wickedsisters.lt Open in urlscan Pro
2600:1901:0:84ef:: Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wickedsisters.lt/
Submission Tags: phishingrod
Submission: On May 25 via api (May 25th 2024, 8:13:53 am UTC) from DE — Scanned from DE

Summary HTTP 44 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 44 HTTP transactions. The main IP is 2600:1901:0:84ef::, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is wickedsisters.lt.
TLS certificate: Issued by R3 on March 26th 2024. Valid for: 3 months.

This is the only time wickedsisters.lt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2600:1901:0:8... 2600:1901:0:84ef::	15169 (GOOGLE) (GOOGLE)
13	2606:4700:440... 2606:4700:4400::ac40:9a64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::6812:219c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::6812:2b35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f27... 2a03:2880:f276:1c3:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
6	2a03:2880:f27... 2a03:2880:f277:c0:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f27... 2a03:2880:f276:d2:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f27... 2a03:2880:f277:1c6:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
44	10

10 2600:1901:0:84ef:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

wickedsisters.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:4400::ac40:9a64 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.zyrosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:219c (United States)

ASN13335 (CLOUDFLARENET, US)

assets.zyrosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:2b35 (United States)

ASN13335 (CLOUDFLARENET, US)

backend.zyro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-ecommerce.zyro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f276:1c3:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-fra5-2.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f277:c0:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-fra3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f276:d2:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-fra5-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f277:1c6:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-fra3-2.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	zyrosite.com cdn.zyrosite.com — Cisco Umbrella Rank: 149040 assets.zyrosite.com — Cisco Umbrella Rank: 152722	1 MB
12	cdninstagram.com scontent-fra3-1.cdninstagram.com — Cisco Umbrella Rank: 13544 scontent-fra5-1.cdninstagram.com — Cisco Umbrella Rank: 14222 scontent-fra3-2.cdninstagram.com — Cisco Umbrella Rank: 14166 scontent-fra5-2.cdninstagram.com — Cisco Umbrella Rank: 14129	2 MB
10	wickedsisters.lt wickedsisters.lt	230 KB
3	zyro.com backend.zyro.com api-ecommerce.zyro.com — Cisco Umbrella Rank: 999732	3 KB
1	instagram.com graph.instagram.com — Cisco Umbrella Rank: 318	6 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	254 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	103 KB
44	7

	Domain	Requested by
13	cdn.zyrosite.com	wickedsisters.lt cdn.zyrosite.com
10	wickedsisters.lt	wickedsisters.lt
6	scontent-fra3-1.cdninstagram.com
3	scontent-fra5-1.cdninstagram.com
3	assets.zyrosite.com	wickedsisters.lt
2	scontent-fra3-2.cdninstagram.com
2	api-ecommerce.zyro.com	wickedsisters.lt
1	scontent-fra5-2.cdninstagram.com
1	graph.instagram.com	wickedsisters.lt
1	region1.google-analytics.com	www.googletagmanager.com
1	backend.zyro.com	wickedsisters.lt
1	www.googletagmanager.com	wickedsisters.lt
44	12

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com

Subject Issuer	Validity	Valid
wickedsisters.lt R3	`2024-03-26` - `2024-06-24`	3 months	crt.sh
*.zyrosite.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
zyro.com Cloudflare Inc ECC CA-3	`2023-09-16` - `2024-09-15`	a year	crt.sh
*.graph.instagram.com DigiCert SHA2 High Assurance Server CA	`2024-03-03` - `2024-06-01`	3 months	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2024-03-03` - `2024-06-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://wickedsisters.lt/
Frame ID: 48972C44BB16DD5490B75556B01441BF
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rankų darbo papuošalai - išskirtinumas ir elegancija | Wicked Sisters

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

44
Requests

100 %
HTTPS

100 %
IPv6

7
Domains

12
Subdomains

10
IPs

2
Countries

3318 kB
Transfer

4353 kB
Size

2
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/wicked_sisters_accessories/
Title: @wicked_sisters_accessories

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C7JTjSytkcU/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C6wP3IGNvyt/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0v3VgdNMM9/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0qo2ypN4b5/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0pdLvyNDEf/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CwHgh77N-rB/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CvuIToQtFWx/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CueOel-tfGz/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CuOuikqtyxH/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CuJloSsNRRn/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Ct8uL8NN7FZ/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Ct4nU0St43W/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WickedSistersAccessories

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wickedsisters.lt/ 266 KB
26 KB 137ms
63ms Document
text/html 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsisters.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

dd2b0d53fe41f36c46b3cf6c91ecffbfc7b7442a9ace70b7ca35459435aa7ed8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .builder-preview.com .zyro.space .hostinger.com .hostinger.io .hostinger.in *.hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 272632
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 8894116addeb6541-LHR
content-encoding: gzip
content-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
content-type: text/html
date: Sat, 25 May 2024 08:13:46 GMT
etag: W/"73017321d31a2038d3ccb4e0ef674ed3"
last-modified: Sun, 21 Apr 2024 18:32:09 GMT
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger
server: openresty
strict-transport-security: max-age=63072000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-hostinger-datacenter: gcp-euw2
x-hostinger-node: gcp-euw2-builder-edge2
x-powered-by: Zyro.com
x-xss-protection: 1; mode=block

GET
H2 200 font-faces
cdn.zyrosite.com/u1/google-fonts/ 10 KB
2 KB 293ms
171ms Stylesheet
text/css 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Nunito+Sans:wght@400;600&family=Open+Sans:wght@400&display=swap

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efb49b8094861d4278af4c906e2b229b1dc570e9f3542d59ab3dc7a00a9fc67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
x-correlation-id: fBSqBVOn6xsCRykptAAJT
content-encoding: br
cross-origin-resource-policy: cross-origin
x-hostinger-datacenter: gcp
x-xss-protection: 1; mode=block
x-request-id: 200739dbacb58a9a0d4b23ba6924c8f0
last-modified: Fri, 24 May 2024 16:42:31 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups
etag: W/"27ac-7g3OtI/5+GhBcsaDDEUN3x8Ofks"
vary: Origin, Accept-Encoding
x-frame-options: sameorigin
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-ratelimit-reset: 1716569012
x-ratelimit-limit: 20
cf-ray: 8894116c1eb418d2-FRA
timing-allow-origin: *
x-ratelimit-remaining: 19
expires: Sun, 26 May 2024 08:13:46 GMT

GET
H2 200 _slug_.Dd72hQ0A.css
wickedsisters.lt/_astro-1713724308949/ 202 KB
26 KB 81ms
79ms Stylesheet
text/css 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsisters.lt/_astro-1713724308949/_slug_.Dd72hQ0A.css

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

36b12a76c62bbdb89699f5f7d516d6b45d443c32ad3ee51796365f99c58ef37e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .builder-preview.com .zyro.space .hostinger.com .hostinger.io .hostinger.in *.hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
age: 776787
x-powered-by: Zyro.com
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-hostinger-datacenter: gcp-euw2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 21 Apr 2024 18:32:12 GMT
server: openresty
etag: W/"61f11bc2201a08a4b932d6021aad7a8e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
x-hostinger-node: gcp-euw2-builder-edge2
cf-ray: 8894116b6bd048ce-LHR
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger
expires: Mon, 24 Jun 2024 08:13:46 GMT

GET
H2 200 astro-traffic.txt
cdn.zyrosite.com/cdn-builder-placeholders/ 0
214 B 168ms
68ms Other
text/plain 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zyrosite.com/cdn-builder-placeholders/astro-traffic.txt
Requested by: Host: wickedsisters.lt
URL: https://wickedsisters.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 08:31:22 GMT
server: cloudflare
age: 6267136
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 8894116c1eb818d2-FRA
content-length: 0
expires: Sun, 26 May 2024 08:13:46 GMT

GET
H2 200 logo-su-pavadinimu-AwvJjWxvbRTlbapP.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=322,fit=crop,q=95/mnl6nrgPqbuWnJ3a/ 11 KB
11 KB 255ms
153ms Image
image/avif 2606:4700:4400::6812:219c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=322,fit=crop,q=95/mnl6nrgPqbuWnJ3a/logo-su-pavadinimu-AwvJjWxvbRTlbapP.png

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:219c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc45618c17f1a5e06c0be4fa5fbd89bac1cfc72df859d70b1ac39e6052b1fed6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 17 Nov 2023 22:17:28 GMT
cf-bgj: imgq:95,h2pri
server: cloudflare
etag: "cfVZ6Mpag9ohIni_XqrGvFsCFujzm-FBihibotoOWbDQ:a41a409d427b4a0dfbbb744104d9fcb8"
vary: Accept, Accept-Encoding
warning: cf-images 299 "crop fit mode needs both width and height"
content-type: image/avif
accept-ranges: bytes
cf-ray: 8894116c2830900d-FRA
content-length: 11078
cf-resized: internal=ok/m q=0 n=172+0 c=10+66 v=2024.5.2 l=11078

GET
H2 200 bridal-YKbJxEL31kS69K83.jpg
assets.zyrosite.com/cdn-cgi/image/format=auto,w=1920,fit=crop/mnl6nrgPqbuWnJ3a/ 140 KB
140 KB 276ms
175ms Image
image/avif 2606:4700:4400::6812:219c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=1920,fit=crop/mnl6nrgPqbuWnJ3a/bridal-YKbJxEL31kS69K83.jpg

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:219c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18210a354e13afa7184d907cbba5d03113db51bd924474e269c152a3af8fd0aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 19 Apr 2024 18:34:37 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfOo0W9_EBh-BjPbr_rdSZ0vnSFg8dLvU-URRJQLHpDQ:8fb1b85ffa71c0d1fe530d89b4f368e2"
vary: Accept, Accept-Encoding
warning: cf-images 299 "crop fit mode needs both width and height"
content-type: image/avif
accept-ranges: bytes
cf-ray: 8894116c2831900d-FRA
content-length: 143412
cf-resized: internal=ok/h q=0 n=20+187 c=58+1335 v=2024.5.2 l=143412

GET
H2 200 ClientHead.5IER6Rk-.js Show response
wickedsisters.lt/_astro-1713724308949/ 1 KB
2 KB 107ms
106ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsisters.lt/_astro-1713724308949/ClientHead.5IER6Rk-.js

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

f76c34d55ad494b374e8d1eab63f97af414c9f048b56036b272f1a54ff4da034

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .builder-preview.com .zyro.space .hostinger.com .hostinger.io .hostinger.in *.hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Origin: https://wickedsisters.lt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
age: 72911
x-powered-by: Zyro.com
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-hostinger-datacenter: gcp-euw2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 21 Apr 2024 18:32:12 GMT
server: openresty
etag: W/"804776cbbe1e51117848482c8e2ae328"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
x-hostinger-node: gcp-euw2-builder-edge2
cf-ray: 8894116d4a4f6334-LHR
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger
expires: Mon, 24 Jun 2024 08:13:46 GMT

GET
H2 200 client.D_rY9gnP.js Show response
wickedsisters.lt/_astro-1713724308949/ 2 KB
2 KB 180ms
180ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsisters.lt/_astro-1713724308949/client.D_rY9gnP.js

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

4b93c34c2baba562c27b52ee8eaba056b7a8d1cafb49d026510e2e193164d6c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .builder-preview.com .zyro.space .hostinger.com .hostinger.io .hostinger.in *.hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Origin: https://wickedsisters.lt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
x-powered-by: Zyro.com
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-hostinger-datacenter: gcp-euw2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 21 Apr 2024 18:32:12 GMT
server: openresty
etag: W/"dea6607c794b03eabf49f78424580137"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
x-hostinger-node: gcp-euw2-builder-edge2
cf-ray: 8894116d4bd279bd-LHR
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger
expires: Mon, 24 Jun 2024 08:13:46 GMT

GET
H2 200 Page.DrNO2A5_.js Show response
wickedsisters.lt/_astro-1713724308949/ 479 KB
134 KB 60ms
60ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsisters.lt/_astro-1713724308949/Page.DrNO2A5_.js

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

ad9757330ef92206af279f31abe22791ef38d3bae960fcf1280713e0741efa82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .builder-preview.com .zyro.space .hostinger.com .hostinger.io .hostinger.in *.hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Origin: https://wickedsisters.lt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
age: 776786
x-powered-by: Zyro.com
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-hostinger-datacenter: gcp-euw2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 21 Apr 2024 18:32:12 GMT
server: openresty
etag: W/"e3df4d6dc7ca15f66313998f7cc3dba2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
x-hostinger-node: gcp-euw2-builder-edge2
cf-ray: 8894116d4c489455-LHR
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger
expires: Mon, 24 Jun 2024 08:13:46 GMT

GET
H2 200 Integrations.DvHG1X-h.js Show response
wickedsisters.lt/_astro-1713724308949/ 3 KB
3 KB 57ms
57ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsisters.lt/_astro-1713724308949/Integrations.DvHG1X-h.js

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

6b24e9539c9498fd8b2b12736bc1ecd4105b4fe097860ffe15606b63eaa2336b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .builder-preview.com .zyro.space .hostinger.com .hostinger.io .hostinger.in *.hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Origin: https://wickedsisters.lt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
age: 776786
x-powered-by: Zyro.com
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-hostinger-datacenter: gcp-euw2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 21 Apr 2024 18:32:12 GMT
server: openresty
etag: W/"a0d4d69b699f01d2651d9f55939bfdd0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
x-hostinger-node: gcp-euw2-builder-edge2
cf-ray: 8894116d4d533695-LHR
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger
expires: Mon, 24 Jun 2024 08:13:46 GMT

GET
H2 200 font-file
cdn.zyrosite.com/u1/google-fonts/ 14 KB
14 KB 217ms
170ms Font
font/woff2 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Nunito+Sans:wght@400&subset=latin&display=swap

Requested by

Host: cdn.zyrosite.com
URL: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Nunito+Sans:wght@400;600&family=Open+Sans:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f99e08a50e93e6cd9aaeecf4e8d473db705aa0e5ebac2e1127f9ee9fbe93e1f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Nunito+Sans:wght@400;600&family=Open+Sans:wght@400&display=swap
Origin: https://wickedsisters.lt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
x-correlation-id: oJXf7NqOXj0fs2SzcvTvQ
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename=pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilXs1UlIfM0qh1d.woff2
x-hostinger-datacenter: gcp
content-length: 13884
x-xss-protection: 1; mode=block
x-request-id: eb4e86540cf6bb946c3ec371eceffc25
last-modified: Thu, 27 Apr 2023 01:23:12 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
etag: W/"363c-a7nUj+cgWny8OAlh4n1vwhjEoio"
vary: Origin, Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-frame-options: sameorigin
accept-ranges: bytes
cf-ray: 8894116daf308ed9-FRA
timing-allow-origin: *
expires: Sun, 25 May 2025 08:13:46 GMT

GET
H2 200 font-file
cdn.zyrosite.com/u1/google-fonts/ 14 KB
15 KB 214ms
168ms Font
font/woff2 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Nunito+Sans:wght@600&subset=latin&display=swap

Requested by

Host: cdn.zyrosite.com
URL: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Nunito+Sans:wght@400;600&family=Open+Sans:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

172a9ce06eb4e14fab841f2a749d4eb771216e825b4710d0ef556dc4ab6b3fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Nunito+Sans:wght@400;600&family=Open+Sans:wght@400&display=swap
Origin: https://wickedsisters.lt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
x-correlation-id: afEI_rtv1uo9R-NSnhCyV
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename=pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4GCC5Xs1UlIfM0qh1d.woff2
x-hostinger-datacenter: gcp
content-length: 14048
x-xss-protection: 1; mode=block
x-request-id: cdc9f867f308eef8251e22e191888764
last-modified: Thu, 27 Apr 2023 01:23:12 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
etag: W/"36e0-1LcehaNFSvTjTUArdAMLuLuQGDY"
vary: Origin, Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-frame-options: sameorigin
accept-ranges: bytes
cf-ray: 8894116daf368ed9-FRA
timing-allow-origin: *
expires: Sun, 25 May 2025 08:13:46 GMT

GET
H2 200 font-file
cdn.zyrosite.com/u1/google-fonts/ 13 KB
13 KB 252ms
206ms Font
font/woff2 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Open+Sans:wght@400&subset=latin&display=swap

Requested by

Host: cdn.zyrosite.com
URL: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Nunito+Sans:wght@400;600&family=Open+Sans:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf7a9b63d60d4a71bfbfa5967a9815cd6f78d321bb4acadc4556173ec66bb15c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Nunito+Sans:wght@400;600&family=Open+Sans:wght@400&display=swap
Origin: https://wickedsisters.lt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: MISS
x-correlation-id: HsVT-shag8mo5ghjo8iE2
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename=memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVIUwaEQbjA.woff2
x-hostinger-datacenter: gcp
content-length: 13456
x-xss-protection: 1; mode=block
x-request-id: cafe64fcc5079e8ba9576716f02b3bd3
last-modified: Thu, 14 Dec 2023 01:59:40 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
etag: W/"3490-VLgKOBoZyGSYz2tayhxVa4LOIq8"
vary: Origin, Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-frame-options: sameorigin
accept-ranges: bytes
cf-ray: 8894116daf348ed9-FRA
timing-allow-origin: *
expires: Sun, 25 May 2025 08:13:46 GMT

GET
H2 200 font-file
cdn.zyrosite.com/u1/google-fonts/ 13 KB
13 KB 284ms
237ms Font
font/woff2 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Nunito+Sans:wght@600&subset=latin-ext&display=swap

Requested by

Host: cdn.zyrosite.com
URL: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Nunito+Sans:wght@400;600&family=Open+Sans:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fb23250f65b31bddf09baa58a36a1e9e35e2e212f6be9e663b1462629acc368

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Nunito+Sans:wght@400;600&family=Open+Sans:wght@400&display=swap
Origin: https://wickedsisters.lt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-correlation-id: 2Vh8WTIVMeIzRnINQVw6K
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename=pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4GCC5XvVUlIfM0qh1d65g.woff2
x-hostinger-datacenter: gcp
content-length: 13336
x-xss-protection: 1; mode=block
x-request-id: cb265f877ec0ed8284aee416127a1d38
last-modified: Thu, 27 Apr 2023 00:56:48 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
etag: W/"3418-q4PDqgj36VBPPIQ3SKMC+ow6b08"
vary: Origin, Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-frame-options: sameorigin
accept-ranges: bytes
cf-ray: 8894116daf338ed9-FRA
timing-allow-origin: *
expires: Sun, 25 May 2025 08:13:46 GMT

GET
H2 200 _plugin-vue_export-helper.DFdUoSSK.js Show response
wickedsisters.lt/_astro-1713724308949/ 63 KB
26 KB 64ms
64ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsisters.lt/_astro-1713724308949/_plugin-vue_export-helper.DFdUoSSK.js

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

7731bda194489251812694dfd06428ad67a15b476483e1779dd953950c0861a9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .builder-preview.com .zyro.space .hostinger.com .hostinger.io .hostinger.in *.hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/_astro-1713724308949/Integrations.DvHG1X-h.js
Origin: https://wickedsisters.lt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
age: 776786
x-powered-by: Zyro.com
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-hostinger-datacenter: gcp-euw2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 21 Apr 2024 18:32:12 GMT
server: openresty
etag: W/"4b0a13243c2bcce11240eecdc5c9fb62"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
x-hostinger-node: gcp-euw2-builder-edge2
cf-ray: 8894116da95ddc63-LHR
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger
expires: Mon, 24 Jun 2024 08:13:46 GMT

GET
H2 200 scrollToSection.BvqORgB0.js Show response
wickedsisters.lt/_astro-1713724308949/ 13 KB
7 KB 61ms
60ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsisters.lt/_astro-1713724308949/scrollToSection.BvqORgB0.js

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

eda53efce02c7c21f272f2bce73fd854b0e859d7c237e1f7471c713ec4869947

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .builder-preview.com .zyro.space .hostinger.com .hostinger.io .hostinger.in *.hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/_astro-1713724308949/Page.DrNO2A5_.js
Origin: https://wickedsisters.lt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
age: 776785
x-powered-by: Zyro.com
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-hostinger-datacenter: gcp-euw2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 21 Apr 2024 18:32:12 GMT
server: openresty
etag: W/"3e942f3eb2a89b3395cc6c658d466505"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
x-hostinger-node: gcp-euw2-builder-edge2
cf-ray: 8894116e1f6f9400-LHR
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger
expires: Mon, 24 Jun 2024 08:13:46 GMT

GET
H2 200 index.F1yg2eyd.js Show response
wickedsisters.lt/_astro-1713724308949/ 5 KB
2 KB 180ms
179ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsisters.lt/_astro-1713724308949/index.F1yg2eyd.js

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

af61ad765cbc0ba06b1eb06d400bc36de58816129c155810389b0cb8bdfc889e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .builder-preview.com .zyro.space .hostinger.com .hostinger.io .hostinger.in *.hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/_astro-1713724308949/Page.DrNO2A5_.js
Origin: https://wickedsisters.lt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
x-powered-by: Zyro.com
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-hostinger-datacenter: gcp-euw2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 21 Apr 2024 18:32:12 GMT
server: openresty
etag: W/"27599ff99673c916c817391fef1d705a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
x-hostinger-node: gcp-euw2-builder-edge2
cf-ray: 8894116e1c09730e-LHR
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger
expires: Mon, 24 Jun 2024 08:13:46 GMT

GET
H2 200 addDocumentElements.DKUXGbzq.js Show response
wickedsisters.lt/_astro-1713724308949/ 5 KB
3 KB 171ms
170ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsisters.lt/_astro-1713724308949/addDocumentElements.DKUXGbzq.js

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

03096b6b3e2d5a76712bf07d183cabb006519b82d3dff32564373a80f3056301

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .builder-preview.com .zyro.space .hostinger.com .hostinger.io .hostinger.in *.hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/_astro-1713724308949/Page.DrNO2A5_.js
Origin: https://wickedsisters.lt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
x-powered-by: Zyro.com
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-hostinger-datacenter: gcp-euw2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 21 Apr 2024 18:32:12 GMT
server: openresty
etag: W/"27e567be6e29f06f0112a4369bf7a0b8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
x-hostinger-node: gcp-euw2-builder-edge2
cf-ray: 8894116e1c2594ab-LHR
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger
expires: Mon, 24 Jun 2024 08:13:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
103 KB 93ms
42ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QBDXR1J0CJ

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/_astro-1713724308949/addDocumentElements.DKUXGbzq.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f90ea4410ec2b017335638fd9b779204ad87b59699e2537545ba934e6ab08dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104940
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 25 May 2024 08:13:46 GMT

GET
H3 200 zBkboc Show response
backend.zyro.com/u1/instagram/token/mnl6nrgPqbuWnJ3a/ 167 B
533 B 248ms
205ms Fetch
application/json 2606:4700:4400::6812:2b35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.zyro.com/u1/instagram/token/mnl6nrgPqbuWnJ3a/zBkboc

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/_astro-1713724308949/Page.DrNO2A5_.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2b35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c8c932d50296280a34ff534f9224ceafa1b57bd2a82baa9124d458354bd6350

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:47 GMT
x-correlation-id: tc1kICkZ85oQgQKXZaimO
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
cf-cache-status: DYNAMIC
content-encoding: br
x-hostinger-datacenter: gcp
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3978f3a6e09f63690c58543841041688
server: cloudflare
etag: W/"a7-+0h5g4szg40C2+GFhWI+JIA4KgU"
vary: Origin
x-ratelimit-remaining: 49
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wickedsisters.lt
x-frame-options: sameorigin
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-ratelimit-reset: 1716624887
x-ratelimit-limit: 50
cf-ray: 8894116fdb28373a-FRA

GET
H3 200 products Show response
api-ecommerce.zyro.com/store/store_01HFSBGD5ANBNQWXA8D4JE2XR2/ 8 KB
2 KB 210ms
166ms Fetch
application/json 2606:4700:4400::6812:2b35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-ecommerce.zyro.com/store/store_01HFSBGD5ANBNQWXA8D4JE2XR2/products?ids[]=prod_01HGBP9QRBW44CTSAFS6SZDABH&ids[]=prod_01HFSBGD6P2R2HC15FRDXT9GJF&ids[]=prod_01HVVX2V9FMJ7HNNBZCTQCHT51&ids[]=prod_01HFSV6379XMBPV6YEGDX1DAHQ&ids[]=prod_01HFSBGD7DYA3EC9W3B7E62VQ5&ids[]=prod_01HFSWS61FYXKVK659AAYJN910

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/_astro-1713724308949/Page.DrNO2A5_.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2b35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e501dc5b5e6895d420c1db9ffd482b285522c63dac07dd6c7482b8c2e238bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:47 GMT
x-correlation-id: 8NjjzjVW9JnFlWAa7yKvN
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
cf-cache-status: DYNAMIC
content-encoding: br
x-hostinger-datacenter: gcp
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6ecd4557b21e294442449326131dac7b
server: cloudflare
etag: W/"202c-qX1W/lzUkSiZgxuHrcOH4WhKq8I"
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-hostinger-node: us-central1
cf-ray: 8894116feb2d373a-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 81ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QBDXR1J0CJ&gtm=45je45m0v9173685974za200&_p=1716624826740&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=233034437.1716624827&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716624826&sct=1&seg=0&dl=https%3A%2F%2Fwickedsisters.lt%2F&dt=Rank%C5%B3%20darbo%20papuo%C5%A1alai%20-%20i%C5%A1skirtinumas%20ir%20elegancija%20%7C%20Wicked%20Sisters&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=952
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QBDXR1J0CJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 25 May 2024 08:13:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedsisters.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 asset-1-656ba32098838-mjEQGoM2DrFOMVqJ.webp
assets.zyrosite.com/cdn-cgi/image/format=auto,w=48,h=48,fit=crop,f=png/mnl6nrgPqbuWnJ3a/ 2 KB
2 KB 152ms
151ms Other
image/png 2606:4700:4400::6812:219c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=48,h=48,fit=crop,f=png/mnl6nrgPqbuWnJ3a/asset-1-656ba32098838-mjEQGoM2DrFOMVqJ.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:219c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14f7ae367a002d4e1287566469a807daa4aa12ba84f7d9b881a67c57da19c89c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:47 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2103
cf-resized: internal=ok/m q=0 n=98+0 c=5+30 v=2024.5.2 l=2103
last-modified: Sat, 02 Dec 2023 21:36:27 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfa7e058p-oSKQvNN2ch5mw0deGI3UBfwwkm_g_cwoDQ:76bd807301e02340ad84dd9dbaa6462b"
vary: Accept, Accept-Encoding
warning: cf-images 299 "JPEG vs PNG selection is automatic"
content-type: image/png
accept-ranges: bytes
cf-ray: 889411705c11900d-FRA
priority: u=4;i=?0,cf-chb=(37;u=4;i 948;u=5;i=?0)

GET
H3 200 variants Show response
api-ecommerce.zyro.com/store/store_01HFSBGD5ANBNQWXA8D4JE2XR2/ 416 B
482 B 400ms
399ms Fetch
application/json 2606:4700:4400::6812:2b35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-ecommerce.zyro.com/store/store_01HFSBGD5ANBNQWXA8D4JE2XR2/variants?fields=inventory_quantity&product_ids[]=prod_01HGBP9QRBW44CTSAFS6SZDABH&product_ids[]=prod_01HFSBGD6P2R2HC15FRDXT9GJF&product_ids[]=prod_01HVVX2V9FMJ7HNNBZCTQCHT51&product_ids[]=prod_01HFSV6379XMBPV6YEGDX1DAHQ&product_ids[]=prod_01HFSBGD7DYA3EC9W3B7E62VQ5&product_ids[]=prod_01HFSWS61FYXKVK659AAYJN910

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/_astro-1713724308949/Page.DrNO2A5_.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2b35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9591f824f1f0f8aaff7ce877b974486e39e8944d9fc0ff4c93975b8898b0d48e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:47 GMT
x-correlation-id: swopbZyVCMIAB4M_2gFxY
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
cf-cache-status: DYNAMIC
content-encoding: br
x-hostinger-datacenter: gcp
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9344a066ad0cc6e47de5ed1486d31f08
server: cloudflare
etag: W/"1a0-uR/GVxKLQUeinAJJVwJ1S/6QBiI"
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-hostinger-node: us-central1
cf-ray: 88941170ec46373a-FRA

GET
H2 200 media Show response
graph.instagram.com/me/ 18 KB
6 KB 844ms
786ms Fetch
application/json 2a03:2880:f276:1c3:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.instagram.com/me/media?fields=id%2Cpermalink%2Ccaption%2Cmedia_url%2Cthumbnail_url&access_token=IGQWROaDJ1RXFadXpubmpiMEUwRlhOMjAxQzdSYnhYeGVVQVo1amVtVC1WdF9wVVB6eXdjTHFVMUpjcEU2aDN2V3B1RU9vTHZAqVjQ4dENxakhmX3pxLUpCTUVtTFN5UDRIUXRjRjhiRjY5UQZDZD

Requested by

Host: wickedsisters.lt
URL: https://wickedsisters.lt/_astro-1713724308949/Page.DrNO2A5_.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

229cec88d1ba4d33408d5cb06b991355223f6cf32db2853f8db58b8b0293a7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: zstd
date: Sat, 25 May 2024 08:13:47 GMT
x-app-usage: {"call_volume":0,"cpu_time":0}
cross-origin-resource-policy: cross-origin
x-fb-rev: 1013761256
content-length: 5449
pragma: no-cache
x-fb-debug: +nx2Fmiy9HfNdYoVCMJ2XgfaXXA5vNDRVBWc0zeM/quma10LO5LqlxvBwZCdHWFWYpKs8oLmjEJBnDfJLo4SgA==
x-fb-trace-id: G3RSP3ap8Qk
x-stack: www
etag: "3ad6c94d9bafca9ec1096ba79561c74d88fc0454"
vary: Origin, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AZvPCiIBYrCT2iYHAsluVad
instagram-api-version: v17.0
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 font-file
cdn.zyrosite.com/u1/google-fonts/ 13 KB
13 KB 195ms
195ms Font
font/woff2 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Nunito+Sans:wght@400&subset=latin-ext&display=swap

Requested by

Host: cdn.zyrosite.com
URL: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Nunito+Sans:wght@400;600&family=Open+Sans:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6e9454f997c545ca31447a06656349221818e15f7653f8b5c05252a67444070

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Nunito+Sans:wght@400;600&family=Open+Sans:wght@400&display=swap
Origin: https://wickedsisters.lt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:47 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: MISS
x-correlation-id: Hj5n5dZi4qlkH4U3d2J23
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename=pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilXvVUlIfM0qh1d65g.woff2
x-hostinger-datacenter: gcp
content-length: 13264
x-xss-protection: 1; mode=block
x-request-id: 77c1899f6f9c0303fb6bdcdfc0b938e1
last-modified: Thu, 27 Apr 2023 00:47:48 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
etag: W/"33d0-yfXnQW+Zxx2ip8DhY/VlX0HZ2MM"
vary: Origin, Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-frame-options: sameorigin
accept-ranges: bytes
cf-ray: 889411739e558ed9-FRA
timing-allow-origin: *
expires: Sun, 25 May 2025 08:13:47 GMT

GET
H2 200 store_01HFSBGD5ANBNQWXA8D4JE2XR2%2Fassets%2F1703176553480-Aish%20auskarai.webp
cdn.zyrosite.com/cdn-cgi/image/format=auto,w=392,h=392,fit=scale-down,q=100/cdn-ecommerce/ 39 KB
40 KB 792ms
791ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.zyrosite.com/cdn-cgi/image/format=auto,w=392,h=392,fit=scale-down,q=100/cdn-ecommerce/store_01HFSBGD5ANBNQWXA8D4JE2XR2%2Fassets%2F1703176553480-Aish%20auskarai.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5658809b511af2e9f1ee40cae0f9cf5341ea51f89a7336dc57f9099ea1c0d7c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 16:35:53 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfPXVzUUg3Bwy1lZSSjZi_qiexcD0uuX99lip05cY2DQ:14c663fefa5dee569813e426a0bb0c08"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 889411739f1f18d2-FRA
content-length: 40393
cf-resized: internal=ok/m q=0 n=451+167 c=0+0 v=2024.5.2 l=40393

GET
H2 200 store_01HFSBGD5ANBNQWXA8D4JE2XR2%2Fassets%2F1703177395654-algar2.webp
cdn.zyrosite.com/cdn-cgi/image/format=auto,w=392,h=392,fit=scale-down,q=100/cdn-ecommerce/ 203 KB
204 KB 714ms
712ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.zyrosite.com/cdn-cgi/image/format=auto,w=392,h=392,fit=scale-down,q=100/cdn-ecommerce/store_01HFSBGD5ANBNQWXA8D4JE2XR2%2Fassets%2F1703177395654-algar2.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8293a451f5026e317c11106ea52fc9163c633e2ac8c1ce1120c75499bda33245

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 16:49:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfJctvouqSBUdLf5sVp-liCaxhcD0uuX99lip05cY2DQ:773c050c5fd5fc904154fd5d79c39d37"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 889411739f2218d2-FRA
content-length: 208228
cf-resized: internal=ok/m q=0 n=212+203 c=0+0 v=2024.5.2 l=208228

GET
H2 200 store_01HFSBGD5ANBNQWXA8D4JE2XR2%2Fassets%2F1713554402121-Astrid%20earrings.jpg
cdn.zyrosite.com/cdn-cgi/image/format=auto,w=392,h=392,fit=scale-down,q=100/cdn-ecommerce/ 219 KB
220 KB 656ms
655ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.zyrosite.com/cdn-cgi/image/format=auto,w=392,h=392,fit=scale-down,q=100/cdn-ecommerce/store_01HFSBGD5ANBNQWXA8D4JE2XR2%2Fassets%2F1713554402121-Astrid%20earrings.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1813fe1d949806387a7972a37ead5676600fba4515f09180992bd96ab18eded6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 19:20:02 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfIOZmSEAKgFlVNCEtgVezOYFXcD0uuX99lip05cY2DQ:801cb7adf8e7ae99e6d4f59a6b6f78f0"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 889411739f2518d2-FRA
content-length: 224699
cf-resized: internal=ok/m q=0 n=272+96 c=0+0 v=2024.5.2 l=224699

GET
H2 200 store_01HFSBGD5ANBNQWXA8D4JE2XR2%2Fassets%2F1703177006852-333%20(1).webp
cdn.zyrosite.com/cdn-cgi/image/format=auto,w=392,h=392,fit=scale-down,q=100/cdn-ecommerce/ 135 KB
135 KB 755ms
754ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.zyrosite.com/cdn-cgi/image/format=auto,w=392,h=392,fit=scale-down,q=100/cdn-ecommerce/store_01HFSBGD5ANBNQWXA8D4JE2XR2%2Fassets%2F1703177006852-333%20(1).webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a612d6c449b67b33cdd2e70415dac5e8960f508889ad944b5d007d4eb0c7dda

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 16:43:27 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfbJ4JXEJf_PtJIbpuGXZFOvE-cD0uuX99lip05cY2DQ:c86af8802f8439e932a9f94c021b1d56"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 889411739f2718d2-FRA
content-length: 137871
cf-resized: internal=ok/m q=0 n=224+258 c=0+0 v=2024.5.2 l=137871

GET
H2 200 store_01HFSBGD5ANBNQWXA8D4JE2XR2%2Fassets%2F1703177354116-3%20(1).webp
cdn.zyrosite.com/cdn-cgi/image/format=auto,w=392,h=392,fit=scale-down,q=100/cdn-ecommerce/ 243 KB
244 KB 198ms
197ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.zyrosite.com/cdn-cgi/image/format=auto,w=392,h=392,fit=scale-down,q=100/cdn-ecommerce/store_01HFSBGD5ANBNQWXA8D4JE2XR2%2Fassets%2F1703177354116-3%20(1).webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a27e4e1af3e923169ae11a4fef4c1d0ea92932aeee36a1df3303b706647b6a71

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:47 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 21 Dec 2023 16:49:14 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfls-vkibalknyn6i2F9U5HFSTcD0uuX99lip05cY2DQ:96e4e617a47eb2fc56ebfa7fdb2fc901"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 889411739f2a18d2-FRA
content-length: 249338
cf-resized: internal=ok/m q=0 n=309+183 c=76+521 v=2024.5.2 l=249338

GET
H2 200 store_01HFSBGD5ANBNQWXA8D4JE2XR2%2Fassets%2F1703176773525-Bellatrix%20auskarai.webp
cdn.zyrosite.com/cdn-cgi/image/format=auto,w=392,h=392,fit=scale-down,q=100/cdn-ecommerce/ 70 KB
70 KB 421ms
420ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.zyrosite.com/cdn-cgi/image/format=auto,w=392,h=392,fit=scale-down,q=100/cdn-ecommerce/store_01HFSBGD5ANBNQWXA8D4JE2XR2%2Fassets%2F1703176773525-Bellatrix%20auskarai.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44c24e38cadc726bdd7c5452225d848123ba6312e75859e05dc2f64772b5aa60

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:47 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 16:39:33 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfZL8o1kn2ptlnR_9cVLrdTVwzcD0uuX99lip05cY2DQ:01df88369aa47c2ccdbf75c51631084f"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 889411739f2c18d2-FRA
content-length: 71550
cf-resized: internal=ok/m q=0 n=142+112 c=0+0 v=2024.5.2 l=71550

GET
H3 200 355683983_6198409893577937_9104910872421026690_n.heic
scontent-fra3-1.cdninstagram.com/v/t51.29350-15/ 147 KB
147 KB 347ms
316ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra3-1.cdninstagram.com/v/t51.29350-15/355683983_6198409893577937_9104910872421026690_n.heic?stp=dst-jpg&_nc_cat=108&ccb=1-7&_nc_sid=18de74&_nc_ohc=65GbiK0VP7IQ7kNvgFVsz5W&_nc_ht=scontent-fra3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AYB38LXZKW8WWXIFDfYJaSJarGFfTJ4BkMdJJyqGpYiIog&oe=6657802B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1df9ca3620ff4f456dab066e6d7c37537ad05362c6b90a648eb0fc96efcb3f62

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-digest: adler32=1249149090
thrift_fmhk: GBCChCBZLukwcJkvKEGG1/mkFeq3uckLvFUAHCYEAAAA
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 150878
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=271, mss=1232, tbw=307089, tp=263, tpl=0, uplat=295, ullat=0
last-modified: Sat, 24 Jun 2023 19:16:05 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: qa2-V4_FLv9tgv4CBSUGg2nRhUVZ_ZOxSclB8Lvb1TZDqFRdtLDJJuuwDxUhBh4PzjtTRBbYNbh9qsZVOYCPmv5J0VogptoAqHUqiUW_An54lgckrjEML_8zWndov-ADfHUaVN4F0i5wrIkikd2tFw
x-needle-checksum: 4282016607
accept-ranges: bytes
timing-allow-origin: *
priority: u=3,i

GET
H3 200 356367192_1055777542061830_239419221066965688_n.heic
scontent-fra5-1.cdninstagram.com/v/t51.29350-15/ 206 KB
206 KB 256ms
225ms Image
image/jpeg 2a03:2880:f276:d2:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra5-1.cdninstagram.com/v/t51.29350-15/356367192_1055777542061830_239419221066965688_n.heic?stp=dst-jpg&_nc_cat=110&ccb=1-7&_nc_sid=18de74&_nc_ohc=P3yQrQPbINcQ7kNvgGK-jdI&_nc_ht=scontent-fra5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AYCFu3BU_YUM2uIGBAlXzGM7t_vPDjSRLClhi9SSsT9lHg&oe=665768C0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f276:d2:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6280bc7581dca7acd408e1cfc4f475422b3379d5a26e219aee4b5d76a272d546

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-digest: adler32=2448891197
thrift_fmhk: GBAgGyrteWcgc+Vs20451AMTFeq3uckLvFUAHCYEAAAA
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 210454
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=33, mss=1232, tbw=4419, tp=12, tpl=0, uplat=205, ullat=0
last-modified: Mon, 26 Jun 2023 09:24:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: TXj4x1YeEDaSexD0879ex_c1KAYOPmfYpQYNrXrpbEZ5PrU6vGjK6kCVphzEi_9CRoi50maMcLSzWvkoKGbj_hy-wSyTs9gu1znUMSQRQe8BSbJ00c6RpANPXeKPaBhDsJai0PXqS93yr7ZS-8OFLA
x-needle-checksum: 1375776328
accept-ranges: bytes
timing-allow-origin: *
priority: u=3,i

GET
H3 200 356891296_653452439621903_2287241421078001596_n.heic
scontent-fra3-2.cdninstagram.com/v/t51.29350-15/ 159 KB
159 KB 410ms
377ms Image
image/jpeg 2a03:2880:f277:1c6:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra3-2.cdninstagram.com/v/t51.29350-15/356891296_653452439621903_2287241421078001596_n.heic?stp=dst-jpg&_nc_cat=111&ccb=1-7&_nc_sid=18de74&_nc_ohc=rzV3bB048eUQ7kNvgFjRGif&_nc_ht=scontent-fra3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AYBE8i0JnqDEOQWftz2XGeZHn0oVxyGJRexc8WjBbPzRYw&oe=66576E65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f277:1c6:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: cb2df0484183432a8bf4efc41cb41fe8908fc5e0a2a327cd4a6720b13779a676

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-digest: adler32=3505856687
thrift_fmhk: GBCPeaaub3uTA3E0MtjuZoN+Feq3uckLvFUAHCYEAAAA
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 162861
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=108, mss=1232, tbw=107240, tp=97, tpl=0, uplat=357, ullat=0
last-modified: Sat, 01 Jul 2023 09:29:16 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: r9F-vTZAj9AhIaR-SlrlFZwq8zqeI35bSW2o_C3Lif2M-LjE7droM-neDTB0CbNBpKBi-HpVcPr2LWiweT6Z-Lz5-HtCf9wAxDqrtBooNB3rxBZ5nOc-sTavYmvx09rhinxNsKpLDhS8JAky2c5UJg
x-needle-checksum: 3155563251
accept-ranges: bytes
timing-allow-origin: *
priority: u=3,i

GET
H3 200 357292119_3213431925615768_7621236715787730206_n.heic
scontent-fra3-1.cdninstagram.com/v/t51.29350-15/ 227 KB
227 KB 252ms
225ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra3-1.cdninstagram.com/v/t51.29350-15/357292119_3213431925615768_7621236715787730206_n.heic?stp=dst-jpg&_nc_cat=108&ccb=1-7&_nc_sid=18de74&_nc_ohc=mQ2as_w0NwYQ7kNvgFWp4Kn&_nc_ht=scontent-fra3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AYDVLXy9NZPHgOR1O9ckLmoTs_15NMur6BC2oRBge7kucA&oe=66578611
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 30d35452d16ae3fc8eaa71cfd5a23e5e9f3102df22fdeeb05807bd88b1bbfbb9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-digest: adler32=2145648362
thrift_fmhk: GBDOMH1MS5gGx05B/T/TrLvmFeq3uckLvFUAHCYEAAAA
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 232724
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=33, mss=1232, tbw=4785, tp=15, tpl=0, uplat=205, ullat=0
last-modified: Mon, 03 Jul 2023 09:20:39 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: iScp0BIrjH8sBjGW9prWgkxF3pqR6-M052VEKB5-0KOd_4IKKA4fW7nzVAo_G7CiPNOwnOUBkIG1W_5hgouv40jtwLuPwxz5yGe0lpWw7zuNMvis53WNaMbjkXmqRPqW8nS49E_qqfeMkRePj83uAA
x-needle-checksum: 1855096972
accept-ranges: bytes
timing-allow-origin: *
priority: u=3,i

GET
H3 200 358500772_1135350004088138_5975592882639691448_n.heic
scontent-fra5-1.cdninstagram.com/v/t51.29350-15/ 169 KB
170 KB 351ms
324ms Image
image/jpeg 2a03:2880:f276:d2:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra5-1.cdninstagram.com/v/t51.29350-15/358500772_1135350004088138_5975592882639691448_n.heic?stp=dst-jpg&_nc_cat=102&ccb=1-7&_nc_sid=18de74&_nc_ohc=Yd_e50l4cGkQ7kNvgFUkZ_t&_nc_ht=scontent-fra5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AYA7idpnfYWAFpQFSn6_cy1fdwjVxRRusmEVopxuOj4xng&oe=66576CCC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f276:d2:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a1212a85448e32e492a187f6a3aadbf89eb27627f967abc7b6f1e812fc510ea7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-digest: adler32=3663691910
thrift_fmhk: GBDn9PGSeYT2ihBUnHb3OvxoFeq3uckLvFUAHCYEAAAA
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 173560
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=202, mss=1232, tbw=219811, tp=188, tpl=0, uplat=304, ullat=0
last-modified: Sun, 09 Jul 2023 09:44:50 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: 2w6kOveJlcJSHcgp5pxV9nLfMBoxmpFz12U2nlcrZF2n2CJ8qyla4d1HfGAt5pQ6FPpNVgA3EanJ-u1AVOCIzzrLh3E2_708h6CmvEgteQwJt0r917XcOC-Q8QnWNOPwcAGHeny43qIGme2HkZJHOQ
x-needle-checksum: 2207128813
accept-ranges: bytes
timing-allow-origin: *
priority: u=3,i

GET
H3 200 366069366_138937202547763_4424141148135733240_n.heic
scontent-fra5-1.cdninstagram.com/v/t51.29350-15/ 190 KB
191 KB 416ms
390ms Image
image/jpeg 2a03:2880:f276:d2:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra5-1.cdninstagram.com/v/t51.29350-15/366069366_138937202547763_4424141148135733240_n.heic?stp=dst-jpg&_nc_cat=102&ccb=1-7&_nc_sid=18de74&_nc_ohc=XJuhZEI749MQ7kNvgErnBhx&_nc_ht=scontent-fra5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AYARqLGjBD2cbz-gqwECYiSZSryODMbMherFbBNGQsxRzg&oe=6657626B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f276:d2:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c5102b3a38021bb39f7e7f79f48d907949d717792e8f4a36b340152757707373

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-digest: adler32=1094747600
thrift_fmhk: GBBi+kJRKNeJpjNqSFeY/SBnFeq3uckLvFUAHCYEAAAA
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 194974
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=292, mss=1232, tbw=397283, tp=334, tpl=0, uplat=370, ullat=0
last-modified: Wed, 09 Aug 2023 10:36:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: yi3Tfx1n3E96oFO9NXGOlPkpqZRZ7upr7yq0qEFY7PaCvCKGiALyJuKULro2_tiIgGvMjLIethxjZunQ9HuAJKtQoRiZo_dLqlckx-890qw12QlgQRzlonC5DbaVZRgsH1MQQ1hG7nAbcVYvzb4GYA
x-needle-checksum: 1653130031
accept-ranges: bytes
timing-allow-origin: *
priority: u=3,i

GET
H3 200 368560977_3557823307878080_9182541285099659001_n.heic
scontent-fra3-1.cdninstagram.com/v/t51.29350-15/ 147 KB
147 KB 352ms
329ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra3-1.cdninstagram.com/v/t51.29350-15/368560977_3557823307878080_9182541285099659001_n.heic?stp=dst-jpg&_nc_cat=108&ccb=1-7&_nc_sid=18de74&_nc_ohc=i0Yb5TKiAngQ7kNvgF6HHU2&_nc_ht=scontent-fra3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AYBAgrh8T_9bSr9eRi6DbTA9EaIJKdiBPWIZZCS0kdCztw&oe=66577629
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e514cbf1e29f3d19f699fc2adc39c9581f509f65865c7a897a1ec0c255e2c99c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-digest: adler32=3931127237
thrift_fmhk: GBBVCM7WdV/aJ053ej5zxFbcFeq3uckLvFUAHCYEAAAA
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 150660
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=271, mss=1232, tbw=434465, tp=376, tpl=0, uplat=309, ullat=0
last-modified: Sat, 19 Aug 2023 07:07:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: iJp7hl_jb5eORS5yzjY03URr_lCo_W9692UmnhupAAuYpHwvvbEHbotGO_K8Ifvi1Dpxsu3LlmlpYG72AENSdaufnyASRazH-Mg73vSpY8sJAlw9YP3C334rNQgT2ZTR2qHq2YTKwyoDdvzmDB-SvA
x-needle-checksum: 3374904241
accept-ranges: bytes
timing-allow-origin: *
priority: u=3,i

GET
H3 200 408759089_1129320358232665_1115462051787732828_n.heic
scontent-fra3-1.cdninstagram.com/v/t51.29350-15/ 173 KB
173 KB 354ms
333ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra3-1.cdninstagram.com/v/t51.29350-15/408759089_1129320358232665_1115462051787732828_n.heic?stp=dst-jpg&_nc_cat=103&ccb=1-7&_nc_sid=18de74&_nc_ohc=BOZtHM3xCQEQ7kNvgEQqEj3&_nc_ht=scontent-fra3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AYCAfS1evrha_pprev2qq5kXrPLFi2wPIV1izCc9mIce-g&oe=66577656
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d0578bd82b75e82ac079eeb1a9083ef8b279f6d8e40b2953dfd4d232785515a8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-digest: adler32=2869098458
thrift_fmhk: GBApD6FNjCeHI/wqRdLwd0ITFeq3uckLvFUAHCYEAAAA
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 177290
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=271, mss=1232, tbw=513681, tp=441, tpl=0, uplat=312, ullat=0
last-modified: Sat, 09 Dec 2023 21:27:11 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: nQjZgOIkN8upKpRYcZ8wNKxn5AcnJtWG0pBz5mJRDwPsrsqNd-uwzNP0xgTORQbK6QJW7ghdAv53QUNzy6AX8JQgMTr10rHGMQRYEZQBfqzw5yYfUIR110WyK9wp-Z3pRxLwlvZDgPHfY-oSVZYKnA
x-needle-checksum: 2814741526
accept-ranges: bytes
timing-allow-origin: *
priority: u=3,i

GET
H3 200 409222667_731439018428510_4097083029455164791_n.heic
scontent-fra3-1.cdninstagram.com/v/t51.29350-15/ 61 KB
61 KB 285ms
264ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra3-1.cdninstagram.com/v/t51.29350-15/409222667_731439018428510_4097083029455164791_n.heic?stp=dst-jpg&_nc_cat=108&ccb=1-7&_nc_sid=18de74&_nc_ohc=Wib_0yjNMNYQ7kNvgFm4cUG&_nc_ht=scontent-fra3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AYAbOrg9mOn2nyR5JaQyH7GsNu6C22KjD0GhsegalsGw-Q&oe=66575C1D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 36a08ba9e1ec664a8a08ca4886df1b297ecbd34b017f7b398a9409939e3f869e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-digest: adler32=3182425224
thrift_fmhk: GBDxn2jhc04Qe6vsvuphc9hYFeq3uckLvFUAHCYEAAAA
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 62466
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=59, mss=1232, tbw=120609, tp=110, tpl=0, uplat=238, ullat=0
last-modified: Sun, 10 Dec 2023 08:39:32 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: J1ITj4u0r3EeW3lT8iqihLuQYsYFS4gxS6_NPEMwQNSpb1l67E9e8w0BE7bdTjeVgBObpqBL3i9IVFoJIDxF1f8UyC-8_lPTtEUfZUPE9R7A3SV8iUotEGt6VKeIOMb-gO9iXt9YqldO2cgVjzbhqA
x-needle-checksum: 2964113589
accept-ranges: bytes
timing-allow-origin: *
priority: u=3,i

GET
H3 200 409913796_611068791095800_1257442626499583334_n.heic
scontent-fra3-2.cdninstagram.com/v/t51.29350-15/ 98 KB
98 KB 277ms
251ms Image
image/jpeg 2a03:2880:f277:1c6:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra3-2.cdninstagram.com/v/t51.29350-15/409913796_611068791095800_1257442626499583334_n.heic?stp=dst-jpg&_nc_cat=104&ccb=1-7&_nc_sid=18de74&_nc_ohc=4ignBt-EflQQ7kNvgFUKF8R&_nc_ht=scontent-fra3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AYAWP-lRMxo2BxwICY0QEEkz8HwquM3Ng2n_lmWd_SQ8UA&oe=66578020
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f277:1c6:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0e1f172e0ce498a9b23be738d92355d3560fd2626acc2c5d5613cd48b561b6cc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-digest: adler32=1283718601
thrift_fmhk: GBAcN1Y9udBmZbSkmIMit1HJFeq3uckLvFUAHCYEAAAA
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 100101
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=33, mss=1232, tbw=4344, tp=10, tpl=0, uplat=231, ullat=0
last-modified: Tue, 12 Dec 2023 09:23:29 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: 7yVXPQ-4dGuKTK8J8uZ64ugEtPYgzlndAweqUHeMgMUqVhZAqYlt_1pb9nUXqx663sI3ye9PkZoKZOOVgxJvYKTpKcgDPTnVCGbw0j6EJmEs1T4KY2yLKSC1hdAyFwVk0bKIZd2ooQInhPTFgmkh1g
x-needle-checksum: 1063899450
accept-ranges: bytes
timing-allow-origin: *
priority: u=3,i

GET
H3 200 436333691_985144086265941_7907756869570383646_n.heic
scontent-fra5-2.cdninstagram.com/v/t51.29350-15/ 92 KB
92 KB 307ms
281ms Image
image/jpeg 2a03:2880:f276:1c3:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra5-2.cdninstagram.com/v/t51.29350-15/436333691_985144086265941_7907756869570383646_n.heic?stp=dst-jpg&_nc_cat=107&ccb=1-7&_nc_sid=18de74&_nc_ohc=p_kPiS4LJWYQ7kNvgFwM4Qs&_nc_ht=scontent-fra5-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AYC8p9sO6Qi4eTwyklO5Xd-bSoLt22JNMTxJVROhqjYp8Q&oe=66577C0B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6e706ab432c1a85ba98182d4f7a92472c70d904a267315f042e6eb7b6632aee7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-digest: adler32=506783038
thrift_fmhk: GBDau1cUYhgiwUdMQ0oGrpirFeq3uckLvFUAHCYEAAAA
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 94231
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=33, mss=1232, tbw=4294, tp=9, tpl=0, uplat=257, ullat=0
last-modified: Thu, 09 May 2024 16:08:26 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: K44YDQb1AlzblDuA1LcZ6YgX3o-W5-fxNS9clyf1cj4v9MzDfke6jLudakkvbbZQjVQZ32zALnbnr6uZNwbAutZFHTLrYoQnxi82uG2CXqaf3Sa1nF7kH8JQO1uh6LM5QFoJId1jgntoCNw2sZxvHA
x-needle-checksum: 2701506292
accept-ranges: bytes
timing-allow-origin: *
priority: u=3,i

GET
H3 200 445351165_999033931810401_6168887366041429679_n.heic
scontent-fra3-1.cdninstagram.com/v/t51.29350-15/ 168 KB
168 KB 317ms
316ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra3-1.cdninstagram.com/v/t51.29350-15/445351165_999033931810401_6168887366041429679_n.heic?stp=dst-jpg&_nc_cat=108&ccb=1-7&_nc_sid=18de74&_nc_ohc=0vpmqcUy9NMQ7kNvgGbnKT9&_nc_ht=scontent-fra3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AYBjoggxsGO9o0iW83GqxIUUafRvd2Tw565eQQYlwWUHVw&oe=66576132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 760868865272627d76bfeb7409fb3600ae82afb7dec46a6230040d58b9aab49f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wickedsisters.lt/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 08:13:48 GMT
content-digest: adler32=1220377911
thrift_fmhk: GBAUib4FgIe1SkCEj3TbvQiBFeq3uckLvFUAHCYEAAAA
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 171760
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=532, mss=1232, tbw=797409, tp=674, tpl=0, uplat=296, ullat=1
last-modified: Sun, 19 May 2024 09:34:57 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: oSuoexNJn8MpC_wJrRcjzGamzItiK9GQoFw7jCePWWnwRAFLIq0S7tCIkLP6a-Xy452zoUBAAbvLrqJPftGQN7Q3A_LeXiR4gxONaw0Hcwqi5EKYyPzq8q99Pa-EfjcORKpAIs_qWMQOg22LyTA0jw
x-needle-checksum: 2603216711
accept-ranges: bytes
timing-allow-origin: *
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.wickedsisters.lt/	1970-01-21 06:26:24	Name: _ga_QBDXR1J0CJ Value: GS1.1.1716624826.1.0.1716624826.0.0.0
			.wickedsisters.lt/	1970-01-21 06:26:24	Name: _ga Value: GA1.1.233034437.1716624827

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .builder-preview.com .zyro.space .hostinger.com .hostinger.io .hostinger.in *.hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-ecommerce.zyro.com
assets.zyrosite.com
backend.zyro.com
cdn.zyrosite.com
graph.instagram.com
region1.google-analytics.com
scontent-fra3-1.cdninstagram.com
scontent-fra3-2.cdninstagram.com
scontent-fra5-1.cdninstagram.com
scontent-fra5-2.cdninstagram.com
wickedsisters.lt
www.googletagmanager.com
2001:4860:4802:34::36
2600:1901:0:84ef::
2606:4700:4400::6812:219c
2606:4700:4400::6812:2b35
2606:4700:4400::ac40:9a64
2a00:1450:4001:831::2008
2a03:2880:f276:1c3:face:b00c:0:43fe
2a03:2880:f276:d2:face:b00c:0:43fe
2a03:2880:f277:1c6:face:b00c:0:43fe
2a03:2880:f277:c0:face:b00c:0:43fe
03096b6b3e2d5a76712bf07d183cabb006519b82d3dff32564373a80f3056301
0a612d6c449b67b33cdd2e70415dac5e8960f508889ad944b5d007d4eb0c7dda
0e1f172e0ce498a9b23be738d92355d3560fd2626acc2c5d5613cd48b561b6cc
14f7ae367a002d4e1287566469a807daa4aa12ba84f7d9b881a67c57da19c89c
172a9ce06eb4e14fab841f2a749d4eb771216e825b4710d0ef556dc4ab6b3fa4
1813fe1d949806387a7972a37ead5676600fba4515f09180992bd96ab18eded6
18210a354e13afa7184d907cbba5d03113db51bd924474e269c152a3af8fd0aa
1df9ca3620ff4f456dab066e6d7c37537ad05362c6b90a648eb0fc96efcb3f62
229cec88d1ba4d33408d5cb06b991355223f6cf32db2853f8db58b8b0293a7a5
30d35452d16ae3fc8eaa71cfd5a23e5e9f3102df22fdeeb05807bd88b1bbfbb9
36a08ba9e1ec664a8a08ca4886df1b297ecbd34b017f7b398a9409939e3f869e
36b12a76c62bbdb89699f5f7d516d6b45d443c32ad3ee51796365f99c58ef37e
44c24e38cadc726bdd7c5452225d848123ba6312e75859e05dc2f64772b5aa60
4b93c34c2baba562c27b52ee8eaba056b7a8d1cafb49d026510e2e193164d6c6
4c8c932d50296280a34ff534f9224ceafa1b57bd2a82baa9124d458354bd6350
5658809b511af2e9f1ee40cae0f9cf5341ea51f89a7336dc57f9099ea1c0d7c6
6280bc7581dca7acd408e1cfc4f475422b3379d5a26e219aee4b5d76a272d546
6b24e9539c9498fd8b2b12736bc1ecd4105b4fe097860ffe15606b63eaa2336b
6e706ab432c1a85ba98182d4f7a92472c70d904a267315f042e6eb7b6632aee7
760868865272627d76bfeb7409fb3600ae82afb7dec46a6230040d58b9aab49f
7731bda194489251812694dfd06428ad67a15b476483e1779dd953950c0861a9
8293a451f5026e317c11106ea52fc9163c633e2ac8c1ce1120c75499bda33245
84e501dc5b5e6895d420c1db9ffd482b285522c63dac07dd6c7482b8c2e238bd
8fb23250f65b31bddf09baa58a36a1e9e35e2e212f6be9e663b1462629acc368
9591f824f1f0f8aaff7ce877b974486e39e8944d9fc0ff4c93975b8898b0d48e
a1212a85448e32e492a187f6a3aadbf89eb27627f967abc7b6f1e812fc510ea7
a27e4e1af3e923169ae11a4fef4c1d0ea92932aeee36a1df3303b706647b6a71
ad9757330ef92206af279f31abe22791ef38d3bae960fcf1280713e0741efa82
af61ad765cbc0ba06b1eb06d400bc36de58816129c155810389b0cb8bdfc889e
bf7a9b63d60d4a71bfbfa5967a9815cd6f78d321bb4acadc4556173ec66bb15c
c5102b3a38021bb39f7e7f79f48d907949d717792e8f4a36b340152757707373
cb2df0484183432a8bf4efc41cb41fe8908fc5e0a2a327cd4a6720b13779a676
cc45618c17f1a5e06c0be4fa5fbd89bac1cfc72df859d70b1ac39e6052b1fed6
d0578bd82b75e82ac079eeb1a9083ef8b279f6d8e40b2953dfd4d232785515a8
d6e9454f997c545ca31447a06656349221818e15f7653f8b5c05252a67444070
dd2b0d53fe41f36c46b3cf6c91ecffbfc7b7442a9ace70b7ca35459435aa7ed8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e514cbf1e29f3d19f699fc2adc39c9581f509f65865c7a897a1ec0c255e2c99c
eda53efce02c7c21f272f2bce73fd854b0e859d7c237e1f7471c713ec4869947
efb49b8094861d4278af4c906e2b229b1dc570e9f3542d59ab3dc7a00a9fc67e
f76c34d55ad494b374e8d1eab63f97af414c9f048b56036b272f1a54ff4da034
f90ea4410ec2b017335638fd9b779204ad87b59699e2537545ba934e6ab08dee
f99e08a50e93e6cd9aaeecf4e8d473db705aa0e5ebac2e1127f9ee9fbe93e1f9

wickedsisters.lt Open in urlscan Pro 2600:1901:0:84ef:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

100 %IPv6

7 Domains

12 Subdomains

10 IPs

2 Countries

3318 kBTransfer

4353 kBSize

2 Cookies

14 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wickedsisters.lt Open in urlscan Pro
2600:1901:0:84ef:: Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

100 %
IPv6

7
Domains

12
Subdomains

10
IPs

2
Countries

3318 kB
Transfer

4353 kB
Size

2
Cookies

44 HTTP transactions
0 data transactions