wickedsistersband.com Open in urlscan Pro
2606:4700:90:0:3626:d0ff:6957:de1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wickedsistersband.com/
Submission Tags: phishingrod
Submission: On September 14 via api (September 14th 2023, 7:22:01 am UTC) from DE — Scanned from DE

Summary HTTP 50 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 50 HTTP transactions. The main IP is 2606:4700:90:0:3626:d0ff:6957:de1, located in United States and belongs to CLOUDFLARENET, US. The main domain is wickedsistersband.com.
TLS certificate: Issued by R3 on September 14th 2023. Valid for: 3 months.

This is the only time wickedsistersband.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:90:... 2606:4700:90:0:3626:d0ff:6957:de1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6812:13d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:205... 2600:9000:2057:b800:7:56a2:7e40:21	16509 (AMAZON-02) (AMAZON-02)
1	104.198.14.52 104.198.14.52	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a09:8280:1::... 2a09:8280:1::a:6d46	40509 (FLY) (FLY)
3	16.12.4.106 16.12.4.106	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a03:2880:f08... 2a03:2880:f083:6:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
50	13

6 2606:4700:90:0:3626:d0ff:6957:de1 (United States)

ASN13335 (CLOUDFLARENET, US)

wickedsistersband.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:13d7 (United States)

ASN13335 (CLOUDFLARENET, US)

assets-app-production-pubnet.bndzgl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:b800:7:56a2:7e40:21 (United States)

ASN16509 (AMAZON-02, US)

d10j3mvrs1suex.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.14.52 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 52.14.198.104.bc.googleusercontent.com

www.niftybuttons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a09:8280:1::a:6d46 (United States)

ASN40509 (FLY, US)

stats.zoogletools.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 16.12.4.106 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ca-central-1.amazonaws.com

zglseed.s3.ca-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:6:face:b00c:0:2 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	gstatic.com fonts.gstatic.com www.gstatic.com	672 KB
7	bndzgl.com assets-app-production-pubnet.bndzgl.com — Cisco Umbrella Rank: 238629	267 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	89 KB
6	wickedsistersband.com wickedsistersband.com	49 KB
3	amazonaws.com zglseed.s3.ca-central-1.amazonaws.com	36 KB
3	zoogletools.net stats.zoogletools.net — Cisco Umbrella Rank: 268930	1 KB
3	cloudfront.net d10j3mvrs1suex.cloudfront.net	285 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56	2 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 942	135 KB
2	facebook.com 1 redirects web.facebook.com — Cisco Umbrella Rank: 189 www.facebook.com — Cisco Umbrella Rank: 117	19 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	88 KB
1	niftybuttons.com www.niftybuttons.com	7 KB
50	12

	Domain	Requested by
8	www.gstatic.com	www.google.com www.gstatic.com
7	assets-app-production-pubnet.bndzgl.com	wickedsistersband.com assets-app-production-pubnet.bndzgl.com
6	www.google.com	assets-app-production-pubnet.bndzgl.com www.gstatic.com www.google.com
6	wickedsistersband.com	assets-app-production-pubnet.bndzgl.com
5	fonts.gstatic.com	fonts.googleapis.com
3	zglseed.s3.ca-central-1.amazonaws.com	assets-app-production-pubnet.bndzgl.com
3	stats.zoogletools.net	wickedsistersband.com stats.zoogletools.net
3	d10j3mvrs1suex.cloudfront.net	wickedsistersband.com
3	fonts.googleapis.com	wickedsistersband.com
2	static.xx.fbcdn.net	www.facebook.com
2	connect.facebook.net	wickedsistersband.com connect.facebook.net
1	www.facebook.com	connect.facebook.net
1	web.facebook.com	1 redirects
1	www.niftybuttons.com	wickedsistersband.com
50	14

This site contains links to these domains. Also see Links.

Domain
d10j3mvrs1suex.cloudfront.net
www.google.com
www.facebook.com
bandzoogle.com

Subject Issuer	Validity	Valid
wickedsistersband.com R3	`2023-09-14` - `2023-12-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-02` - `2024-04-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
niftybuttons.com R3	`2023-09-10` - `2023-12-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-23` - `2023-09-21`	3 months	crt.sh
stats.zoogletools.net R3	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.s3.ca-central-1.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-01-15`	9 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://wickedsistersband.com/
Frame ID: 80C1DAC54227C788B73E50B9627CEE05
Requests: 35 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ&co=aHR0cHM6Ly93aWNrZWRzaXN0ZXJzYmFuZC5jb206NDQz&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=vrimk26h68df
Frame ID: 813AE20C00C9A73274964C3989A91D29
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ
Frame ID: 12502971A287CC267E984A0A9D58362B
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df139d68451c4c9%26domain%3Dwickedsistersband.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwickedsistersband.com%252Ff4b71cb3d23314%26relation%3Dparent.parent&container_width=267&href=http%3A%2F%2Fwickedsistersband.com%2F&locale=en_US&sdk=joey&send=true&show_faces=true&width=450&_rdc=1&_rdr
Frame ID: 4B5FB23F767316888821E7B1EE0B9ED8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wicked Sisters

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

50
Requests

100 %
HTTPS

85 %
IPv6

12
Domains

14
Subdomains

13
IPs

3
Countries

1649 kB
Transfer

4263 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/394425/24613ffd634794118b84782b95b5c8fbd63b4d99/original/img-2730.jpg/!!/b%3AW1sicmVzaXplIixbNjAwLG51bGwseyJ3aXRob3V0RW5sYXJnZW1lbnQiOnRydWUsImZpdCI6Im91dHNpZGUifV1dXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=Main%20st,%20Mokelumne%20Hill
Title: Shutter Tree Park, Main st, Mokelumne Hill

Search URL Search Domain Scan URL

URL: http://www.facebook.com/wickedsisters

Search URL Search Domain Scan URL

URL: https://bandzoogle.com/
Title: Powered by Bandzoogle

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://web.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df139d68451c4c9%26domain%3Dwickedsistersband.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwickedsistersband.com%252Ff4b71cb3d23314%26relation%3Dparent.parent&container_width=267&href=http%3A%2F%2Fwickedsistersband.com%2F&locale=en_US&sdk=joey&send=true&show_faces=true&width=450 HTTP 302
https://www.facebook.com/plugins/like.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df139d68451c4c9%26domain%3Dwickedsistersband.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwickedsistersband.com%252Ff4b71cb3d23314%26relation%3Dparent.parent&container_width=267&href=http%3A%2F%2Fwickedsistersband.com%2F&locale=en_US&sdk=joey&send=true&show_faces=true&width=450&_rdc=1&_rdr

50 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wickedsistersband.com/ 37 KB
11 KB 819ms
115ms Document
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsistersband.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

b2afdd1c3d6d8d98073531b64db891e937cf2b909bdc8853aa96cbca6ba7b974

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11
cache-control: max-age=0, public, s-maxage=31556952
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Thu, 14 Sep 2023 07:21:55 GMT
etag: W/"7820accf4a98e7258d8dcdf0a22087c3"
last-modified: Thu, 14 Sep 2023 07:21:31 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: openresty
strict-transport-security: max-age=31556952
x-clacks-overhead: GNU Terry Pratchett
x-content-digest: 6cca8ffd699136723a147cf60e540582c7460cdd
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-rack-cache: fresh
x-request-id: 2c136bfdb3419ede20173c9553d6ea15 26e21b7449718475ad95cefedbbe7869
x-runtime: 0.275773
x-xss-protection: 1; mode=block

GET
H2 200 application-d60031a342c61cad3b37ae6195c140680667b5f6f0330c3e929b77abf93f902a.css
assets-app-production-pubnet.bndzgl.com/assets/usersite/ 326 KB
46 KB 49ms
17ms Stylesheet
text/css 2606:4700::6812:13d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-d60031a342c61cad3b37ae6195c140680667b5f6f0330c3e929b77abf93f902a.css

Requested by

Host: wickedsistersband.com
URL: https://wickedsistersband.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d60031a342c61cad3b37ae6195c140680667b5f6f0330c3e929b77abf93f902a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 45696
cf-cache-status: HIT
content-length: 46646
x-xss-protection: 1; mode=block
x-request-id: ad3ccd95cb633aa810cc31dea0ee670c
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 13 Sep 2023 13:43:05 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8066e03a28271c0b-FRA
expires: Sun, 11 Sep 2033 07:21:55 GMT

GET
H2 200 style-203-d50d1264.css
assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/ 88 KB
10 KB 46ms
15ms Stylesheet
text/css 2606:4700::6812:13d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/style-203-d50d1264.css

Requested by

Host: wickedsistersband.com
URL: https://wickedsistersband.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dd13218b6cf61875dc7ac4621305fb994ec1a594c34154a27cb40c99c7146c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 2035594
cf-cache-status: HIT
content-length: 9370
x-xss-protection: 1; mode=block
x-request-id: 1a184c665213d855b100a345c4049115
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 21 Aug 2023 11:53:26 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8066e03a28281c0b-FRA
expires: Sun, 11 Sep 2033 07:21:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
549 B 42ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Great+Vibes&display=swap

Requested by

Host: wickedsistersband.com
URL: https://wickedsistersband.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a3eb37cd27db163117bdd65f24555708748528618164b4f2464990dc6042e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Sep 2023 07:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 06:36:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Sep 2023 07:21:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 41ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@800&display=swap

Requested by

Host: wickedsistersband.com
URL: https://wickedsistersband.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e64f46290ced6b14c45a7a1ccd110021d8a7fb539aff9cd38913a8bbdc3b360d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Sep 2023 07:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 07:06:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Sep 2023 07:21:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 445 B
417 B 42ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Josefin+Slab&display=swap

Requested by

Host: wickedsistersband.com
URL: https://wickedsistersband.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

acd786726d17e5c08b45f3858a3ad1f53a93be5e71a81ceb3bcc4a276e8b6b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Sep 2023 07:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 07:18:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Sep 2023 07:21:55 GMT

GET
H2 200 application-83fc7289d9c903cd652c1f68efdb6d0f3f43aece80bacb6532bfffedfbcd7786.js Show response
assets-app-production-pubnet.bndzgl.com/assets/usersite/ 390 KB
124 KB 50ms
19ms Script
application/javascript 2606:4700::6812:13d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-83fc7289d9c903cd652c1f68efdb6d0f3f43aece80bacb6532bfffedfbcd7786.js

Requested by

Host: wickedsistersband.com
URL: https://wickedsistersband.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83fc7289d9c903cd652c1f68efdb6d0f3f43aece80bacb6532bfffedfbcd7786

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 1439345
cf-cache-status: HIT
content-length: 126195
x-xss-protection: 1; mode=block
x-request-id: f482761e569dbfe70f25522f2162ef98
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 28 Aug 2023 14:46:50 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8066e03a282a1c0b-FRA
expires: Sun, 11 Sep 2033 07:21:55 GMT

GET
H2 200 usersite-786db6dcd569cc8cf01d.js Show response
assets-app-production-pubnet.bndzgl.com/packs/js/ 315 KB
68 KB 17ms
16ms Script
application/javascript 2606:4700::6812:13d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-786db6dcd569cc8cf01d.js

Requested by

Host: wickedsistersband.com
URL: https://wickedsistersband.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edc45bd1c6dffcfd590da032b22ce8f2e50f39ed802468be01ee8c8fd012b589

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 736655
cf-cache-status: HIT
content-length: 69040
x-xss-protection: 1; mode=block
x-request-id: 68a81f6708e551074bdcddf30a7276c5
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 05 Sep 2023 18:39:09 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8066e03a48491c0b-FRA
expires: Sun, 11 Sep 2033 07:21:55 GMT

GET
H2 200 usersite-eb0ed5fd.css
assets-app-production-pubnet.bndzgl.com/packs/css/ 12 KB
3 KB 49ms
19ms Stylesheet
text/css 2606:4700::6812:13d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite-eb0ed5fd.css

Requested by

Host: wickedsistersband.com
URL: https://wickedsistersband.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38762364df172b96d1023a94c67dc19fb98818f6627f572fbd90f3f6f200011e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 2036350
cf-cache-status: HIT
content-length: 2532
x-xss-protection: 1; mode=block
x-request-id: b284519e14f274b1db1cb464110869f7
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 21 Aug 2023 11:53:27 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8066e03a28291c0b-FRA
expires: Sun, 11 Sep 2033 07:21:55 GMT

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/394425/c018b5babe0933ba153c396fbb2d1a193ae00239/original/wspromopic22.jpg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/ 270 KB
271 KB 57ms
17ms Image
image/webp 2600:9000:2057:b800:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/394425/c018b5babe0933ba153c396fbb2d1a193ae00239/original/wspromopic22.jpg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: wickedsistersband.com
URL: https://wickedsistersband.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b800:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/6cc3f7e5 (2023-09-12) / Express
Resource Hash: ed0f64153c7dfc54eb8c8b7efea8c49823150646303adbee736ec6ba539ad122

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:45 GMT
via: 1.1 fly.io, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
fly-request-id: 01HA992DVD2RHN5B2WEDFPXR1P-fra
server: Fly/6cc3f7e5 (2023-09-12)
x-amz-cf-pop: FRA6-C1
age: 10
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/394425/c018b5babe0933ba153c396fbb2d1a193ae00239/original/wspromopic22.jpg/!!/b:W1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/394425/c018b5babe0933ba153c396fbb2d1a193ae00239/original/wspromopic22.jpg","commands":[["resize",1800,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: pJCjddmgVlJDab-DuX-P2C1vLVfCh1xoCqX8UD9B0Uy2WuuAuO4Sjw==

GET
H2 200 b%3AWyJyZXNpemU6MTk0eDE3NiJd.jpg
d10j3mvrs1suex.cloudfront.net/u/394425/db90a842d288db76d96a215094e6ac8a4b62e9d3/original/wickedsisterlogo.jpg/!!/ 2 KB
3 KB 51ms
12ms Image
image/webp 2600:9000:2057:b800:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/u/394425/db90a842d288db76d96a215094e6ac8a4b62e9d3/original/wickedsisterlogo.jpg/!!/b%3AWyJyZXNpemU6MTk0eDE3NiJd.jpg
Requested by: Host: wickedsistersband.com
URL: https://wickedsistersband.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b800:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/6cc3f7e5 (2023-09-12) / Express
Resource Hash: 4360b3f3da3a6a96c1833035f2063510e7b8c1daedcef08e9bea7f05a0dd4170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:45 GMT
via: 1.1 fly.io, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
fly-request-id: 01HA992DV3BKS3KQECCJRZDQXF-fra
server: Fly/6cc3f7e5 (2023-09-12)
x-amz-cf-pop: FRA6-C1
age: 10
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"u/394425/db90a842d288db76d96a215094e6ac8a4b62e9d3/original/wickedsisterlogo.jpg/!!/b:WyJyZXNpemU6MTk0eDE3NiJd.jpg","src":"u/394425/db90a842d288db76d96a215094e6ac8a4b62e9d3/original/wickedsisterlogo.jpg","commands":[["resize",[194,176],null,{}],["toFormat",["webp"]]],"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: CPf-dGfzARumw6E6LnetYFLPUED07v2QHo_jYeQuqM-RKeUpiKacWA==

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/394425/24613ffd634794118b84782b95b5c8fbd63b4d99/original/img-2730.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLG51bGwseyJ3aXRob3V0RW5sYXJnZW1lbnQiOnRydWUsImZpdCI6Im91... 10 KB
11 KB 26ms
25ms Image
image/webp 2600:9000:2057:b800:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/394425/24613ffd634794118b84782b95b5c8fbd63b4d99/original/img-2730.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLG51bGwseyJ3aXRob3V0RW5sYXJnZW1lbnQiOnRydWUsImZpdCI6Im91dHNpZGUifV1dXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: wickedsistersband.com
URL: https://wickedsistersband.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b800:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/6cc3f7e5 (2023-09-12) / Express
Resource Hash: 359a376829f6011b92819a17239f7046be231b553a27be90c8ce87e44143a9df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:45 GMT
via: 1.1 fly.io, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
fly-request-id: 01HA992DV5JXFFDGYYAFK9FZPJ-fra
server: Fly/6cc3f7e5 (2023-09-12)
x-amz-cf-pop: FRA6-C1
age: 10
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/394425/24613ffd634794118b84782b95b5c8fbd63b4d99/original/img-2730.jpg/!!/b:W1sicmVzaXplIixbMjAwLG51bGwseyJ3aXRob3V0RW5sYXJnZW1lbnQiOnRydWUsImZpdCI6Im91dHNpZGUifV1dXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/394425/24613ffd634794118b84782b95b5c8fbd63b4d99/original/img-2730.jpg","commands":[["resize",[200,null,{"withoutEnlargement":true,"fit":"outside"}],null,{}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: VSr1aPHoM4O0OiWEgaYhrjCYkCBaukdObys-Lhy-VohuNAAOg0jrqw==

GET
H2 200 facebookdark_48.png
www.niftybuttons.com/facebook/ 7 KB
7 KB 648ms
154ms Image
image/png 104.198.14.52
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.niftybuttons.com/facebook/facebookdark_48.png

Requested by

Host: wickedsistersband.com
URL: https://wickedsistersband.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.198.14.52 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

52.14.198.104.bc.googleusercontent.com

Software

Netlify /

Resource Hash

16da34b37d59fde1b0556b3de4fef1ee5e83008cd27ce8dc4db778db2ff05d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-nf-request-id: 01HA992RR1VZMTF236BP5MATA0
date: Thu, 14 Sep 2023 07:21:56 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 21005
etag: "57ef4e8f3c223a2744ba79da2ded3626-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 7056

GET
H2 200 usersite_print-898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553.css
assets-app-production-pubnet.bndzgl.com/assets/ 67 B
208 B 15ms
15ms Stylesheet
text/css 2606:4700::6812:13d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite_print-898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553.css

Requested by

Host: wickedsistersband.com
URL: https://wickedsistersband.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 2036349
cf-cache-status: HIT
content-length: 81
x-xss-protection: 1; mode=block
x-request-id: 88e9ad91323052709705262def25a907
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 07 Aug 2023 19:45:46 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8066e03ae8e81c0b-FRA
expires: Sun, 11 Sep 2033 07:21:55 GMT

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 28ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: wickedsistersband.com
URL: https://wickedsistersband.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6476981e8d9fdc660d00f688586ab5f48bb8425040448def95c2187eb610567b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Sep 2023 07:21:55 GMT
content-md5: t+HNRaMgSX/DnMkruGXOqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: Q7vhI7RkfT0K0qoNk7DdZgo4sOGLBDQebibYINZalYckmNZ3LHewYHsk8fZZfYPVRfiRBgA+14jGd3lJPi+9kA==
x-fb-content-md5: 9183948a82d125448237d59e996fc32e
cross-origin-opener-policy: same-origin-allow-popups
etag: "cc9468b48c50ad77b5c260c2c9463b54"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 14 Sep 2023 07:22:55 GMT

GET
H2 200 stats.js Show response
stats.zoogletools.net/ 2 KB
1 KB 536ms
113ms Script
application/javascript 2a09:8280:1::a:6d46
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.zoogletools.net/stats.js?v=1
Requested by: Host: wickedsistersband.com
URL: https://wickedsistersband.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/6cc3f7e5 (2023-09-12) /
Resource Hash: 061c461be655d95421747b6d56b14bb0c3e2bd5cf973211c8632d80472069dc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:56 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Tue, 01 Aug 2023 12:20:29 GMT
server: Fly/6cc3f7e5 (2023-09-12)
fly-request-id: 01HA992RKRKSPVAE46PACNVRKW-fra
etag: W/"6b7-64c8f88d.0"
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
fly-cache-status: HIT
accept-ranges: bytes

GET
H/1.1 200
OK 203-content-light.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/161/a/ 33 KB
33 KB 365ms
116ms Image
image/png 16.12.4.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/161/a/203-content-light.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/style-203-d50d1264.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.12.4.106 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 32c9b7f3189b543a5ccc8feda14470d6e79c2af689b80e1dceb20484aefe28d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-app-production-pubnet.bndzgl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 07:21:56 GMT
x-amz-version-id: QHMsj6DXyRorCo_LwMulNSndGbHoTM5x
Last-Modified: Mon, 03 Oct 2022 16:18:13 GMT
Server: AmazonS3
x-amz-request-id: QCPPCTPECFDADKKK
ETag: "16d16face5f3eef7825034ae5b858548"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 33674
x-amz-id-2: FF7xaBvNPwPakIkdetK86UqyiHLuu3PdwqmonypYvYgxzIWqHr1IOemeM6dB+hkY2fq6vEpxGL8=

GET
H/1.1 200
OK column-border.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/161/a/ 1 KB
2 KB 375ms
119ms Image
image/png 16.12.4.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/161/a/column-border.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/style-203-d50d1264.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.12.4.106 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9e94a76672babc2bcb9fe570697c9b9d91a31f4a1da1ef25c86e9a00d5e87649

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-app-production-pubnet.bndzgl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 07:21:56 GMT
x-amz-version-id: haHaOdkyp0e.8k3xoyxbO3QUC5T.3edb
Last-Modified: Mon, 03 Oct 2022 16:18:13 GMT
Server: AmazonS3
x-amz-request-id: QCPRJBQJQ6SSEXNN
ETag: "d78662e029815245d7554f2facd4198e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1427
x-amz-id-2: sZ0V6yyUcXYIKuga0KMMFtt8A4wXHluJRsF8puIAjsr+wkEPx+a+E15DHA84vi4AFp958AAsimA=

GET
H/1.1 200
OK subtitle-border.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/161/a/ 589 B
997 B 383ms
123ms Image
image/png 16.12.4.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/161/a/subtitle-border.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/style-203-d50d1264.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.12.4.106 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: acb1578d047588f340e8e7d3137b9a99e092f036f02b9ded138cf0c5b4db9ec6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-app-production-pubnet.bndzgl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 07:21:56 GMT
x-amz-version-id: TEjjgPXjlwYuwBN1eGiZS5iopso32ewJ
Last-Modified: Mon, 03 Oct 2022 16:18:13 GMT
Server: AmazonS3
x-amz-request-id: QCPZT4244X55QK9Q
ETag: "fe775a62676c6af4c0b736f30b38a11c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 589
x-amz-id-2: pvbJIyrS+0EdTgIW/9WppVk3BMaIj1KHSjiaz4tPzflIcfBBdnI5chgovpcxg5MbJ8op3yRKKys=

GET
H2 200 lW-swjwOK3Ps5GSJlNNkMalNpiZe_ldbOR4W71msR349Kg.woff2
fonts.gstatic.com/s/josefinslab/v26/ 10 KB
11 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinslab/v26/lW-swjwOK3Ps5GSJlNNkMalNpiZe_ldbOR4W71msR349Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Josefin+Slab&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394851aa5b50c25c7cd5498ff2f5b1575591265b82c07dcd1848894aef3f7700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wickedsistersband.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 17:19:49 GMT
x-content-type-options: nosniff
age: 482526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10324
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:40:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 17:19:49 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 18 KB
18 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af5a9628858b383c6257068c476c25b5a8a6421b686a349a828c47f526e7f877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wickedsistersband.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 13:37:24 GMT
x-content-type-options: nosniff
age: 409471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18628
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 13:37:24 GMT

GET
H2 200 font-icons-027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5.woff
assets-app-production-pubnet.bndzgl.com/assets/ 33 KB
18 KB 40ms
20ms Font
application/font-woff 2606:4700::6812:13d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/font-icons-027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5.woff

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-d60031a342c61cad3b37ae6195c140680667b5f6f0330c3e929b77abf93f902a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-d60031a342c61cad3b37ae6195c140680667b5f6f0330c3e929b77abf93f902a.css
Origin: https://wickedsistersband.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:55 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 4595
content-encoding: gzip
x-xss-protection: 1; mode=block
x-request-id: b43002e70bc70b73430d979b3437ef51
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 07 Sep 2023 21:48:33 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8066e03b0f623684-FRA
expires: Sun, 11 Sep 2033 07:21:55 GMT

GET
H2 200 242-722f5d5292828ef45f8d.chunk.js Show response
wickedsistersband.com/packs/js/ 107 KB
21 KB 109ms
109ms Script
application/javascript 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsistersband.com/packs/js/242-722f5d5292828ef45f8d.chunk.js

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-786db6dcd569cc8cf01d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

887c2224b006b42b71534501c8d390105f898bde6cd3cd8e67eab5e12ffd3f34

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
content-length: 21364
x-xss-protection: 1; mode=block
x-request-id: 8d4743cf87eebfa88042401a43546682
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 13 Sep 2023 18:28:18 GMT
server: openresty
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 232-1e471bb93180453d3737.chunk.js Show response
wickedsistersband.com/packs/js/ 64 KB
14 KB 190ms
189ms Script
application/javascript 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsistersband.com/packs/js/232-1e471bb93180453d3737.chunk.js

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-786db6dcd569cc8cf01d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

70d694a84838bf1d99f24f8d6334c30695bd6f7646f255effc885dc70dcaccd9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
content-length: 13773
x-xss-protection: 1; mode=block
x-request-id: 3c861bb67eafbd320c906a6175638af6
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 13 Sep 2023 18:28:17 GMT
server: openresty
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 238-a2e982842324835fb50d.chunk.js Show response
wickedsistersband.com/packs/js/ 486 B
846 B 127ms
127ms Script
application/javascript 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsistersband.com/packs/js/238-a2e982842324835fb50d.chunk.js

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-786db6dcd569cc8cf01d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

eca6424254f3c0371488cd96b3aeb73bf97cd7f1d1cc6db17aadc67d160f7a1f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
content-length: 296
x-xss-protection: 1; mode=block
x-request-id: 4a3dcc9a6fcafe7eb175e1bf33e0b690
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 13 Sep 2023 18:28:17 GMT
server: openresty
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 badge Show response
wickedsistersband.com/api/cart/ 1 KB
1 KB 175ms
175ms Fetch
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsistersband.com/api/cart/badge

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-786db6dcd569cc8cf01d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

9f13c6c11cc317009455316149f36f444245b2579388b32f7340b360c1460d29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wickedsistersband.com/
X-CSRF-Token: z2NM3rpEERp8F5bw0Po6/BcFYfl0mpjPShlQzjF3dmJ+gNmxLPIilKHXbkwGDmmD2Nxcxo5eX+MHRmW0eCTwMg==
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/html

Response headers

date: Thu, 14 Sep 2023 07:21:55 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 9748f4b5a9765c4c4be2cd100a438f2d, 9748f4b5a9765c4c4be2cd100a438f2d
pragma: no-cache
x-runtime: 0.043138
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: openresty
etag: W/"9f13c6c11cc317009455316149f36f44"
x-download-options: noopen
vary: Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: no-store
x-robots-tag: noindex
x-rack-cache: miss
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&onload=onCaptchaLoaded

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-786db6dcd569cc8cf01d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28230cbbe576498b87374a191bb09f128f617342a010464f477a411005b41789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedsistersband.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 857
x-xss-protection: 1; mode=block
expires: Thu, 14 Sep 2023 07:21:55 GMT

GET
H2 200 profile Show response
wickedsistersband.com/go/member/ 17 B
590 B 170ms
170ms Fetch
application/json 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedsistersband.com/go/member/profile

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-786db6dcd569cc8cf01d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wickedsistersband.com/
X-CSRF-Token: z2NM3rpEERp8F5bw0Po6/BcFYfl0mpjPShlQzjF3dmJ+gNmxLPIilKHXbkwGDmmD2Nxcxo5eX+MHRmW0eCTwMg==
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/json

Response headers

date: Thu, 14 Sep 2023 07:21:55 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
content-length: 17
x-xss-protection: 1; mode=block
x-request-id: 4dc52333ee738545d6ec2a21a30ccd83, 4dc52333ee738545d6ec2a21a30ccd83
pragma: no-cache
x-runtime: 0.035857
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: openresty
etag: W/"06e5f7e2d702e0110271dd33c198e1f3"
x-download-options: noopen
vary: Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
cache-control: no-store
x-robots-tag: noindex
x-rack-cache: miss
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 304 KB
85 KB 22ms
10ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=241637fb328c4bc80343d43abd8daded

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c4fc78b632350389b11574737cf9c6a6240985ddb810fb249da32a21755184c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wickedsistersband.com/
Origin: https://wickedsistersband.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Sep 2023 07:21:55 GMT
content-md5: gkvT1UNBCanuo2R/s+ijzA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87351
x-fb-debug: F2qYJFylfN1/E5bvwptg22iYgcuwFaIHZ73ZkoQD4phTdg0GH3sZflgbIAGEwQ+ffJbfIdMX/i0IN0zxmh6onw==
x-fb-content-md5: 9951a8c113d2f9aea515d5525ebe4e68
cross-origin-opener-policy: same-origin-allow-popups
etag: "3bc531543616211a4726467f281ffa13"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 13 Sep 2024 06:33:27 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 454 KB
183 KB 37ms
9ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=onCaptchaLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wickedsistersband.com/
Origin: https://wickedsistersband.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 12:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186637
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 12:14:17 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 813A 52 KB
29 KB 33ms
32ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ&co=aHR0cHM6Ly93aWNrZWRzaXN0ZXJzYmFuZC5jb206NDQz&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=vrimk26h68df

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

57a5e258648288cb95546e31190013fad7a91d8926f3dcbcd447c51cb134e1a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P8fjz3tx5xhfZPI_AfQ9RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wickedsistersband.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 29453
content-security-policy: script-src 'report-sample' 'nonce-P8fjz3tx5xhfZPI_AfQ9RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 07:21:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 813A 55 KB
24 KB 32ms
8ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ&co=aHR0cHM6Ly93aWNrZWRzaXN0ZXJzYmFuZC5jb206NDQz&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=vrimk26h68df

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 02:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 02:34:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 813A 454 KB
182 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 12:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186637
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 12:14:17 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 813A 102 B
134 B 17ms
16ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c548ab92911cb0c3db4cbbe04248ddbfd4f50759d33b73ba54f6086cb7716b68

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ&co=aHR0cHM6Ly93aWNrZWRzaXN0ZXJzYmFuZC5jb206NDQz&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=vrimk26h68df
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 14 Sep 2023 07:21:56 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 1250 7 KB
1 KB 31ms
28ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f4eb61b9d26751d9ecd5804e6e3b236c90a0c68639bd4e59d3f992eecae0b34f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8TRW7p3C7ZLEcOTx4BttDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wickedsistersband.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1157
content-security-policy: script-src 'report-sample' 'nonce-8TRW7p3C7ZLEcOTx4BttDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 07:21:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 1250 55 KB
24 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 02:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 02:34:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 1250 454 KB
182 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 12:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186637
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 12:14:17 GMT

POST
H2 200 visits
stats.zoogletools.net/ 0
0 197ms
197ms Fetch
application/json 2a09:8280:1::a:6d46
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.zoogletools.net/visits

Requested by

Host: stats.zoogletools.net
URL: https://stats.zoogletools.net/stats.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/6cc3f7e5 (2023-09-12) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wickedsistersband.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Sep 2023 07:21:55 GMT
via: 2 fly.io
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 6a47b63f-ac12-4597-a83f-8bc70606ffab
x-runtime: 0.092044
referrer-policy: strict-origin-when-cross-origin
fly-request-id: 01HA992RWZD7EFWJDNG4YA2P6A-fra
server: Fly/6cc3f7e5 (2023-09-12)
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: no-cache
content-type: application/json; charset=utf-8
vary: Origin

OPTIONS
H2 200 visits
stats.zoogletools.net/ Frame 0
0 118ms
99ms Preflight 2a09:8280:1::a:6d46
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.zoogletools.net/visits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/6cc3f7e5 (2023-09-12) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wickedsistersband.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-length: 0
date: Thu, 14 Sep 2023 07:21:55 GMT
fly-request-id: 01HA992RSVC2TEKBKA96N95PPN-fra
server: Fly/6cc3f7e5 (2023-09-12)
via: 2 fly.io

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 1250 40 KB
25 KB 60ms
59ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ebf66c9438ad447564abf0602bcd920169248e3aaa35c5e0e6cdacf8be187770

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 14 Sep 2023 07:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25066
x-xss-protection: 1; mode=block
expires: Thu, 14 Sep 2023 07:21:56 GMT

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame 4B5F
Redirect Chain

https://web.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df139d68451c4c9%26domain%3Dwickedsistersband.com%26i...
https://www.facebook.com/plugins/like.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df139d68451c4c9%26domain%3Dwickedsistersband.com%26is...

51 KB
18 KB

204ms
187ms

Document
text/html

2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df139d68451c4c9%26domain%3Dwickedsistersband.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwickedsistersband.com%252Ff4b71cb3d23314%26relation%3Dparent.parent&container_width=267&href=http%3A%2F%2Fwickedsistersband.com%2F&locale=en_US&sdk=joey&send=true&show_faces=true&width=450&_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=241637fb328c4bc80343d43abd8daded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33183042d4de5d9a618d30a5e4d6ca946427a7e05d64213dce654cd888c33ada

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wickedsistersband.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 07:21:56 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: HnI3IWkdudQP/Bv6PgMKTqoai3G8wQtwMCVXu9gd8I43a3Fh1FLOwaepZL3sNrnk9mkeKq9uRtcWCSzGtl29IA==
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 14 Sep 2023 07:21:56 GMT
location: https://www.facebook.com/plugins/like.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df139d68451c4c9%26domain%3Dwickedsistersband.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwickedsistersband.com%252Ff4b71cb3d23314%26relation%3Dparent.parent&container_width=267&href=http%3A%2F%2Fwickedsistersband.com%2F&locale=en_US&sdk=joey&send=true&show_faces=true&width=450&_rdc=1&_rdr
origin-agent-cluster: ?0
strict-transport-security: max-age=15552000; preload
x-fb-debug: E4Dj4AMiRPryUIGtq3HHHKVzg7NQfPgHPtbh3emWZkUoavTD+9VWTrBrbwPyL8NKipiRtFAeWeYZYFZfjx4UAw==
x-fb-zr-redirect: 02|1694762516|

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1250 600 B
624 B 13ms
12ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 21:31:20 GMT
x-content-type-options: nosniff
age: 381036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 16 Sep 2023 21:31:20 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1250 530 B
554 B 11ms
10ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 06:58:17 GMT
x-content-type-options: nosniff
age: 433419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 16 Sep 2023 06:58:17 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1250 665 B
689 B 11ms
11ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:38:49 GMT
x-content-type-options: nosniff
age: 517387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 15 Sep 2023 07:38:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1250 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 08:35:58 GMT
x-content-type-options: nosniff
age: 427558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 08:35:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1250 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 03:38:02 GMT
x-content-type-options: nosniff
age: 531834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 03:38:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1250 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:41:40 GMT
x-content-type-options: nosniff
age: 135616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 17:41:40 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 1250 33 KB
33 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA65nxnKe1wRDTTyiZYeks1x22ZRDzwrd0F6xcgdzx8wYmFqmKuwb076OpnnqKBnLIaEaN7m2d4Xa6TF1MVYtdotriYWHadCPK5pMd_L7RyjQ4sBMq3R1B3g4IgzQ1y7-hQWPtByd2n5JMM6TiDYc1lZd9rKoLwwzqcy90UrwlDXAoUF2TPkvPX_7a2wX_LfAN3Jp3AQDBKE3g1-ZwftXT6YcQmDwg&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e27e73838fc757cecfa85bcdbed76df63774166dcbf382b20067c40bfb8b8ca8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:56 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33291
x-xss-protection: 1; mode=block
expires: Thu, 14 Sep 2023 07:21:56 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 4B5F 299 B
547 B 11ms
8ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df139d68451c4c9%26domain%3Dwickedsistersband.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwickedsistersband.com%252Ff4b71cb3d23314%26relation%3Dparent.parent&container_width=267&href=http%3A%2F%2Fwickedsistersband.com%2F&locale=en_US&sdk=joey&send=true&show_faces=true&width=450&_rdc=1&_rdr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-fb-debug: CI7uXxTiNG3BL5YOHujbyUGQGoeNOm82iFXAOlhVAPy9outhLklTlXXgkMgZzG8CF/GKxaGe0g6M72ZcbVowRg==
date: Thu, 14 Sep 2023 07:21:56 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 299
expires: Sat, 31 Aug 2024 03:12:18 GMT

GET
H2 200 b3wp7GyoWXZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yM/l/en_US/ Frame 4B5F 520 KB
134 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yM/l/en_US/b3wp7GyoWXZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5457944a520de8de3e3b35da1aa0704eb8fc602418a30b73a0ed062d69f7709a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:21:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /b82/skKgU48pt3uBuYb1Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 137353
x-fb-debug: 8aWYKJ8bxr5KlISygUXiL5woT2QNK4cEuA0/CjGIhP2w9oVFFO4j+k0rX0i499T+VVq8FoT2lYgdN0379rzVJw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 12 Sep 2024 21:41:14 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 19:03:48	Name: _GRECAPTCHA Value: 09AKn8keu5eRnnvkkFivIKaiS8Novie0pDWEh4VIHyxC3RBuzgC6pyE6OpaL_p2qnnI9JH0F8GYXcXdCOt5DUz-h8
			wickedsistersband.com/	1969-12-31 23:59:59	Name: guid Value: f7143a93-bf30-4163-a4aa-8456dabd6f22

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://wickedsistersband.com/ Message: Mixed Content: The page at 'https://wickedsistersband.com/' was loaded over HTTPS, but requested an insecure element 'http://www.niftybuttons.com/facebook/facebookdark_48.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://wickedsistersband.com/(Line 716) Message: Mixed Content: The page at 'https://wickedsistersband.com/' was loaded over HTTPS, but requested an insecure element 'http://www.niftybuttons.com/facebook/facebookdark_48.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-app-production-pubnet.bndzgl.com
connect.facebook.net
d10j3mvrs1suex.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
static.xx.fbcdn.net
stats.zoogletools.net
web.facebook.com
wickedsistersband.com
www.facebook.com
www.google.com
www.gstatic.com
www.niftybuttons.com
zglseed.s3.ca-central-1.amazonaws.com
104.198.14.52
16.12.4.106
2600:9000:2057:b800:7:56a2:7e40:21
2606:4700:90:0:3626:d0ff:6957:de1
2606:4700::6812:13d7
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200a
2a00:1450:4001:828::2004
2a03:2880:f083:6:face:b00c:0:2
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a09:8280:1::a:6d46
027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5
061c461be655d95421747b6d56b14bb0c3e2bd5cf973211c8632d80472069dc7
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
16da34b37d59fde1b0556b3de4fef1ee5e83008cd27ce8dc4db778db2ff05d7a
28230cbbe576498b87374a191bb09f128f617342a010464f477a411005b41789
32c9b7f3189b543a5ccc8feda14470d6e79c2af689b80e1dceb20484aefe28d2
33183042d4de5d9a618d30a5e4d6ca946427a7e05d64213dce654cd888c33ada
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
359a376829f6011b92819a17239f7046be231b553a27be90c8ce87e44143a9df
38762364df172b96d1023a94c67dc19fb98818f6627f572fbd90f3f6f200011e
394851aa5b50c25c7cd5498ff2f5b1575591265b82c07dcd1848894aef3f7700
3dd13218b6cf61875dc7ac4621305fb994ec1a594c34154a27cb40c99c7146c4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4360b3f3da3a6a96c1833035f2063510e7b8c1daedcef08e9bea7f05a0dd4170
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5457944a520de8de3e3b35da1aa0704eb8fc602418a30b73a0ed062d69f7709a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57a5e258648288cb95546e31190013fad7a91d8926f3dcbcd447c51cb134e1a9
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c4fc78b632350389b11574737cf9c6a6240985ddb810fb249da32a21755184c
6476981e8d9fdc660d00f688586ab5f48bb8425040448def95c2187eb610567b
70d694a84838bf1d99f24f8d6334c30695bd6f7646f255effc885dc70dcaccd9
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a3eb37cd27db163117bdd65f24555708748528618164b4f2464990dc6042e70
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
83fc7289d9c903cd652c1f68efdb6d0f3f43aece80bacb6532bfffedfbcd7786
887c2224b006b42b71534501c8d390105f898bde6cd3cd8e67eab5e12ffd3f34
898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
9e94a76672babc2bcb9fe570697c9b9d91a31f4a1da1ef25c86e9a00d5e87649
9f13c6c11cc317009455316149f36f444245b2579388b32f7340b360c1460d29
acb1578d047588f340e8e7d3137b9a99e092f036f02b9ded138cf0c5b4db9ec6
acd786726d17e5c08b45f3858a3ad1f53a93be5e71a81ceb3bcc4a276e8b6b19
af5a9628858b383c6257068c476c25b5a8a6421b686a349a828c47f526e7f877
b2afdd1c3d6d8d98073531b64db891e937cf2b909bdc8853aa96cbca6ba7b974
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c548ab92911cb0c3db4cbbe04248ddbfd4f50759d33b73ba54f6086cb7716b68
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
d60031a342c61cad3b37ae6195c140680667b5f6f0330c3e929b77abf93f902a
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
e27e73838fc757cecfa85bcdbed76df63774166dcbf382b20067c40bfb8b8ca8
e64f46290ced6b14c45a7a1ccd110021d8a7fb539aff9cd38913a8bbdc3b360d
ebf66c9438ad447564abf0602bcd920169248e3aaa35c5e0e6cdacf8be187770
eca6424254f3c0371488cd96b3aeb73bf97cd7f1d1cc6db17aadc67d160f7a1f
ed0f64153c7dfc54eb8c8b7efea8c49823150646303adbee736ec6ba539ad122
edc45bd1c6dffcfd590da032b22ce8f2e50f39ed802468be01ee8c8fd012b589
f4eb61b9d26751d9ecd5804e6e3b236c90a0c68639bd4e59d3f992eecae0b34f

wickedsistersband.com Open in urlscan Pro 2606:4700:90:0:3626:d0ff:6957:de1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

85 %IPv6

12 Domains

14 Subdomains

13 IPs

3 Countries

1649 kBTransfer

4263 kBSize

2 Cookies

4 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wickedsistersband.com Open in urlscan Pro
2606:4700:90:0:3626:d0ff:6957:de1 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

85 %
IPv6

12
Domains

14
Subdomains

13
IPs

3
Countries

1649 kB
Transfer

4263 kB
Size

2
Cookies

50 HTTP transactions
4 data transactions