www.desertwitchretreats.com
Open in
urlscan Pro
23.229.223.162
Public Scan
Submitted URL: https://mail.desertwitchretreats.com/
Effective URL: https://www.desertwitchretreats.com/
Submission Tags: phishingrod
Submission: On November 22 via api from DE — Scanned from DE
Effective URL: https://www.desertwitchretreats.com/
Submission Tags: phishingrod
Submission: On November 22 via api from DE — Scanned from DE
Summary
This website contacted 14 IPs
in 2 countries
across 10 domains to perform 45 HTTP transactions.
The main IP is 23.229.223.162, located in
United States and
belongs to GO-DADDY-COM-LLC, US.
The main domain is www.desertwitchretreats.com.
TLS certificate: Issued by R3 on November 22nd 2023. Valid for: 3 months.
This is the only time www.desertwitchretreats.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on November 22nd 2023. Valid for: 3 months.
This is the only time www.desertwitchretreats.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 7 | 23.229.223.162 23.229.223.162 | 398101 (GO-DADDY-...) (GO-DADDY-COM-LLC) | |
| 15 | 2606:4700:440... 2606:4700:4400::ac40:9a69 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:82f::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 5 | 151.101.130.133 151.101.130.133 | 54113 (FASTLY) (FASTLY) | |
| 1 2 | 23.53.42.160 23.53.42.160 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 7 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 151.101.194.133 151.101.194.133 | 54113 (FASTLY) (FASTLY) | |
| 1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 151.101.66.133 151.101.66.133 | 54113 (FASTLY) (FASTLY) | |
| 1 | 151.101.2.133 151.101.2.133 | 54113 (FASTLY) (FASTLY) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:80e::200a | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a02:26f0:c6:... 2a02:26f0:c6::211:1612 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 2400:52e0:1e0... 2400:52e0:1e00::1082:1 | 200325 (BUNNYCDN) (BUNNYCDN) | |
| 45 | 14 |
7
23.229.223.162
(United States)
ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 162.223.229.23.host.secureserver.net
ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 162.223.229.23.host.secureserver.net
| mail.desertwitchretreats.com | |
| www.desertwitchretreats.com |
1
2a00:1450:4001:82f::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
23.53.42.160
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-160.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-160.deploy.static.akamaitechnologies.com
| img1.wsimg.com |
2
2a02:26f0:c6::211:1612
(Düsseldorf, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| events.api.secureserver.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 15 |
nitrocdn.com
cdn-kedmd.nitrocdn.com |
659 KB |
| 9 |
klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 3379 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4078 fast.a.klaviyo.com — Cisco Umbrella Rank: 4400 static-forms.klaviyo.com — Cisco Umbrella Rank: 4067 |
71 KB |
| 7 |
gstatic.com
fonts.gstatic.com |
63 KB |
| 7 |
desertwitchretreats.com
1 redirects
mail.desertwitchretreats.com www.desertwitchretreats.com |
295 KB |
| 2 |
secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 10054 |
580 B |
| 2 |
wsimg.com
1 redirects
img1.wsimg.com — Cisco Umbrella Rank: 8613 |
14 KB |
| 1 |
getnitropack.com
to.getnitropack.com — Cisco Umbrella Rank: 17511 |
457 B |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
1 KB |
| 1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462 |
262 B |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35 |
91 KB |
| 45 | 10 |
| Domain | Requested by | |
|---|---|---|
| 15 | cdn-kedmd.nitrocdn.com |
www.desertwitchretreats.com
|
| 7 | fonts.gstatic.com |
www.desertwitchretreats.com
cdn-kedmd.nitrocdn.com fonts.googleapis.com |
| 6 | www.desertwitchretreats.com |
www.desertwitchretreats.com
cdn-kedmd.nitrocdn.com |
| 5 | static.klaviyo.com |
www.desertwitchretreats.com
static.klaviyo.com |
| 2 | events.api.secureserver.net |
cdn-kedmd.nitrocdn.com
|
| 2 | static-tracking.klaviyo.com |
static.klaviyo.com
|
| 2 | img1.wsimg.com |
1 redirects
www.desertwitchretreats.com
|
| 1 | to.getnitropack.com |
www.desertwitchretreats.com
|
| 1 | fonts.googleapis.com |
client
|
| 1 | static-forms.klaviyo.com |
static-tracking.klaviyo.com
|
| 1 | fast.a.klaviyo.com |
static-tracking.klaviyo.com
|
| 1 | region1.google-analytics.com |
www.googletagmanager.com
|
| 1 | www.googletagmanager.com |
www.desertwitchretreats.com
|
| 1 | mail.desertwitchretreats.com | 1 redirects |
| 45 | 14 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.instagram.com |
| www.linkedin.com |
| www.pinterest.com |
| www.freelancer.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| cpanel.desertwitchretreats.com R3 |
2023-11-22 - 2024-02-20 |
3 months | crt.sh |
| nitrocdn.com Cloudflare Inc ECC CA-3 |
2023-10-26 - 2024-01-24 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
| static.klaviyo.com R3 |
2023-11-14 - 2024-02-12 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
| static-tracking.klaviyo.com R3 |
2023-09-23 - 2023-12-22 |
3 months | crt.sh |
| fast.a.klaviyo.com R3 |
2023-11-14 - 2024-02-12 |
3 months | crt.sh |
| static-forms.klaviyo.com R3 |
2023-10-23 - 2024-01-21 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
| *.api.secureserver.net Starfield Secure Certificate Authority - G2 |
2023-07-10 - 2024-08-10 |
a year | crt.sh |
| *.getnitropack.com Sectigo RSA Domain Validation Secure Server CA |
2022-12-19 - 2023-12-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.desertwitchretreats.com/
Frame ID: F22A3FB07939F6AF8269B08C1B88F743
Requests: 52 HTTP requests in this frame
Screenshot
Page Title
Desert Witch RetreatsPage URL History Show full URLs
-
https://mail.desertwitchretreats.com/
HTTP 301
https://www.desertwitchretreats.com/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googleapis\.com/.+webfont
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Klaviyo
(Marketing automation)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- klaviyo\.com
Swiper Slider
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- swiper(?:\.min)?\.js
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://www.instagram.com/yourdesertwitch/
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/in/laurenlovettsw
Search URL Search Domain Scan URL
URL: https://www.pinterest.com/laurenloves13
Search URL Search Domain Scan URL
URL: https://www.freelancer.com/u/CoderCrew
Title: Developed by CODERCREW
Title: Developed by CODERCREW
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://mail.desertwitchretreats.com/
HTTP 301
https://www.desertwitchretreats.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
- https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
45 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.desertwitchretreats.com/ Redirect Chain
|
146 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0241718195d8f38d6358df6823e061b7.css2
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/desktop/source/rev-58c94e7/fonts.googleapis.com/ |
2 KB 686 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f3255c439ed0710d94e71cc0ad66c652.css2
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/desktop/source/rev-58c94e7/fonts.googleapis.com/ |
2 KB 727 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fa-brands-400.woff2
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/static/source/rev-58c94e7/www.desertwitchretreats.com/wp-content/themes/lauren/inc/assets/webfonts/ |
77 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nitro-min-noimport-bd6cb6134941a2e4271f0b4fbb90a8ed-stylesheet.css
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/static/optimized/rev-58c94e7/www.desertwitchretreats.com/externalFontFace/ |
46 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
render-blocking-nitro-min-30d6b4449b2bccc0b9efae346984ad42-nitro.js
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/static/optimized/rev-58c94e7/www.desertwitchretreats.com/combinedJs/ |
99 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
274 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
klaviyo.js
static.klaviyo.com/onsite/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
render-blocking-nitro-min-c366fbaeadc564d8f57219b0231fc5e2-nitro.js
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/static/optimized/rev-58c94e7/www.desertwitchretreats.com/combinedJs/ |
336 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
render-blocking-nitro-min-b27dada0510074ebdc378e46d84bf14b-nitro.js
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/static/optimized/rev-58c94e7/www.desertwitchretreats.com/combinedJs/ |
40 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
render-blocking-nitro-min-c4f2b9459790d877f1f3bec3c3632b08-nitro.js
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/static/optimized/rev-58c94e7/www.desertwitchretreats.com/combinedJs/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tccl.min.js
img1.wsimg.com/signals/js/clients/tccl/ Redirect Chain
|
46 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nitro-min-5f2999068204be9f831247bd4e9ec28f._jb_static
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/desktop/optimized/rev-58c94e7/www.desertwitchretreats.com/ |
609 KB 78 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
95 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nitro-min-e9bd40bc2a1c58108eeb87ba7c81a00f.animations.min.css
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/static/optimized/rev-58c94e7/www.desertwitchretreats.com/wp-content/plugins/elementor/assets/lib/animations/ |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
neILzCirqoswsqX9zoKmM4MwWJU.woff2
fonts.gstatic.com/s/lobster/v30/ |
16 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
299afcd7-92a7-4be4-8919-86bbd4038cca
https://www.desertwitchretreats.com/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
WhatsApp-Image-2022-10-11-at-5.50.51-PM.jpeg
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/images/optimized/rev-58c94e7/www.desertwitchretreats.com/wp-content/uploads/2022/10/ |
38 KB 38 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
89230b5345a37210b4b96a96bfe7fb53.Picture3-min.png
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/images/source/rev-58c94e7/i0.wp.com/www.desertwitchretreats.com/wp-content/uploads/2022/12/ |
138 KB 138 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
d2180d492a795f818ea3cd45f6cd0eed.0K9A0302-1.jpg
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/images/optimized/rev-58c94e7/i0.wp.com/www.desertwitchretreats.com/wp-content/uploads/2022/10/ |
29 KB 29 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-emoji-release.min.js
www.desertwitchretreats.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiByp8kv8JHgFVrLBT5Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ |
7 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
99041f3eda69a8abaa930169322d2cb1.icomoon.ttf
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/static/source/rev-58c94e7/www.desertwitchretreats.com/wp-content/themes/lauren/inc/assets/webfonts/ |
2 KB 1 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
592a7a7359d083876690224722913360.Picture3-min.png
cdn-kedmd.nitrocdn.com/QhWCjCIbbPDSkPZookCDXfgKbuHeIUkA/assets/images/source/rev-58c94e7/i0.wp.com/www.desertwitchretreats.com/wp-content/uploads/2022/12/ |
138 KB 138 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
swiper.min.js
www.desertwitchretreats.com/wp-content/plugins/elementor/assets/lib/swiper/ |
136 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Picture2-min.png
www.desertwitchretreats.com/wp-content/uploads/2022/12/ |
99 KB 99 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Picture1-min.png
www.desertwitchretreats.com/wp-content/uploads/2022/12/ |
123 KB 124 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
text-editor.2c35aafbe5bf0e127950.bundle.min.js
www.desertwitchretreats.com/wp-content/plugins/elementor/assets/js/ |
1 KB 680 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fender_analytics.89f34df06656c3dc9d28.js
static-tracking.klaviyo.com/onsite/js/ |
30 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
static.500134348b1f0969ffe3.js
static-tracking.klaviyo.com/onsite/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
runtime.8e16a070d3756b520991.js
static.klaviyo.com/onsite/js/ |
19 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sharedUtils.01b8412aa21af73d0113.js
static.klaviyo.com/onsite/js/ |
43 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendors~signup_forms.f3ed4b7e48b30a32dcaa.js
static.klaviyo.com/onsite/js/ |
32 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
signup_forms.6b6e56a09642d38f8488.js
static.klaviyo.com/onsite/js/ |
38 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 262 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
onsite
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ |
1 KB 953 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
full-forms
static-forms.klaviyo.com/forms/api/v7/QWaReS/ |
38 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 290 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 290 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
to.getnitropack.com/ |
20 B 457 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture undefined| href object| NPSH object| NitroScrollHelper boolean| IS_NITROPACK string| NITROPACK_STATE object| nitro_lazySizesConfig object| lazySizes object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer undefined| proxyPurgeOnly undefined| nitroData undefined| xhr object| wpcf7 object| jetpackLazyImagesL10n object| klUser function| klIdentifyBrowser object| swv function| EvEmitter function| imagesLoaded object| AOS function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Waypoint function| Swiper object| webpackChunkelementor object| elementorModules object| elementorFrontendConfig object| elementorFrontend object| _trfd boolean| _tcclPageReqFired object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| _trfq object| tccl object| _learnq string| __klKey object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| twemoji object| wp object| webpackChunk_klaviyo_onsite_modules object| _klOnsite object| klaviyo object| core6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.desertwitchretreats.com/ | Name: nitroCachedPage Value: 1 |
|
| .desertwitchretreats.com/ | Name: _tccl_visitor Value: 67cfe47d-24ba-52ae-a74a-f1794cbd80d4 |
|
| .desertwitchretreats.com/ | Name: _tccl_visit Value: 67cfe47d-24ba-52ae-a74a-f1794cbd80d4 |
|
| .desertwitchretreats.com/ | Name: _ga_0GPP49VB7H Value: GS1.1.1700619683.1.0.1700619683.0.0.0 |
|
| .desertwitchretreats.com/ | Name: _ga Value: GA1.1.1802305831.1700619684 |
|
| www.desertwitchretreats.com/ | Name: __kla_id Value: eyJjaWQiOiJNVGhtWmpreU9Ua3RZakk0T1MwME16VmhMV0l5WXpjdE5tUTFPR0kwWm1ZNU1tUmwiLCIkcmVmZXJyZXIiOnsidHMiOjE3MDA2MTk2ODQsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmRlc2VydHdpdGNocmV0cmVhdHMuY29tLyJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTcwMDYxOTY4NCwidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly93d3cuZGVzZXJ0d2l0Y2hyZXRyZWF0cy5jb20vIn19 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn-kedmd.nitrocdn.com
events.api.secureserver.net
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
img1.wsimg.com
mail.desertwitchretreats.com
region1.google-analytics.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.klaviyo.com
to.getnitropack.com
www.desertwitchretreats.com
www.googletagmanager.com
151.101.130.133
151.101.194.133
151.101.2.133
151.101.66.133
2001:4860:4802:34::36
23.229.223.162
23.53.42.160
2400:52e0:1e00::1082:1
2606:4700:4400::ac40:9a69
2a00:1450:4001:806::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:82f::2008
2a02:26f0:c6::211:1612
0e40334da2b527437660b53f317c3436ec9bdaad2f346abeaca262c2068199b3
179a471a9e859abc8338f104a5e367e7f724d9f540454ea0fd9c793324bb409c
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
1a90927f303dc7235f84001e46a9cfae37507000c124f2ba86fb455b3f4f8457
1b310d352b99571ec2df0eb10f3f87d82ad2c50e0b65162b6f0678e6cda1475f
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1d03c52fcb99693d1a608b67f5ba9b75baa830559f508caec12d293d646532b1
2388ff9edfb351df618fd157f310fd0232627de72b7df640329a7da595763375
2683218c800e07655327e7edb99cc6dd3529c0e1aa6a2db69caf73df1c3ddc6f
30de3313ffb880349062ff617135b5ded58d4e87e218abb9a0f6a80663421618
3303ed47a5f82f811c9a0334a51e739f5fedb2ec5fd3b36ea979678a27444cf2
4198e21eba2642076c59a1ce77340760d8ecb314e0157ba47367ef792aeed10f
448339ac2a68dca73a48fa8e81ebecd1da9205116929fd0d09da5bfbaf88f834
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45b1d8d84825569ef3ca3108bb2861da82988fae6acc37588d56cf829f0eda2e
46ade2015c8f9b9cabbf67dfde5da6664f4690725cd94ee6215eeacfe9b19b3f
4e03be949642d58ff54506feed064bf07bbb2a5747f6b2d4ebf451aff85ce327
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50c8d9a0964160d888754d64ac1e103842784a75de0110745a324d7c537bbe45
53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0
5cdc1e048efb330c38f1a8448f79f5c7675121fcdf4b5df8d431760cc846bb22
69d57ebcfc53c24cdf2839e7cc75f613e9f2a4e6bbefa122a26c4bd653a0d914
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
71f5c3f45efff2628d13469e5e1c9e7ba88d58b75c3292176db9cb683fe91b44
73aafae1eeecc20073d809ed9e267a6e4a02ed205a262e0841ec90c7fb017c7e
766a52e177481bb6116954ad052703616dcb9643b3baae9aba846ef5a2488b41
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
80fe94755091f74fcd7089fe69561fce463c4c816c678dbfd42d975ec1329793
838716277c83736442240dac9f0faaa14c5548a1d17bc2716801f7bbed41639b
8e697d79124c04c53a94a429f46c41e132108bd209ad173e841c72ca6ef2bf26
8fe3651d5cbb3660fe8fecf5c9779047d4136a6ed9ef6252a35d4eb5277a482d
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9a36da947c8c70de79dd8d2e3c50c62874034aaa2d2e33927e15584501786a85
a0ae489b203fbd25bd7497fc94e529749f01bf2fd7e934b21b8cd5b357198239
a44e0881b9be6c56f97f206cef5701cb062c5a59df30f092eea43e33f1b3e147
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
a750c2548560907c55228adfaac0c13a283933d673d4802e0a82cd07b4ffb205
ad26ec8a3728c7ab759a937b415be68bb65886fb81ac6a3d1c050d2989c512a8
aef71ae451e0ede921b362bd5dbb5da04ee8093780ac0cff8b20e52a2b99a6fa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
c015611a3ff41f198edde4088f3a83fbdeedc4469df6998dbdd4cd963d13012b
d1b04d6e506d6b855204d3f4bc18c89f5c99f238fd30c4a0aa504d01e3afcef5
d3bdfe2ed8f0a7ec8cdcd4fb553d9ea11e3dbfe5c96c37a5bf66642983fbceda
de5993e6eb07a28001574b388e4b4ef82ba60b8ec0801a7e103fac12795f3972
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd4f550185bf7d09e35468a5e8069cf5f2ea4f48cdf619f8239b3bd824fba3ad