXgtWcW2Bun%2BdlaizHJSyyqkvB8pCLdkX7dHaZnkSh%2FT7c0XxPJfHlu5lsI2NX8FuhQBZDrHlqN35hsi4UyfWzhY6m4dp8wDLm%2B2dQtgfXrwAscuDVl66hF2t9NP64gp96F7Kg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e861d0c9bd0-FRA
accept-ranges
bytes
content-length
42550
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
application/javascript
last-modified
Tue, 23 Oct 2018 23:01:23 GMT
x-server
WEB13
server
cloudflare
vary
Accept-Encoding
jquery.cookie.min.js
bestwitches.com/~site/javascript/
1 KB
1 KB
Script
General
Full URL
https://bestwitches.com/~site/javascript/jquery.cookie.min.js
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/~site/Scripts_ExternalRedirect/ExternalRedirect.dll?CMD=CMDGetJavaScript&H_SITEID=RTK3&H_AltURL=%2F~site%2FRealTracker%2Fibc90006.js&HSGOTOURL=https%3A%2F%2Fweb4.realtracker.com%2Fnetpoll%2Fjs%2Fibc90006.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dee2ab1cd8678ecd09bdeb9a4d2488308763a0ae8c9cb9fccaa8a5aaf645c08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"50ac5039246bd41:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1E1WQNr4wbY7eZUxZMAGCQX0cH3d2y%2BuFlNjT%2F7KiZa3Zl2WxwAz6xp81SGBf4hzOHuo7YWogD3a5VDjjZTwLaJe6Hze%2FumHQG7%2B3YcBst042UKzg%2FHmS9GPrnTCuMTPomFZWtLSYJiDgOKIUiE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e861d0f9bd0-FRA
accept-ranges
bytes
content-length
707
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
application/javascript
last-modified
Tue, 23 Oct 2018 23:00:42 GMT
x-server
WEB23
server
cloudflare
vary
Accept-Encoding
t.asp
t8.prnx.net/
43 B
275 B
Image
General
Full URL
https://t8.prnx.net/t.asp?pn=8&user=1761572070&to=-180&e=bestwitches.com&pp=index&d=3250611&l=101&tt=09%2F24%2F2024+04%3A55&j=0&m=0&spd=&c=24&p3=&w=1600&h=1200&ck=1&r=1&ref=&f=0&sl=0
Requested by
Host: bestwitches.com
URL: https://bestwitches.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.138.83.89 , Netherlands, ASN203318 (ASBIZWAY, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
no-cache
access-control-allow-origin
*
p3p
policyref="http://t8.prnx.net/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND NAV COM"
content-length
43
date
Tue, 24 Sep 2024 02:55:12 GMT
content-type
image/GIF
server
Microsoft-IIS/10.0
favicon.ico
bestwitches.com/
4 KB
2 KB
Other
General
Full URL
https://bestwitches.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af4c9a47fd4f29f8335d343006616d528454b111403ec674c77699b8ef27be5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bestwitches.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"d44b1446652d31:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXVJ38%2FX2CSVyU2%2BM6rJC%2Ftu86miwxGGS2gYuBPNGkZcxUt26EqZjaExQhPWprT6EgLx5Td6U6Fz3qXWHdm1CkymGHJGSBrpwLj3qecSFsRWaoMAqDIirQLfDo6pUmJ21WLvZ4h952vBYn5mZSM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7f7e8a2f349bd0-FRA
date
Tue, 24 Sep 2024 02:55:13 GMT
content-type
image/x-icon
last-modified
Tue, 31 Oct 2017 16:35:30 GMT
x-server
WEB06
server
cloudflare
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| reDo function| dom object| unique_id object| form_name object| required object| req_message string| errorMsg function| ValidateField function| DisplayError function| GetRadioValue function| Trim function| GetType function| GetForm function| ResetHSForms function| ProcessHSForms number| slideShowSpeed number| crossFadeDuration number| whereY object| Pic boolean| nn number| p object| preLoad function| runSlideShow object| dD object| dB string| px function| floatSS object| FloatSlideShowO string| user string| pp number| to number| cl string| r object| HS object| iTS string| iBASE string| iP function| io function| wc function| y function| cv function| ss function| d function| iOL function| iTN function| iMA function| iTC function| iTP function| iT string| iHOST string| iPAGE number| w function| I function| $ function| jQuery

6 Cookies

Domain/Path Name / Value
bestwitches.com/ Name: phsViewerID
Value: 172.70.251.67.1727146512.9741
bestwitches.com/ Name: BASEREFERER
Value: https://bestwitches.com/
bestwitches.com/ Name: SIGNUPEARCODE
Value: ORGSEARCH
t8.prnx.net/ Name: id
Value: 695230791LCBEGGGDBHKLDLJKCILCJJLK
bestwitches.com/ Name: iSPEED
Value: 328
bestwitches.com/ Name: iPAGE
Value: index

6 Console Messages

Source Level URL
Text
security warning URL: https://bestwitches.com/
Message:
Mixed Content: The page at 'https://bestwitches.com/' was loaded over HTTPS, but requested an insecure element 'http://bestwitches.homestead.com/22.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bestwitches.com/(Line 106)
Message:
Mixed Content: The page at 'https://bestwitches.com/' was loaded over HTTPS, but requested an insecure element 'http://bestwitches.homestead.com/22.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://bestwitches.com/~site/Scripts_ExternalRedirect/ExternalRedirect.dll?CMD=CMDGetJavaScript&H_SITEID=RTK3&H_AltURL=%2F~site%2FRealTracker%2Fibc90006.js&HSGOTOURL=https%3A%2F%2Fweb4.realtracker.com%2Fnetpoll%2Fjs%2Fibc90006.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://web4.realtracker.com/netpoll/js/ibc90006.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bestwitches.com/~site/Scripts_ExternalRedirect/ExternalRedirect.dll?CMD=CMDGetJavaScript&H_SITEID=RTK3&H_AltURL=%2F~site%2FRealTracker%2Fibc90006.js&HSGOTOURL=https%3A%2F%2Fweb4.realtracker.com%2Fnetpoll%2Fjs%2Fibc90006.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://web4.realtracker.com/netpoll/js/ibc90006.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bestwitches.com/~site/Scripts_ExternalRedirect/ExternalRedirect.dll?CMD=CMDGetJavaScript&H_SITEID=RTK3&H_AltURL=%2F~site%2FRealTracker%2Fibc90006.js&HSGOTOURL=https%3A%2F%2Fweb4.realtracker.com%2Fnetpoll%2Fjs%2Fibc90006.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://t8.prnx.net/js/tc.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://bestwitches.com/Witch.gif
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bestwitches.com
bestwitches.homestead.com
fonts.googleapis.com
t8.prnx.net
unpkg.com
web4.realtracker.com
108.167.135.213
185.138.83.89
2606:4700:3036::6815:4698
2606:4700::6811:f9cb
2a00:1450:4001:81d::200a
067b467a594b89566e2dcf5c4154aa3f3b2cb1741c76136a614f21e99bd50dbe
0766571f3338b148db406a94840c9b4e1d1d70de1f2d29d3c5d536a8cea4b37f
0f02e34a0909601311a0437ffbfd9256329020de9fe754a27fcfef3dc7cb800f
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1a586989e517ba745c9294cbf8178cc388d222dfdb08e77c40a697c5a7fb499b
1ba7ae6b53386cb269418718e07b8afff04d1c755ad97faa3cf2103041563d38
20b34e54628a54cb53bfa1c4ee5f5e92afdd75aae2bdb2924784df5b6da74ff0
21b3735f3ee5a956845d9868b807e4114b6aff6f2ecbd08ce7b34c62952357e8
21c5aad15b9cdccb38edda0f65723d863be154ab7958b2291a337523614aa647
237522f2734e24eb505a8c7a6e71cb4434f8cd987f7003b33d7d7d17287711e1
28d66507153cf1886d6daadc14498b382c096a383c4a5895a6a95598cf5a523d
29c49515b9822f88890fbf972223cb0807b5bc5010550c46bb6a8af7fa9f2ab5
37576766313231a5c49b8bd78bd9dc7d13e367c90ecb1e29dfff0ba2eb980106
37f2d9a526a600820fc07e9506aa3035eac6682540680b521688e1a22e5ac25e
45ccb979f5d04f2cbc3800dfa1f2a92c725c2363f66a0b28eb32b6dc4de78ee5
4af4c9a47fd4f29f8335d343006616d528454b111403ec674c77699b8ef27be5
5315b86a0d6057abdcc812988c66500814abcdcdc7b9fee7451af8be893c863a
59179a508a3206069bf2ee2e908d83f2b9e878ababa3fd2a0e1b8af1bf25e0b1
5a7696014181ba08d90068319d3bdd7fe33c97869486e991667e7964901de5b1
633033ca26ae2a4db456bed189c254e76a967a5215e31e1616665740734b2199
67d1d9575f3b9ff03ef8811676ccbe525251f8614a9157fb23fa1d42231e384b
69bc060c2774752b2d08642f4a2b12234a7a7fcaa5b94727200c5aad1534c310
7dee2ab1cd8678ecd09bdeb9a4d2488308763a0ae8c9cb9fccaa8a5aaf645c08
7ebb29fee3748c62ac6f208993a97fd8aa5895c6b8b55af8722a7b3d32fd14e8
7fff26b4745ee59a6899b87629a817cb4d697be2597dc528b5a086c418427bd3
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
94b7952a9871d011e73f3014e2b2650dd388219f9c078cbdf973a05fb95ac090
9d05010936aaa14dc7a04c7e39e8d07462d8ab1d8fbc473a642fc98624432a5a
a02091250c81ea8ae721cd53d143392c72c91d85af15d7f9d0a3780fac9b721d
a451244b0d9b1af37097f825f846cf2f724c234185e392b5edebf29790b66711
a64719c0bddab42941bdb976df382d71be1b6d5b5702327dc973f3406751e043
a860f581339c3eb3f83a0126c393674fcf260d7a2016451c655237ab4f2fa626
ac530615021b32e91adcf225c7d0e5cdf197fee0b343440bf936904605c8fea9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8ecdd8d4442c7652ed908fbda6a383b1e1cb6ce320436a29dac8f1cf2b19c64
c652379ae059f15b8b20288b380b96c1a9560c2d6f7943aa6d2acadd90a778c9
cc79e92101acae4d7c153f8d01b11f68eeed0518c4b79e1b02fbaf2ed03b7ca9
f04eb8622ee6d5665eae38bf9029378e41032cd1c6f313fc23f5f21d3adfdeda
f2c46cb1cabd1fc25ea1075183b27d4ce89e76f2bf834c67a30764b9c97e170b
f5921c4965da62d28c217f78417adc341b58317c60b0306f922d1aed8df43556