www.witchesfalls.com.au/
301 Moved Permanently 94 B IP
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 47cb3a086e5ed19e1427417fa39b7d8f
cc9ab73be41ee44eb9711d9a0701c15bf22c856d
e875501033b7c0eb92d7976cf4dffd39b8ef993f638d033b509af72c5ea5dcb3
GET / HTTP/1.1
Host: www.witchesfalls.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 14 Jan 2023 03:33:55 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Sorting-Hat-PodId: 131
X-Sorting-Hat-ShopId: 37341069444
X-Storefront-Renderer-Rendered: 1
Location: https://witchesfalls.com.au/
X-Redirect-Reason: https_required
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'none';
X-ShopId: 37341069444
X-ShardId: 131
Vary: Accept
X-Shopify-Stage: production
X-Dc: gcp-europe-north1,europe-west1,gcp-europe-west1
X-Request-ID: 27dbb3ba-316a-4a4f-ba3d-7dc2a3bb1d47
X-Download-Options: noopen
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTKfTzEKy11Sb3zJgWeZyhHrWT%2B7h4Es7JOx3Y%2BPN3QLtKBVMcp%2BEurpj1Yqw90OD6TxoWY5FlB9PKO%2F5C8GWiAG4eFps972gvPp6UfPlXfi2tdMJPwZziKJBzV55rEWWmD4muieWO22"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server-Timing: processing;dur=10, db;dur=4, asn;desc="50304", edge;desc="OSL", country;desc="NO", cfRequestDuration;dur=250.000000
Server: cloudflare
CF-RAY: 7893501cf8d6b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11054
Expires: Sat, 14 Jan 2023 06:38:09 GMT
Date: Sat, 14 Jan 2023 03:33:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cab5b63e128895128726181aff42e42e
d39c36237554fcd41addec0664d7fe7f7d157c06
18e82a5b82eb8f2d8b49df824c336015f19367c5a05467ad139a56db59f88852
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E82A5B82EB8F2D8B49DF824C336015F19367C5A05467AD139A56DB59F88852"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14274
Expires: Sat, 14 Jan 2023 07:31:49 GMT
Date: Sat, 14 Jan 2023 03:33:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0f4ecf4f26be1ba09e61135b1b488bf4
f16b8277e00033bc990a8bcce54b693cb3c87d62
3018c2a228f0a894d217e8e8b0b8dd060527f06879cd2f469bac6c8766acbbf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3018C2A228F0A894D217E8E8B0B8DD060527F06879CD2F469BAC6C8766ACBBF8"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12378
Expires: Sat, 14 Jan 2023 07:00:13 GMT
Date: Sat, 14 Jan 2023 03:33:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 02:42:01 GMT
content-type: application/json
age: 3114
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: plqwrt3TQyI2EuzpyaG29acD8unSzOsqQ9DczCZHC0Mo9KZBZeaQS5cY88glXBjqxp2yRPlqkf0=
x-amz-request-id: KM9QCX9BNY1PXGFP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 02:54:46 GMT
age: 2349
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 03:33:55 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 26fedaa2b917d910daba53c164fcb45d
44f5e3e14060c8f6b246a072caa0b3b8546ca74a
021f74a97dc788a977d73b3c934561df9cd21214aad602485ada4ebe858a0253
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "021F74A97DC788A977D73B3C934561DF9CD21214AAD602485ADA4EBE858A0253"
Last-Modified: Fri, 13 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Sat, 14 Jan 2023 09:33:27 GMT
Date: Sat, 14 Jan 2023 03:33:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 14 Jan 2023 03:17:25 GMT
age: 991
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 26fedaa2b917d910daba53c164fcb45d
44f5e3e14060c8f6b246a072caa0b3b8546ca74a
021f74a97dc788a977d73b3c934561df9cd21214aad602485ada4ebe858a0253
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "021F74A97DC788A977D73B3C934561DF9CD21214AAD602485ADA4EBE858A0253"
Last-Modified: Fri, 13 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Sat, 14 Jan 2023 09:33:27 GMT
Date: Sat, 14 Jan 2023 03:33:56 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash b1e3535cab3c1ac295b1412126a9325c
d1bdf1b8663817ae34b6182db29d6b20666779e7
90c4ecd4b0782647fd78110b5bacfb73d2b05aae4de789a90318574407dfb565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4180
Cache-Control: max-age=110550
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:56 GMT
Etag: "63c11f26-1d7"
Expires: Sun, 15 Jan 2023 10:16:26 GMT
Last-Modified: Fri, 13 Jan 2023 09:06:46 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 279 B IP
Hash bb1eb684b513587e59aefa01a1323ac1
ebd002aa16d016ffe3198c13df347a1bc2dc119d
126054af07aff9e21fdbb33cd15b16b34089a9655ceb58970f7beb60bbb492a1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5484
Cache-Control: max-age=152926
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:56 GMT
Etag: "63c1bf96-117"
Expires: Sun, 15 Jan 2023 22:02:42 GMT
Last-Modified: Fri, 13 Jan 2023 20:31:18 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0c669ac2536d90397ad413c47272703b
66f852c0eaf0d502f21cde3a23cad5d3a2ce2c56
ce22accc06d1488a0fbd0984f3e666004c484d39465ef618fe96313e0de340e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE22ACCC06D1488A0FBD0984F3E666004C484D39465EF618FE96313E0DE340E5"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9610
Expires: Sat, 14 Jan 2023 06:14:06 GMT
Date: Sat, 14 Jan 2023 03:33:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0c669ac2536d90397ad413c47272703b
66f852c0eaf0d502f21cde3a23cad5d3a2ce2c56
ce22accc06d1488a0fbd0984f3e666004c484d39465ef618fe96313e0de340e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE22ACCC06D1488A0FBD0984F3E666004C484D39465EF618FE96313E0DE340E5"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9610
Expires: Sat, 14 Jan 2023 06:14:06 GMT
Date: Sat, 14 Jan 2023 03:33:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0c669ac2536d90397ad413c47272703b
66f852c0eaf0d502f21cde3a23cad5d3a2ce2c56
ce22accc06d1488a0fbd0984f3e666004c484d39465ef618fe96313e0de340e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE22ACCC06D1488A0FBD0984F3E666004C484D39465EF618FE96313E0DE340E5"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9610
Expires: Sat, 14 Jan 2023 06:14:06 GMT
Date: Sat, 14 Jan 2023 03:33:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0c669ac2536d90397ad413c47272703b
66f852c0eaf0d502f21cde3a23cad5d3a2ce2c56
ce22accc06d1488a0fbd0984f3e666004c484d39465ef618fe96313e0de340e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE22ACCC06D1488A0FBD0984F3E666004C484D39465EF618FE96313E0DE340E5"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9610
Expires: Sat, 14 Jan 2023 06:14:06 GMT
Date: Sat, 14 Jan 2023 03:33:56 GMT
Connection: keep-alive
cdn.polyfill.io/v3/polyfill.min.js?unknown=polyfill&features=fetch,Element.prototype.closest,Element.prototype.remove,Element.prototype.classList,Array.prototype.includes,Array.prototype.fill,Object.assign,CustomEvent,IntersectionObserver,IntersectionObserverEntry,URL
200 OK 94 B URL HTTP/2 cdn.polyfill.io/v3/polyfill.min.js?unknown=polyfill&features=fetch,Element.prototype.closest,Element.prototype.remove,Element.prototype.classList,Array.prototype.includes,Array.prototype.fill,Object.assign,CustomEvent,IntersectionObserver,IntersectionObserverEntry,URL
IP
Hash eb8b0ba88b3acfb11ea81d5c02be9108
4b7f14cc2db25abdbe25472934b7469b2488f9d4
7237f15a97fe102c6ed13eadc0f7980da03cd06a20dfb7c7b8050e60dada617d
GET /v3/polyfill.min.js?unknown=polyfill&features=fetch,Element.prototype.closest,Element.prototype.remove,Element.prototype.classList,Array.prototype.includes,Array.prototype.fill,Object.assign,CustomEvent,IntersectionObserver,IntersectionObserverEntry,URL HTTP/1.1
Host: cdn.polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 11 Jan 2023 11:21:49 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/105.0.0
date: Sat, 14 Jan 2023 03:33:56 GMT
vary: User-Agent, Accept-Encoding
server-timing: PASS, fastly;desc="Edge time";dur=12
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 94
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
Hash fbae669ac0382228a2884e7adbeadf04
2015a3e31d9b5f94c1135dc86b42e57c4a3ae78b
4aed7ecdb8d27fd06f983619c8752d371ccb745ee908e2887da2b86c0a96aaa4
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "59843E03320B7E23E485E99F4FF7AC0C939920DF"
Expires: Sat, 14 Jan 2023 15:00:00 UTC
Last-Modified: Sat, 14 Jan 2023 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Sat, 14 Jan 2023 03:33:56 GMT
Via: 1.1 varnish
Age: 1040
X-Served-By: cache-bma1634-BMA
X-Cache: HIT
X-Cache-Hits: 3
X-Timer: S1673667237.755367,VS0,VE0
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lKnNSh88VF/aEkbNvMfWsA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9+h+ff7dCP5v7zXMpvRFqJjNqgM=
cdn.shopify.com/s/files/1/0373/4106/9444/files/DSC_2927_Large_52cc6e4e-8ce4-436b-8c4e-001e80d0721b_1x1.jpg?v=1662705006
200 OK 704 B URL HTTP/2 cdn.shopify.com/s/files/1/0373/4106/9444/files/DSC_2927_Large_52cc6e4e-8ce4-436b-8c4e-001e80d0721b_1x1.jpg?v=1662705006
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6f5d16dbaecd96a12a84dc9785667d93
f6e5ef0ce2c173f50ee9d5a98b8434fafc39f4c9
24f237236b4bf179465d8da19494e257fc47977d93080c07c2c6e663be2d449b
GET /s/files/1/0373/4106/9444/files/DSC_2927_Large_52cc6e4e-8ce4-436b-8c4e-001e80d0721b_1x1.jpg?v=1662705006 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:56 GMT
content-type: image/webp
content-length: 704
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0373/4106/9444/files/DSC_2927_Large_52cc6e4e-8ce4-436b-8c4e-001e80d0721b_1x1.jpg>; rel="canonical"
source-length: 229043
source-type: image/jpeg
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: a6957a93-d545-4edb-90bb-cf3d1e9a2442
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-central1
last-modified: Fri, 16 Dec 2022 20:14:20 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a18YJJ2jtdopgEk98jNspMYZy0b028odmtnO2FA80VYN3tpmvu3dA0ZdIU2sqpusrHz3DMDm7rw00Zr9e5UlJFgipbI6EASBykeOMV3Z%2BIb7wZLb0lrjHf80e%2B8KmuwLjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=146.035, imageryFetch;dur=106.984, imageryProcess;dur=37.439;desc="image", cfRequestDuration;dur=126.999855
server: cloudflare
cf-ray: 789350254b83b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0373/4106/9444/files/Witches_Falls_Logo_Black_TEXT_1_200x.png?v=1613620252
200 OK 2.5 kB URL HTTP/2 cdn.shopify.com/s/files/1/0373/4106/9444/files/Witches_Falls_Logo_Black_TEXT_1_200x.png?v=1613620252
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type RIFF (little-endian) data, Web/P image\012- data
Hash df07a8a1027009e72036bb004b61f68c
69ce03508c3630b6456d6ab8a8b1d6e5763e3790
7461e3ae4d58f18d9019ed5e021c4efa6cf5ad9f7ab2044a9f50fedae1f84868
GET /s/files/1/0373/4106/9444/files/Witches_Falls_Logo_Black_TEXT_1_200x.png?v=1613620252 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:56 GMT
content-type: image/webp
content-length: 2474
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0373/4106/9444/files/Witches_Falls_Logo_Black_TEXT_1_200x.png>; rel="canonical"
source-length: 9710
source-type: image/png
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: dcc40680-f8b4-45e2-9593-ceddda2c0ea0
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Thu, 12 Jan 2023 20:01:49 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vqZsoUIkIl8OTzd782AqIs8xLOPE593O1vaB57oeEhh06nDLdddQHOTu2uKXKYsjhjnJTCcDre5atc%2BKrLoe1yWNtwq2ub872jaMqBpztj6H2h8S3w1mOFm2G5oJOcWfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=162.666, imageryFetch;dur=76.392, imageryProcess;dur=84.750;desc="image", cfRequestDuration;dur=128.999949
server: cloudflare
cf-ray: 789350254b81b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/theme.scss.css?v=76556184505890653101656440421
200 OK 30 kB URL HTTP/2 cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/theme.scss.css?v=76556184505890653101656440421
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (65536), with no line terminators
Hash fe6f18ad049ddba2ce4cbda91d3f702f
85282d11d9c5c481a43e8b3200b3aee5cc7b45ee
05f819ee2f1308dff2379a3862e4bf2c12ae94fd328e573bc484b109ec0942ba
GET /s/files/1/0373/4106/9444/t/8/assets/theme.scss.css?v=76556184505890653101656440421 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:56 GMT
content-type: text/css
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/theme.scss.css>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 32d6c6b9-57d7-4fe2-81fe-3cb7258c390e
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-east1
last-modified: Tue, 27 Dec 2022 10:23:18 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdivyxapaDXfBrkwg3M2dftNoNihRaRas6xOOvIwNpVObKuZefKZzrS7gwv0j3ahQaeQmb8%2Bif88awcdA4ozVZktXPV%2FjhW8TjSkrYAn1pXKKA2FbV0HK9ioifm50MJZrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=1624.014, imageryFetch;dur=112.082, imageryProcess;dur=1496.380;desc="scss", cfRequestDuration;dur=131.999969
server: cloudflare
cf-ray: 789350254b87b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sdk.loyaltylion.net/static/2/loader.js?t=2023014
200 OK 45 kB URL HTTP/2 sdk.loyaltylion.net/static/2/loader.js?t=2023014
IP
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 6da3a9b58a9107ceaeadb3ae01d5e538
7502866f7e54f50762eafc060c70b810761c4a05
f8703c03b0ad85f69ccd8c20790ac3a8d227252db130533f92d231c74b894f1e
GET /static/2/loader.js?t=2023014 HTTP/1.1
Host: sdk.loyaltylion.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://witchesfalls.com.au
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 44839
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: ETag
access-control-max-age: 86400
last-modified: Thu, 05 Jan 2023 17:26:07 GMT
content-encoding: br
accept-ranges: bytes
server: AmazonS3
date: Sat, 14 Jan 2023 03:30:36 GMT
cache-control: max-age=1200, s-maxage=300, must-revalidate
etag: "6da3a9b58a9107ceaeadb3ae01d5e538"
vary: Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Spv9BRHcqlefwU9DUbtQhDWtWUz2259HGDnXyNoMH82JFtM5VJkRuw==
age: 202
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 254dd07edd760c62b09ee8712c19ed81
c6855182a81a45313fd3faa5f0189384d6e5bb81
6f7a1f11e66b5534e865de6aa7996b457e98d9ed693ca4ba2f6227132541c10c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F7A1F11E66B5534E865DE6AA7996B457E98D9ED693CA4BA2F6227132541C10C"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9251
Expires: Sat, 14 Jan 2023 06:08:08 GMT
Date: Sat, 14 Jan 2023 03:33:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 254dd07edd760c62b09ee8712c19ed81
c6855182a81a45313fd3faa5f0189384d6e5bb81
6f7a1f11e66b5534e865de6aa7996b457e98d9ed693ca4ba2f6227132541c10c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F7A1F11E66B5534E865DE6AA7996B457E98D9ED693CA4BA2F6227132541C10C"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9251
Expires: Sat, 14 Jan 2023 06:08:08 GMT
Date: Sat, 14 Jan 2023 03:33:57 GMT
Connection: keep-alive
sdk.loyaltylion.net/sdk/start/1c7998c90e7c91ba71ee25292922eb0c.js?t=20230143
200 OK 976 B URL HTTP/2 sdk.loyaltylion.net/sdk/start/1c7998c90e7c91ba71ee25292922eb0c.js?t=20230143
IP
File type ASCII text, with very long lines (976), with no line terminators
Hash 6f3b5cd56f03ec70db20e8855de5793b
362c6ed44cb564fd5c87da9007659bfbb2db7f44
1795f469ea284b43f4b671716634390ec804aaa067f0f0930301165a50eb1425
GET /sdk/start/1c7998c90e7c91ba71ee25292922eb0c.js?t=20230143 HTTP/1.1
Host: sdk.loyaltylion.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://witchesfalls.com.au
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 976
date: Sat, 14 Jan 2023 03:33:57 GMT
server: nginx
x-dns-prefetch-control: off
access-control-allow-origin: *
cache-control: private, max-age=60, must-revalidate
etag: W/"3d0-Nixu1Ey1ZP1ch9qQB2Wb+7Lbf0Q"
x-cache-status: STALE
x-cache: Miss from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NmOOM0nHm39k-FS8Vtjh5Xsq_cCU4Q6csoN35gkM-syOznmIsqEicA==
X-Firefox-Spdy: h2
fonts.shopifycdn.com/cardo/cardo_n4.eebb245e383be6550785a657b25f51c2b83d7e78.woff2?h1=d2l0Y2hlc2ZhbGxzLmNvbS5hdQ&h2=d2l0Y2hlc2ZhbGxzLmF1&hmac=1bf22bafa2d9f79e00f78f47d979c8072ab00a8ff26d1c3cc031cd2004b98c32
200 OK 18 kB URL HTTP/2 fonts.shopifycdn.com/cardo/cardo_n4.eebb245e383be6550785a657b25f51c2b83d7e78.woff2?h1=d2l0Y2hlc2ZhbGxzLmNvbS5hdQ&h2=d2l0Y2hlc2ZhbGxzLmF1&hmac=1bf22bafa2d9f79e00f78f47d979c8072ab00a8ff26d1c3cc031cd2004b98c32
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 18328, version 1.2956\012- data
Hash 72b12f6ccfb7ee8b008b4f35671e8ddf
eebb245e383be6550785a657b25f51c2b83d7e78
71d3778f08546404b5227e45a2792a1c31ca33197894c2e07a291deaa71ac83b
GET /cardo/cardo_n4.eebb245e383be6550785a657b25f51c2b83d7e78.woff2?h1=d2l0Y2hlc2ZhbGxzLmNvbS5hdQ&h2=d2l0Y2hlc2ZhbGxzLmF1&hmac=1bf22bafa2d9f79e00f78f47d979c8072ab00a8ff26d1c3cc031cd2004b98c32 HTTP/1.1
Host: fonts.shopifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://witchesfalls.com.au
Connection: keep-alive
Referer: https://cdn.shopify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:57 GMT
content-type: font/woff2
content-length: 18328
cf-ray: 7893502849c6b518-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1797829
cache-control: max-age=2629800, immutable
last-modified: Sat, 24 Dec 2022 08:09:51 GMT
link: <https://imagery4-fonts.shopifysvc.com/premium-fonts/cardo/cardo_n4.eebb245e383be6550785a657b25f51c2b83d7e78.woff2>; rel="canonical"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
timing-allow-origin: *
x-content-type-options: nosniff
x-dc: gcp-us-east1,us-east1
x-request-id: 8bd1362b-9262-479a-acf2-79ea41038c83
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cwed3ibg0Ivop9hu%2BCZ7QEQAGR0TTqm4q%2B8hRl1kHBLlzjb9noDdV8tFLEajb9p6JiQNbsSMmBlkLUgNUmrMCOv3VhxHQ6psk0grlHrx33%2Bq5BpqcnB1M7dQ%2B%2BRNjyOUj6ExhWAz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=29.925, imageryFetch;dur=29.613, cfRequestDuration;dur=8.999825, cfRequestDuration;dur=22.000074
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.shopifycdn.com/cardo/cardo_n7.d02b7fb13fc5aac90b5334d99f92017ede2099f6.woff2?h1=d2l0Y2hlc2ZhbGxzLmNvbS5hdQ&h2=d2l0Y2hlc2ZhbGxzLmF1&hmac=0c5b6a0b3bb066d2460770c011e969e049b6eea5a1903757cc83e31d47766555
200 OK 23 kB URL HTTP/2 fonts.shopifycdn.com/cardo/cardo_n7.d02b7fb13fc5aac90b5334d99f92017ede2099f6.woff2?h1=d2l0Y2hlc2ZhbGxzLmNvbS5hdQ&h2=d2l0Y2hlc2ZhbGxzLmF1&hmac=0c5b6a0b3bb066d2460770c011e969e049b6eea5a1903757cc83e31d47766555
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 22876, version 1.72\012- data
Hash 1914c2dfac11be36780c9b325b918076
d02b7fb13fc5aac90b5334d99f92017ede2099f6
ae7ccd6d23bead6117dfa76573d1efdded87440d9086935af62c74f3424fd049
GET /cardo/cardo_n7.d02b7fb13fc5aac90b5334d99f92017ede2099f6.woff2?h1=d2l0Y2hlc2ZhbGxzLmNvbS5hdQ&h2=d2l0Y2hlc2ZhbGxzLmF1&hmac=0c5b6a0b3bb066d2460770c011e969e049b6eea5a1903757cc83e31d47766555 HTTP/1.1
Host: fonts.shopifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://witchesfalls.com.au
Connection: keep-alive
Referer: https://cdn.shopify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:57 GMT
content-type: font/woff2
content-length: 22876
cf-ray: 7893502859c8b518-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1797194
cache-control: max-age=2629800, immutable
last-modified: Sat, 24 Dec 2022 08:09:59 GMT
link: <https://imagery4-fonts.shopifysvc.com/premium-fonts/cardo/cardo_n7.d02b7fb13fc5aac90b5334d99f92017ede2099f6.woff2>; rel="canonical"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
timing-allow-origin: *
x-content-type-options: nosniff
x-dc: gcp-us-east1,us-east1
x-request-id: bbb1caa5-e6d8-4804-96d8-f6143ddeec54
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmF3W2LhI251y%2F4Ob893XRx2RC%2F%2BOiLQ1elvb9RY%2FZN1NG0EyGCJtuzviCzxnB47uGqzkP%2BZD7BrQpWNf%2BqUqmiVthCDciZhNj8ZJnY4VbV0feLx%2BD7Lq2y%2FTtIYIuOfXBg8aJbW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=70.675, imageryFetch;dur=70.373, cfRequestDuration;dur=8.999825, cfRequestDuration;dur=16.999960
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.shopifycdn.com/itc_stone_sans_ii/itcstonesansii_n4.efe6bdc4492d0f5b7991ef3e326be429b77fc28b.woff2?h1=d2l0Y2hlc2ZhbGxzLmNvbS5hdQ&h2=d2l0Y2hlc2ZhbGxzLmF1&hmac=284fce7cc2717f2c2d93d76a9f5ac275cd1e9b7308ab908312aca518cb1b2b7b
200 OK 28 kB URL HTTP/2 fonts.shopifycdn.com/itc_stone_sans_ii/itcstonesansii_n4.efe6bdc4492d0f5b7991ef3e326be429b77fc28b.woff2?h1=d2l0Y2hlc2ZhbGxzLmNvbS5hdQ&h2=d2l0Y2hlc2ZhbGxzLmF1&hmac=284fce7cc2717f2c2d93d76a9f5ac275cd1e9b7308ab908312aca518cb1b2b7b
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 27612, version 1.0\012- data
Hash bd64fd0e411be9356b4e25ae7159095d
efe6bdc4492d0f5b7991ef3e326be429b77fc28b
42fe80c4448b812a247e1192dd13663bcd8223838e896e16605e56c66111348e
GET /itc_stone_sans_ii/itcstonesansii_n4.efe6bdc4492d0f5b7991ef3e326be429b77fc28b.woff2?h1=d2l0Y2hlc2ZhbGxzLmNvbS5hdQ&h2=d2l0Y2hlc2ZhbGxzLmF1&hmac=284fce7cc2717f2c2d93d76a9f5ac275cd1e9b7308ab908312aca518cb1b2b7b HTTP/1.1
Host: fonts.shopifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://witchesfalls.com.au
Connection: keep-alive
Referer: https://cdn.shopify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:57 GMT
content-type: font/woff2
content-length: 27612
cf-ray: 7893502849c1b518-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1970200
cache-control: max-age=2629800, immutable
last-modified: Wed, 23 Nov 2022 21:39:46 GMT
link: <https://imagery4-fonts.shopifysvc.com/premium-fonts/itc_stone_sans_ii/itcstonesansii_n4.efe6bdc4492d0f5b7991ef3e326be429b77fc28b.woff2>; rel="canonical"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
timing-allow-origin: *
x-content-type-options: nosniff
x-dc: gcp-us-east1,us-central1
x-request-id: aed5c699-b44c-4347-8c87-0ca286a65e31
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0G1kXKIsSkixcZkqP%2BkunGYGCmKfCLR9YYzlJtQUhQ2lmAgL4rEWbAtcluPO0QTpu44L0JoPItogQf0m2svZIkDuoQCR10rTxSinumL5jY3rqw2vqtOTWXbjXym8iSGH5pkw3X0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=50.003, imageryFetch;dur=49.750, cfRequestDuration;dur=12.999773, cfRequestDuration;dur=49.000263
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6fb29576e2b75fbc911317a9355f173d
611acfce5588aa558d9471fa77cac670718bec12
86843f24b26460a969db6c1920427b87667549d2648d810568f3cdb8e4c4fb05
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86843F24B26460A969DB6C1920427B87667549D2648D810568F3CDB8E4C4FB05"
Last-Modified: Wed, 11 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18893
Expires: Sat, 14 Jan 2023 08:48:50 GMT
Date: Sat, 14 Jan 2023 03:33:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 254dd07edd760c62b09ee8712c19ed81
c6855182a81a45313fd3faa5f0189384d6e5bb81
6f7a1f11e66b5534e865de6aa7996b457e98d9ed693ca4ba2f6227132541c10c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F7A1F11E66B5534E865DE6AA7996B457E98D9ED693CA4BA2F6227132541C10C"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9251
Expires: Sat, 14 Jan 2023 06:08:08 GMT
Date: Sat, 14 Jan 2023 03:33:57 GMT
Connection: keep-alive
shop.app/pay/session?v=1&token=9c51504d-49be-4dd9-976a-55fa3aa79df6&shop_id=37341069444
200 OK 18 B URL HTTP/2 shop.app/pay/session?v=1&token=9c51504d-49be-4dd9-976a-55fa3aa79df6&shop_id=37341069444
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash c07fe8d0c031632d49b937f7b64cc318
b50ff5d4241ed1d437505098707c289683f62acf
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
GET /pay/session?v=1&token=9c51504d-49be-4dd9-976a-55fa3aa79df6&shop_id=37341069444 HTTP/1.1
Host: shop.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://witchesfalls.com.au/
Origin: https://witchesfalls.com.au
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:57 GMT
content-type: application/json; charset=utf-8
content-length: 18
x-sorting-hat-podid: -1
access-control-allow-origin: https://witchesfalls.com.au
access-control-allow-methods: GET, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-credentials: true
p3p: CP="Not used"
x-frame-options: DENY
x-robots-tag: noindex
vary: Accept, Origin, Accept-Encoding
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
cache-control: max-age=0, private, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' 'unsafe-inline' blob: https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com; connect-src 'self' https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com; img-src 'self' https:; font-src 'self' https://cdn.shopify.com https://cdn.shopifycloud.com; object-src 'none'; frame-src 'self' https://*.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com
set-cookie: _pay_session=JyWlg8ci9jaSplZ6L0eRIXKXKDETjbnqnMYACfCe3oCrFXEIz3hIh04uaf9hpb6Ls%2BW7kG5NrTjTVfxoDrzkI4A0QYod71mPhv7ma9tZGN5fsC6d1mhcXVkC7htkKwc7C3hjlodNo1rU6ShirJn%2B4iNZdtr36ovXf3bdFq3NPWVNK8BVB%2FSzUYhqDHGfgSQZDlzjpw%3D%3D--jGTGVIxc4nMx4NG0--aY%2B2r4Ib4rax5ladv3nSdg%3D%3D; path=/; secure; HttpOnly
x-request-id: 1df415a8-7bad-46f4-b8be-06ca44ed7498
x-runtime: 0.006974
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
x-download-options: noopen
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyQqbEtYACp562w2kBI5K1YWFSL8bc4Xy2E67RtkLCOyNrUNDGuayYsYzTZd6XBJV9qAI1GNvDTokvAkR%2FGG%2BxoD5p62wKKk%2FfLCixGW7SpijHcsOZKMtmrB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=188.000202
server: cloudflare
cf-ray: 789350289f450b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6fb29576e2b75fbc911317a9355f173d
611acfce5588aa558d9471fa77cac670718bec12
86843f24b26460a969db6c1920427b87667549d2648d810568f3cdb8e4c4fb05
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86843F24B26460A969DB6C1920427B87667549D2648D810568F3CDB8E4C4FB05"
Last-Modified: Wed, 11 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18893
Expires: Sat, 14 Jan 2023 08:48:50 GMT
Date: Sat, 14 Jan 2023 03:33:57 GMT
Connection: keep-alive
cdn.mouseflow.com/projects/a966217e-a8a1-4097-912f-fe394cd71b88.js
301 Moved Permanently 0 B URL HTTP/2 cdn.mouseflow.com/projects/a966217e-a8a1-4097-912f-fe394cd71b88.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /projects/a966217e-a8a1-4097-912f-fe394cd71b88.js HTTP/1.1
Host: cdn.mouseflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 14 Jan 2023 03:33:57 GMT
accept-ranges: bytes
content-length: 0
location: https://cdn.mouseflow.com/projects/a966217e-a8a1-4097-912f-fe394cd71b88_eu.js
cache-control: max-age=86400
x-hw: 1673667237.cds251.sk1.hn,1673667237.cds249.sk1.c
x-hw-loc: https://cdn.mouseflow.com/projects/a966217e-a8a1-4097-912f-fe394cd71b88.js
access-control-allow-origin: *
x-sp-metadata: HS256.CLXhiJ4GEocBCiQ0OWIyMDJmZS04ODliLTQ0ZDctYjE2My05ODgxYTVlMzE0ZDIQ2O+z5ZrL+gIaBgilxYieBiIMOTEuOTAuNDIuMTU0KIiqAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GigIARIkNWRkOTdiZWUtMWQyNC00OWUwLThlM2EtYjdlMDhjMzg2ZTg2IhgIAhIUY2RzMjQ5LnNrMS5od2Nkbi5uZXQ=.vkP1RQKqPcfxNYNIXlJzUm0adkKJ8Xg8QXWu7l5y7b0=
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sdk.loyaltylion.net/sdk/config/1c7998c90e7c91ba71ee25292922eb0c?build=18384&t=2023011403
200 OK 2 B URL HTTP/2 sdk.loyaltylion.net/sdk/config/1c7998c90e7c91ba71ee25292922eb0c?build=18384&t=2023011403
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /sdk/config/1c7998c90e7c91ba71ee25292922eb0c?build=18384&t=2023011403 HTTP/1.1
Host: sdk.loyaltylion.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sdk-version
Referer: https://witchesfalls.com.au/
Origin: https://witchesfalls.com.au
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sat, 14 Jan 2023 03:33:57 GMT
server: nginx
x-dns-prefetch-control: off
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-headers: Content-Type,X-Auth-Packet,X-Site-Token,X-SDK-Version
access-control-max-age: 86400
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-cache: Miss from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bR4USPFy-M2_dD6vbTbaL0YhiTT4dnTmxkRqipQCTlwcsP8EEuy-uw==
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 20:38:32 GMT
expires: Sun, 07 Jan 2024 20:38:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 543325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c16b1530bbcd3d9226362c0a6100f014
a49685aa2869a3674bc4c8fc58acd47f655c2111
ff063e27670433897ba82fdf8048fc228587ab2f01c21e2970f03b3df9093539
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=883c2d2d67
200 OK 1.3 kB URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=883c2d2d67
IP
File type ASCII text, with very long lines (2774)
Hash c477e6115117398e669e4a0dacfa9d16
6695b2b4881f63b9acc25af5b338208b8c8ff2af
ac67fe58f123c7e1659afec74226700ac55163ed3656cf05445a0cd56f87642a
GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=883c2d2d67 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://witchesfalls.com.au/
Origin: https://witchesfalls.com.au
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:57 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a654b4b54d3322bdcbd8b65f511761c0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C1
x-amz-cf-id: VdV2mWsYIOBScm6FZja9Nw0iOVOq974-B6JuZ-4ab8n2WoHbpv8mPQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUJIrNsyc80yrOLplfAiLWf%2B2D2XKrqIo4WhxaJD90xfJEZhLnN%2BNn8NL2SyApePaGhmZKJQwCt1mVyyMK%2FbWdY4VGcRWFdGSF9lRhohTOaHBH4jSrM6TtiVs8pAEXF25gLxuV6hcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789350278d622407-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a29f391bd96e6b4ec635f8e2c21ae887
82cbd85be7bb61f56b8bb6c2761bf46c4cae3e2b
125966f673950396ed51c43596ebb7cd74c031c2e9e2a4e2f02b40adc7556ba9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "125966F673950396ED51C43596EBB7CD74C031C2E9E2A4E2F02B40ADC7556BA9"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3588
Expires: Sat, 14 Jan 2023 04:33:45 GMT
Date: Sat, 14 Jan 2023 03:33:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a9c45c0f067ab03fc195042d7fea9f48
2628e4ac8b299a6607f0e7fde2f52bd00cf282b5
ca9c2ed887176a76d3ee60c4c5cb0361baed109c4c7760cb77777b34545ed8ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA9C2ED887176A76D3EE60C4C5CB0361BAED109C4C7760CB77777B34545ED8FF"
Last-Modified: Wed, 11 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20683
Expires: Sat, 14 Jan 2023 09:18:40 GMT
Date: Sat, 14 Jan 2023 03:33:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a29f391bd96e6b4ec635f8e2c21ae887
82cbd85be7bb61f56b8bb6c2761bf46c4cae3e2b
125966f673950396ed51c43596ebb7cd74c031c2e9e2a4e2f02b40adc7556ba9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "125966F673950396ED51C43596EBB7CD74C031C2E9E2A4E2F02B40ADC7556BA9"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3535
Expires: Sat, 14 Jan 2023 04:32:52 GMT
Date: Sat, 14 Jan 2023 03:33:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a9c45c0f067ab03fc195042d7fea9f48
2628e4ac8b299a6607f0e7fde2f52bd00cf282b5
ca9c2ed887176a76d3ee60c4c5cb0361baed109c4c7760cb77777b34545ed8ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA9C2ED887176A76D3EE60C4C5CB0361BAED109C4C7760CB77777B34545ED8FF"
Last-Modified: Wed, 11 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20692
Expires: Sat, 14 Jan 2023 09:18:50 GMT
Date: Sat, 14 Jan 2023 03:33:58 GMT
Connection: keep-alive
sdk-static.loyaltylion.net/static/2/541-37ea3e9.js
200 OK 7.9 kB URL HTTP/2 sdk-static.loyaltylion.net/static/2/541-37ea3e9.js
IP
ASN #58286 Electric-IT Business S.R.L.
File type Unicode text, UTF-8 text, with very long lines (25301), with NEL line terminators
Hash b6d9d9ac2ae80d6593c7c95d8a2d4c87
3ac4b2bdf00c6eab8151e03a436b9f36913ef079
6d663ff6844e0e60d5c4a49064bedc36f970aea9b0447ef4e6745abe4d6aee6c
GET /static/2/541-37ea3e9.js HTTP/1.1
Host: sdk-static.loyaltylion.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 03:33:58 GMT
content-type: application/javascript
content-length: 7887
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: ETag
access-control-max-age: 86400
last-modified: Wed, 04 Jan 2023 13:46:08 GMT
etag: "b6d9d9ac2ae80d6593c7c95d8a2d4c87"
cache-control: public, max-age=31536000, immutable
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 9500c58b11c15528d15f2ca9add5bc00.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: MBNOCpJ92Fe99TkDRZhf6KudBmnYonvOnxyVSmAJAr4haW4F-cze3Q==
age: 773772
cache: HIT
x-cached-since: 2023-01-13T12:42:30+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
sdk-static.loyaltylion.net/static/2/482-5ebd4c4.js
200 OK 22 kB URL HTTP/2 sdk-static.loyaltylion.net/static/2/482-5ebd4c4.js
IP
ASN #58286 Electric-IT Business S.R.L.
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 518af4712cc4bb5fc04e2b3ad39c5763
e24a68f23895431f4d708cd8954c13a307ada845
2d8d0ae06312a6ea9e4cd558f7f620c17386ebbb0e8ff0e2dda345a180c98fe7
GET /static/2/482-5ebd4c4.js HTTP/1.1
Host: sdk-static.loyaltylion.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 03:33:58 GMT
content-type: application/javascript
content-length: 21698
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: ETag
access-control-max-age: 86400
last-modified: Thu, 05 Jan 2023 17:26:05 GMT
etag: "518af4712cc4bb5fc04e2b3ad39c5763"
cache-control: public, max-age=31536000, immutable
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 19f569e782b5b925c41d8bc4e292cc7a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: c8DnyhUY0K2HFLNxHjN2JMtK5DIGruggVZ6W8AIRCweNRtARNNN4Fg==
age: 674176
cache: HIT
x-cached-since: 2023-01-13T12:42:30+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
sdk-static.loyaltylion.net/static/2/351-a5fda91.js
200 OK 49 kB URL HTTP/2 sdk-static.loyaltylion.net/static/2/351-a5fda91.js
IP
ASN #58286 Electric-IT Business S.R.L.
File type ASCII text, with very long lines (51151)
Hash e0ac6cc8d1eb7ebcc52a06ae4cae8399
3929ad5a8fcb760b015ab18f7b8caaa88db9f272
e586d5ceea5f6917c74ee5d5ec90b0976e63f99d0b8e107a77aa4715e5664d1f
GET /static/2/351-a5fda91.js HTTP/1.1
Host: sdk-static.loyaltylion.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 03:33:58 GMT
content-type: application/javascript
content-length: 49191
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: ETag
access-control-max-age: 86400
last-modified: Wed, 04 Jan 2023 13:46:07 GMT
etag: "e0ac6cc8d1eb7ebcc52a06ae4cae8399"
cache-control: public, max-age=31536000, immutable
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 9835af751c15612a813bbc131d2ce1e6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: lV74n5JL69lKqN3EPrjYZw_q3sVnr87UU1aXTUMWc1YJfqTWvWHVkg==
age: 773772
cache: HIT
x-cached-since: 2023-01-13T12:42:30+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-649290299
200 OK 68 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-649290299
IP
File type ASCII text, with very long lines (2917)
Hash 5cd1c2a6b9c0f9e758db95e1e67291bf
9fdde8ea8c33453cfc707b9735b6cef13359846c
aa8c887c5baa5d26ab0d4cf67e1884192956676ed2aa6027861c61d64257f328
GET /gtag/js?id=AW-649290299 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Jan 2023 03:33:58 GMT
expires: Sat, 14 Jan 2023 03:33:58 GMT
cache-control: private, max-age=900
last-modified: Sat, 14 Jan 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67558
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sdk-static.loyaltylion.net/static/2/lion-app-integrated-8cdda22.js
200 OK 40 kB URL HTTP/2 sdk-static.loyaltylion.net/static/2/lion-app-integrated-8cdda22.js
IP
ASN #58286 Electric-IT Business S.R.L.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 53c45a0437b068a8f61ea799c3f2ff43
cd44bf78e6e679d3b2f89b64152a641360155161
318f22925ff9a22be95998833a2d1a18b406dccbfeb41bf50ae8c91b5718cf84
GET /static/2/lion-app-integrated-8cdda22.js HTTP/1.1
Host: sdk-static.loyaltylion.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 03:33:58 GMT
content-type: application/javascript
content-length: 39874
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: ETag
access-control-max-age: 86400
last-modified: Thu, 05 Jan 2023 17:26:06 GMT
etag: "53c45a0437b068a8f61ea799c3f2ff43"
cache-control: public, max-age=31536000, immutable
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 37bca31d9c7de06b67b2363770e065b4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: -Z37dDoMGVFDGCaTHrDTHtzx6NDc44K3csZMUcqMgX9snXFc81EVjA==
age: 674176
cache: HIT
x-cached-since: 2023-01-13T12:42:30+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
sdk-static.loyaltylion.net/static/2/lion-core-2315499.js
200 OK 25 kB URL HTTP/2 sdk-static.loyaltylion.net/static/2/lion-core-2315499.js
IP
ASN #58286 Electric-IT Business S.R.L.
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash c9d09673978fd52d4320796248dd38e1
5233cb01fb7077751963215abe18de6c70eddd9c
40edcc5875b1b817184513258358ba6ae2fb5b95bb5afb78166f0c8763a24b50
GET /static/2/lion-core-2315499.js HTTP/1.1
Host: sdk-static.loyaltylion.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 03:33:58 GMT
content-type: application/javascript
content-length: 25034
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: ETag
access-control-max-age: 86400
last-modified: Wed, 04 Jan 2023 13:46:09 GMT
etag: "c9d09673978fd52d4320796248dd38e1"
cache-control: public, max-age=31536000, immutable
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: 9MnPof8wjU2hJUtSSJrw2dO8Y_m1JueOPsFUvpkHUqQMhoQiVPTt0g==
age: 773772
cache: HIT
x-cached-since: 2023-01-13T12:42:30+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c16b1530bbcd3d9226362c0a6100f014
a49685aa2869a3674bc4c8fc58acd47f655c2111
ff063e27670433897ba82fdf8048fc228587ab2f01c21e2970f03b3df9093539
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.mouseflow.com/projects/a966217e-a8a1-4097-912f-fe394cd71b88_eu.js
200 OK 18 kB URL HTTP/2 cdn.mouseflow.com/projects/a966217e-a8a1-4097-912f-fe394cd71b88_eu.js
IP
File type ASCII text, with very long lines (61695), with no line terminators
Hash 76cf67e3dfe9dd86075849317ca48c64
4907a9ecc4c7c056516bb8e9ffc8320fbc9151fd
fa7759c75ffe9a88f82625788209ffd263c54471d5a0eaf72f1423311a4345a1
GET /projects/a966217e-a8a1-4097-912f-fe394cd71b88_eu.js HTTP/1.1
Host: cdn.mouseflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://witchesfalls.com.au/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:58 GMT
cache-control: max-age=86400
content-encoding: gzip
content-length: 17490
content-type: application/javascript; charset=utf-8
last-modified: Mon, 09 Jan 2023 03:03:02 GMT
accept-ranges: bytes
etag: "b2f03fe3d623d91:0"
server:
x-sp-metadata: HS256.CLbhiJ4GEocBCiQwOTE1ZWVlOC0yODJmLTQxZmUtYWI1MS1hOGFhMzlmOTdkYzUQ2O+z5ZrL+gIaBgimxYieBiIMOTEuOTAuNDIuMTU0KIiqAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkMmFmOTM3MWYtNzVjMy00NDgzLWJjNTUtMWM1Y2M4ZjUyODA2GNKIASIYCAISFGNkczI0OS5zazEuaHdjZG4ubmV0.Unx0IO7Exlt0+rts3UshC7nORxfhJ/FjCl4neaU9qyo=
x-hw: 1673667238.cds251.sk1.hn,1673667238.cds249.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash cfd4ac087fdbf39fec947643791de166
eaa4dbbea8bb338542033af03196551224b5dd45
c5c261a76b945d195b6438d102fb59ef09b29b9919ceb2a1489968a3f48e98e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4507
Cache-Control: max-age=120962
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:58 GMT
Etag: "63c1468d-1d7"
Expires: Sun, 15 Jan 2023 13:10:00 GMT
Last-Modified: Fri, 13 Jan 2023 11:54:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 14 Jan 2023 02:41:07 GMT
expires: Sat, 14 Jan 2023 04:41:07 GMT
cache-control: public, max-age=7200
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
age: 3171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: rYiS56sYjC5ZVK8e31BQRdBc+ZZsnMk3nCZKhbDv5Bqzgrltuq6n3kmBgtmf6n4en+GZTVnQxcgy4iK5ejiRwA==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1904183273
date: Sat, 14 Jan 2023 03:33:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=883c2d2d67
200 OK 4.7 kB URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=883c2d2d67
IP
File type ASCII text, with very long lines (26500)
Hash db061e184f44ab87607ad903497a6ee7
7c3bbb5fddcdf6608c9e6638f74236821d8c3eb4
53af46b3332fe38ae50354ba975b2a4d330391a733f87c4e30cae75224f8e5d9
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=883c2d2d67 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://witchesfalls.com.au/
Origin: https://witchesfalls.com.au
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:57 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d31a115f0836c74b24184a43b912a574.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C1
x-amz-cf-id: RKaNZEV23q0UAVbkKKlP16AgP-vM2izQI6JYvY2KwtY3KFRzXfXt-A==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtDlFb8f3V37lSDvC3RjWBio%2BXBzH%2B2tNh0iYPE4vupQ%2B2IvIMuPnhXVXCW3mNn9dkGCmWQXh3ydPsMxL2c2eWkjQ5pQThfM77197BonWGkoWInXRoHaF8NCzHPTLYjj%2FkPgGQ8JYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78935027dd932407-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14885
Expires: Sat, 14 Jan 2023 07:42:03 GMT
Date: Sat, 14 Jan 2023 03:33:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14885
Expires: Sat, 14 Jan 2023 07:42:03 GMT
Date: Sat, 14 Jan 2023 03:33:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14885
Expires: Sat, 14 Jan 2023 07:42:03 GMT
Date: Sat, 14 Jan 2023 03:33:58 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash cfd4ac087fdbf39fec947643791de166
eaa4dbbea8bb338542033af03196551224b5dd45
c5c261a76b945d195b6438d102fb59ef09b29b9919ceb2a1489968a3f48e98e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4507
Cache-Control: max-age=120962
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:58 GMT
Etag: "63c1468d-1d7"
Expires: Sun, 15 Jan 2023 13:10:00 GMT
Last-Modified: Fri, 13 Jan 2023 11:54:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uJjDFuqKCZyyAorUVUq9PyCb_8fWukPf6YE3LwqK2FrwMFzDNkftFQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 11:16:26 GMT
age: 58652
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eac26ee-70ec-4eca-8e10-c7a79b5575b3.jpeg
200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eac26ee-70ec-4eca-8e10-c7a79b5575b3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4f04f55a9d261ddda8128b0bb721446
5e8df480a1650606937ee493660177bf09c49c14
3a357fbbd9f41d384a06e151a0daff50b345520d4816e70cc1b2c694949ce79f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eac26ee-70ec-4eca-8e10-c7a79b5575b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4936
x-amzn-requestid: f1808de3-5712-4a65-8394-c1624668cdb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0pZFbIIAMFnvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce3b-48c4b0cd36319a2634c0c5f0;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rudCuuUXfxE8aRq8-FFIwHE4tqeSWxYrd8uilWI-8DZSY9A-8EiLQQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:49:06 GMT
age: 20692
etag: "5e8df480a1650606937ee493660177bf09c49c14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c5167d-4d7e-40fb-86f7-00c3c61a3d8a.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c5167d-4d7e-40fb-86f7-00c3c61a3d8a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c06b9b83ee9dbe95b329ed2aa7590ea7
a0589b0ba31279219ed4e8143980dcb4badd81b0
78273bc40a06cf4805d7dc7cb3a9d10d11d61e31c5606f621b0f49ef6fa1fb6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c5167d-4d7e-40fb-86f7-00c3c61a3d8a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7796
x-amzn-requestid: f429dfb8-42f9-40d0-88e5-8fff853da5b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAlCGu4IAMFUgg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7aec-2fc65c774e4f2caa72a3f63f;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:13:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uVHUlBIoLQmwXrFL9VTyUK5HpteNUOj9P4rtMYJlSWDfdQ5LZD3dpQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 03:43:23 GMT
age: 85835
etag: "a0589b0ba31279219ed4e8143980dcb4badd81b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1378f107c1996ade14a8fe7fd728072
f52d98d9a0d1d343a539689ea14acf99e148cf8c
4be994757ec7ec42929590169de199e927889261334e258903a0929a1055047d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9154
x-amzn-requestid: fbb1140d-7ec2-4f86-8761-5d04601af70e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAkCEN2IAMFuMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7ae6-4baebf1104f9cf2a0ee8a538;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:13:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OYkPEXF0RSbm6FI6MyKRvWjuYSfHR42QTU1vVnFPJX3y7m-HrNkSrw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 04:10:09 GMT
age: 84229
etag: "f52d98d9a0d1d343a539689ea14acf99e148cf8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f671d8-c3b2-4f50-9ca2-f52eab432e49.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f671d8-c3b2-4f50-9ca2-f52eab432e49.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38b17c9ec5c47651211598f8c529681c
d687d489f6870533e63ef28426e12ed829c80b5f
9e7bbe7d16dc11fd20948ebc41e570e92bda2b45ff8b83b94ba2c6ebab1520b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f671d8-c3b2-4f50-9ca2-f52eab432e49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6729
x-amzn-requestid: 0217fd85-ff79-4d44-a6a2-92027a1ba8e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: em9QQGWioAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf759b-3cc1ea430b10f8d9018bc1c0;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 02:51:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zTwUHmc_ahpacEOxA54VX3YR0l1x00NeXmubPAcEfN0jmlu3s9Rk5A==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 04:51:48 GMT
age: 81730
etag: "d687d489f6870533e63ef28426e12ed829c80b5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64ba27a2f0a3bc61bd325f1fb317b755
c65c58476b66cbb6269ba1d8412d270a0a003ae3
5f7f03752f8a7c8c08d92512ae93b193ea37f59354503c3129d33fd2910f87e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9135
x-amzn-requestid: 2c5e9de0-9244-43ac-b7c4-712cbcf7038c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAnoG6roAMFzgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7afd-7fb640b30bab63bc1979a173;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:14:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SUGIIWi8jWe9RoRu-3dQXvLAddjwjH05V1ubKzEOEQrFonzVjQdbtw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 03:33:07 GMT
age: 51
etag: "c65c58476b66cbb6269ba1d8412d270a0a003ae3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 16fdc7481eb2bf489762b6b6ad440216
8ba97c0fac5d5edf8ae49bccb0ec2ba8e251f646
465edacc998277376411200c9d9e30fdc1290717d1c5857ff226e73a33bfd516
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-131130995-1&cid=68261694.1673667222&jid=668500051&gjid=1811432054&_gid=1339622122.1673667222&_u=YGBAgEABBAAAAEgCIAB~&z=1011872699
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-131130995-1&cid=68261694.1673667222&jid=668500051&gjid=1811432054&_gid=1339622122.1673667222&_u=YGBAgEABBAAAAEgCIAB~&z=1011872699
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-131130995-1&cid=68261694.1673667222&jid=668500051&gjid=1811432054&_gid=1339622122.1673667222&_u=YGBAgEABBAAAAEgCIAB~&z=1011872699 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://witchesfalls.com.au
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://witchesfalls.com.au
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 14 Jan 2023 03:33:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 69c011429c0b1f8a0c091474b207c240
fe2c5e1854a65d8a2b669fc54aa0c827f07e428b
409f967eeebf5472cb0d2a917b9285e52b21950f672c6c37a19285d3375edc7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/649290299/?random=1673667222339&cv=11&fst=1673667222339&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=1o2nCKff0dYBELvEzbUC&tiba=Witches%20Falls%20Winery%20-%20Cellar%20Door%20and%20Online%20Store&hn=www.google.com&frm=0&url=https%3A%2F%2Fwitchesfalls.com.au%2F>m_ee=1&auid=2000033803.1673667222&data=event%3Dpage_view%3Bpage_path%3D%2F&gcp=1&ct_cookie_present=1
200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/649290299/?random=1673667222339&cv=11&fst=1673667222339&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=1o2nCKff0dYBELvEzbUC&tiba=Witches%20Falls%20Winery%20-%20Cellar%20Door%20and%20Online%20Store&hn=www.google.com&frm=0&url=https%3A%2F%2Fwitchesfalls.com.au%2F>m_ee=1&auid=2000033803.1673667222&data=event%3Dpage_view%3Bpage_path%3D%2F&gcp=1&ct_cookie_present=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/649290299/?random=1673667222339&cv=11&fst=1673667222339&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=1o2nCKff0dYBELvEzbUC&tiba=Witches%20Falls%20Winery%20-%20Cellar%20Door%20and%20Online%20Store&hn=www.google.com&frm=0&url=https%3A%2F%2Fwitchesfalls.com.au%2F>m_ee=1&auid=2000033803.1673667222&data=event%3Dpage_view%3Bpage_path%3D%2F&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 03:33:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 14-Jan-2023 03:48:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 16fdc7481eb2bf489762b6b6ad440216
8ba97c0fac5d5edf8ae49bccb0ec2ba8e251f646
465edacc998277376411200c9d9e30fdc1290717d1c5857ff226e73a33bfd516
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/649290299/?random=1673667222339&cv=11&fst=1673667222339&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=1o2nCKff0dYBELvEzbUC&tiba=Witches%20Falls%20Winery%20-%20Cellar%20Door%20and%20Online%20Store&hn=www.google.com&frm=0&url=https%3A%2F%2Fwitchesfalls.com.au%2F>m_ee=1&auid=2000033803.1673667222&data=event%3Dpage_view%3Bpage_path%3D%2F&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/649290299/?random=1673667222339&cv=11&fst=1673667222339&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=1o2nCKff0dYBELvEzbUC&tiba=Witches%20Falls%20Winery%20-%20Cellar%20Door%20and%20Online%20Store&hn=www.google.com&frm=0&url=https%3A%2F%2Fwitchesfalls.com.au%2F>m_ee=1&auid=2000033803.1673667222&data=event%3Dpage_view%3Bpage_path%3D%2F&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/649290299/?random=1673667222339&cv=11&fst=1673667222339&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=1o2nCKff0dYBELvEzbUC&tiba=Witches%20Falls%20Winery%20-%20Cellar%20Door%20and%20Online%20Store&hn=www.google.com&frm=0&url=https%3A%2F%2Fwitchesfalls.com.au%2F>m_ee=1&auid=2000033803.1673667222&data=event%3Dpage_view%3Bpage_path%3D%2F&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 03:33:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/649290299/?random=1673667222339&cv=11&fst=1673667222339&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=1o2nCKff0dYBELvEzbUC&tiba=Witches%20Falls%20Winery%20-%20Cellar%20Door%20and%20Online%20Store&hn=www.google.com&frm=0&url=https%3A%2F%2Fwitchesfalls.com.au%2F>m_ee=1&auid=2000033803.1673667222&data=event%3Dpage_view%3Bpage_path%3D%2F&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 815f1a1e0adac55b38019d2af17b9bbe
6e04467e75f83b4a692cf6716b5b564274a487c7
6d8326d418f56d57221790353c7b220088d63c133901e0b500accb5e420811db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 6338d9f64fb844d88e2823fa169ced0b
262ed21b12b371c8d3984b4eb630a0fad02d8a6a
5ce2cdd02c36df354c4b32fb830c50251615e423913872f3cf93c45617d9b11b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 14 Jan 2023 03:33:58 GMT
Last-Modified: Sat, 14 Jan 2023 02:11:36 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tNrMsrCQkic2O9CNDofKzEByMvG1Eoq0br6X1SveaU49_1N332UNaA==
Age: 4942
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 6338d9f64fb844d88e2823fa169ced0b
262ed21b12b371c8d3984b4eb630a0fad02d8a6a
5ce2cdd02c36df354c4b32fb830c50251615e423913872f3cf93c45617d9b11b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 14 Jan 2023 03:33:58 GMT
Last-Modified: Sat, 14 Jan 2023 03:08:06 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pdOPWGz8N4CUIRu359H8uuD8pY0dMQoNwCXb_RmHkzqrNNEW-gwlog==
Age: 1552
platform.loyaltylion.com/analytics/metric/increment
200 OK 2 B URL HTTP/2 platform.loyaltylion.com/analytics/metric/increment
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /analytics/metric/increment HTTP/1.1
Host: platform.loyaltylion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://witchesfalls.com.au/
Origin: https://witchesfalls.com.au
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:58 GMT
content-type: text/plain; charset=utf-8
content-length: 2
server: nginx
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-headers: Content-Type,X-Auth-Packet,X-Site-Token,X-SDK-Version
access-control-max-age: 86400
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f96f3b88eebd362c0208a60d27e28068
f244f8dfbc2677fbddcf0024ff7cf343e24205bb
9b3586a498232da2b246b2bd158d7fd75eb9b4ac00ed750bbe670f1b54fe0f2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f96f3b88eebd362c0208a60d27e28068
f244f8dfbc2677fbddcf0024ff7cf343e24205bb
9b3586a498232da2b246b2bd158d7fd75eb9b4ac00ed750bbe670f1b54fe0f2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.loyaltylion.com/analytics/metric/increment
204 No Content 110 kB URL HTTP/2 platform.loyaltylion.com/analytics/metric/increment
IP
File type gzip compressed data, from Unix\012- data
Size 110 kB (110029 bytes)
Hash 5877fb81bcb7e6993826f8da833f9b3b
5109f0a22efea44db391c15fe2212c8b78e3dbec
1dd50804809d25598ab63027d157683d914a19ec44911438898a82a1324c61c6
POST /analytics/metric/increment HTTP/1.1
Host: platform.loyaltylion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://witchesfalls.com.au/
content-type: application/json
Origin: https://witchesfalls.com.au
Content-Length: 216
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 03:33:58 GMT
server: nginx
access-control-allow-origin: *
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-131130995-1&cid=68261694.1673667222&jid=668500051&_u=YGBAgEABBAAAAEgCIAB~&z=256723385
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-131130995-1&cid=68261694.1673667222&jid=668500051&_u=YGBAgEABBAAAAEgCIAB~&z=256723385
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-131130995-1&cid=68261694.1673667222&jid=668500051&_u=YGBAgEABBAAAAEgCIAB~&z=256723385 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 03:33:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/649290299/?random=1673667222339&cv=11&fst=1673667222339&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=1o2nCKff0dYBELvEzbUC&tiba=Witches%20Falls%20Winery%20-%20Cellar%20Door%20and%20Online%20Store&hn=www.google.com&frm=0&url=https%3A%2F%2Fwitchesfalls.com.au%2F>m_ee=1&auid=2000033803.1673667222&data=event%3Dpage_view%3Bpage_path%3D%2F&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/649290299/?random=1673667222339&cv=11&fst=1673667222339&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=1o2nCKff0dYBELvEzbUC&tiba=Witches%20Falls%20Winery%20-%20Cellar%20Door%20and%20Online%20Store&hn=www.google.com&frm=0&url=https%3A%2F%2Fwitchesfalls.com.au%2F>m_ee=1&auid=2000033803.1673667222&data=event%3Dpage_view%3Bpage_path%3D%2F&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/649290299/?random=1673667222339&cv=11&fst=1673667222339&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=1o2nCKff0dYBELvEzbUC&tiba=Witches%20Falls%20Winery%20-%20Cellar%20Door%20and%20Online%20Store&hn=www.google.com&frm=0&url=https%3A%2F%2Fwitchesfalls.com.au%2F>m_ee=1&auid=2000033803.1673667222&data=event%3Dpage_view%3Bpage_path%3D%2F&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://witchesfalls.com.au/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 03:33:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1210575825753997&ev=PageView&dl=https%3A%2F%2Fwitchesfalls.com.au%2F&rl=&if=false&ts=1673667222777&sw=1280&sh=1024&v=2.9.92&r=stable&a=shopify&ec=0&o=30&fbp=fb.2.1673667222775.336743772&it=1673667222292&coo=false&eid=ae5720a0-95F1-456B-25B3-FF5AD0DD5C73&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1210575825753997&ev=PageView&dl=https%3A%2F%2Fwitchesfalls.com.au%2F&rl=&if=false&ts=1673667222777&sw=1280&sh=1024&v=2.9.92&r=stable&a=shopify&ec=0&o=30&fbp=fb.2.1673667222775.336743772&it=1673667222292&coo=false&eid=ae5720a0-95F1-456B-25B3-FF5AD0DD5C73&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1210575825753997&ev=PageView&dl=https%3A%2F%2Fwitchesfalls.com.au%2F&rl=&if=false&ts=1673667222777&sw=1280&sh=1024&v=2.9.92&r=stable&a=shopify&ec=0&o=30&fbp=fb.2.1673667222775.336743772&it=1673667222292&coo=false&eid=ae5720a0-95F1-456B-25B3-FF5AD0DD5C73&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Jan 2023 03:33:59 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f96f3b88eebd362c0208a60d27e28068
f244f8dfbc2677fbddcf0024ff7cf343e24205bb
9b3586a498232da2b246b2bd158d7fd75eb9b4ac00ed750bbe670f1b54fe0f2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 6e695e3baa0d516d6b9e572bcb91b08a
2e9c8e2aa2c0c5fa3e043d6bb94ca273a468f961
732fe61a82830febf816d6a1e723752aa785bd89f3b0dc6ca423f1c499558988
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 118
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:59 GMT
Etag: "63c1aeb3-117"
Last-Modified: Sat, 14 Jan 2023 03:32:01 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 797e9f56b24905375c19a99e0d66b72f
e1c2f81548a54e851977d5baa55d6c0afa521787
31a5eadbaf2161e02237c7ca9440524438b79b29c22476d4bfa6804689f110f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2160
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:59 GMT
Etag: "63c1dff2-117"
Last-Modified: Sat, 14 Jan 2023 02:57:59 GMT
Server: ECS (amb/6BBB)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c904ef4f4d69299e7b99bad948089d0f
4b5e1a23380291cbef20efcbd460ae3eda6bc74e
6ee8aa8f4545627b41a11c6151c85aa54cf80220fd5a1162002484b46d4fea80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6EE8AA8F4545627B41A11C6151C85AA54CF80220FD5A1162002484B46D4FEA80"
Last-Modified: Fri, 13 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11625
Expires: Sat, 14 Jan 2023 06:47:44 GMT
Date: Sat, 14 Jan 2023 03:33:59 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/UmzLkw4brhg
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/UmzLkw4brhg
IP
Hash a1d92bee9e633be087c765bcc0edbb94
cdc7e27f7dc56cf4aa29d0d40f39956fe7314a60
cab1ba9ff046e84a80e0bd03233a586492b7b20b65b7e9f9d4d0422d634e7ad2
POST /s/gts1d4/UmzLkw4brhg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.rechargecdn.com/static/js/recharge.js?shop=witches-falls.myshopify.com
200 OK 527 B URL HTTP/2 static.rechargecdn.com/static/js/recharge.js?shop=witches-falls.myshopify.com
IP
File type ASCII text, with very long lines (1155)
Hash 1fc32c961c8de508370363d5d47a7b88
aa3c2ca62a5818c64970e503471d2bef6b0da427
242093991ff354a4c49ecb5c981a45f0484e7ff6d89d7ee937f1486f3523326e
GET /static/js/recharge.js?shop=witches-falls.myshopify.com HTTP/1.1
Host: static.rechargecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-disposition: inline; filename=recharge.js
via: 1.1 google
vary: Accept-Encoding
content-encoding: br
accept-ranges: none
content-length: 527
date: Sat, 14 Jan 2023 02:50:50 GMT
age: 2589
last-modified: Thu, 12 Jan 2023 19:17:25 GMT
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=3600
access-control-allow-origin: *
x-cache-status: hit
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Recharge-App
access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/UmzLkw4brhg
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/UmzLkw4brhg
IP
Hash a1d92bee9e633be087c765bcc0edbb94
cdc7e27f7dc56cf4aa29d0d40f39956fe7314a60
cab1ba9ff046e84a80e0bd03233a586492b7b20b65b7e9f9d4d0422d634e7ad2
POST /s/gts1d4/UmzLkw4brhg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 03:33:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.klaviyo.com/onsite/js/klaviyo.js?company_id=Szywzw&shop=witches-falls.myshopify.com
200 OK 920 B URL HTTP/2 static.klaviyo.com/onsite/js/klaviyo.js?company_id=Szywzw&shop=witches-falls.myshopify.com
IP
File type ASCII text, with very long lines (2028)
Hash 7fae97d32d63bf837a09ab0e9b25c484
67e80d7228a31286e3998d07577b6dae4e30eee4
b99cfaaac50b7e54a9b3f7d0af76a0abeb85742b71f8ebb1eb53099d0dafd282
GET /onsite/js/klaviyo.js?company_id=Szywzw&shop=witches-falls.myshopify.com HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers:
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, OPTIONS
cache-control: max-age=1, stale-while-revalidate=10800
content-encoding: gzip
content-type: application/javascript
etag: W/"32d21eaa017e95abc446da20cf2d52d4"
server: nginx
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 14 Jan 2023 03:33:59 GMT
age: 18475
x-served-by: cache-lga21977-LGA, cache-bma1624-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1673667239.161314,VS0,VE88
vary: Accept-Encoding
content-length: 920
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/klaviyo.js?company_id=Szywzw&shop=witches-falls.myshopify.com
304 Not Modified 0 B URL HTTP/2 static.klaviyo.com/onsite/js/klaviyo.js?company_id=Szywzw&shop=witches-falls.myshopify.com
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /onsite/js/klaviyo.js?company_id=Szywzw&shop=witches-falls.myshopify.com HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"32d21eaa017e95abc446da20cf2d52d4"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Sat, 14 Jan 2023 03:33:59 GMT
via: 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
etag: W/"32d21eaa017e95abc446da20cf2d52d4"
age: 18475
x-served-by: cache-bma1624-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1673667239.293733,VS0,VE0
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/runtime.8f1efb226a72ce88bdcb.js?cb=1
200 OK 8.1 kB URL HTTP/2 static.klaviyo.com/onsite/js/runtime.8f1efb226a72ce88bdcb.js?cb=1
IP
File type ASCII text, with very long lines (19473), with no line terminators
Hash 632dab379158010dbf78d60ede511d00
c54befa24d16ee23cba5ed6ed04f6ee138507d52
adee8530ea2651ebf9f295d1aa206ae9e8e754f03a9d66c8143705988a8e338a
GET /onsite/js/runtime.8f1efb226a72ce88bdcb.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://witchesfalls.com.au
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yKixN9ZY9G9CWYJ3X2sqvC/7It3SPyM/lzf+Kro9IoprF9yiFA6A06JVNpqb2DdXrfm9CO3Q60k=
x-amz-request-id: BGFPQK5CH2HXTXYB
last-modified: Fri, 13 Jan 2023 18:46:32 GMT
etag: "61f1cc8e44a18af47389ba3ab025333b"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: EzBlTa0bDo_2h6tOGwL92LC4JhHFkBwD
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 14 Jan 2023 03:33:59 GMT
age: 21080
x-served-by: cache-lga21927-LGA, cache-bma1671-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 3734
vary: Accept-Encoding
content-length: 8052
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/sharedUtils.3de4f7002f4cb2b9833f.js?cb=1
200 OK 14 kB URL HTTP/2 static.klaviyo.com/onsite/js/sharedUtils.3de4f7002f4cb2b9833f.js?cb=1
IP
File type Unicode text, UTF-8 text, with very long lines (36146), with no line terminators
Hash f32939851a20ce74d80fb5fa39fff073
734b7a9027ea89a333653e3dbccc8cdd4ec23029
dbafbcb2a692b78b0a88737f4f6c26177fc7c257271239338303e5c261a4f59f
GET /onsite/js/sharedUtils.3de4f7002f4cb2b9833f.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://witchesfalls.com.au
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rjXa6WzcApvwnCzg9VsgyIOa9Z/+AOdyUep+nz2C9l8Y9WmzTkf/3AyXkbcFBNADbgKH7kTMl9s=
x-amz-request-id: FA9HX3FB03RQ4E33
last-modified: Wed, 11 Jan 2023 17:07:32 GMT
etag: "41ee777bf771519f538138ed79a3786d"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: 9aF2q4NxY0Kun_gDXNyDk5ygoGoGgvoW
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 14 Jan 2023 03:33:59 GMT
age: 21079
x-served-by: cache-lga21943-LGA, cache-bma1671-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 3734
vary: Accept-Encoding
content-length: 13990
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c904ef4f4d69299e7b99bad948089d0f
4b5e1a23380291cbef20efcbd460ae3eda6bc74e
6ee8aa8f4545627b41a11c6151c85aa54cf80220fd5a1162002484b46d4fea80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6EE8AA8F4545627B41A11C6151C85AA54CF80220FD5A1162002484B46D4FEA80"
Last-Modified: Fri, 13 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11625
Expires: Sat, 14 Jan 2023 06:47:44 GMT
Date: Sat, 14 Jan 2023 03:33:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 086c95a2ad2c1ca6dd066b3cc1a2112f
77a7627959fb883c6a5e56780b356ef2cb75023e
d6716460c3241ba8e5420447e5d335307ce8d3a47f7b4d69805d18f50a293b3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6716460C3241BA8E5420447E5D335307CE8D3A47F7B4D69805D18F50A293B3F"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3032
Expires: Sat, 14 Jan 2023 04:24:31 GMT
Date: Sat, 14 Jan 2023 03:33:59 GMT
Connection: keep-alive
static-tracking.klaviyo.com/onsite/js/fender_analytics.42a910303762129b987c.js?cb=1
200 OK 11 kB URL HTTP/2 static-tracking.klaviyo.com/onsite/js/fender_analytics.42a910303762129b987c.js?cb=1
IP
Hash 4620bae879de533db23778431e564c0c
f634467ec8337a4bfdab4869b8cce21b6f7a2728
86c51d7e72e711964f0587d064565fae344fbe5540e066f9ff766185b307848c
GET /onsite/js/fender_analytics.42a910303762129b987c.js?cb=1 HTTP/1.1
Host: static-tracking.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://witchesfalls.com.au
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TVj4JadKocCV4h3NElq7oufjh6VUPmKs/RmMK3GsmHVEIEljMrEcW06e1Di1LhQKmT1Dja0y3h4=
x-amz-request-id: GVJMDN3QM916A9S6
last-modified: Tue, 25 Oct 2022 15:47:53 GMT
etag: "141ae207735ed4c2a3fb9ba628dca228"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: 3uoP2mttpPOUARdp4efml6Pc5m5_bVca
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 14 Jan 2023 03:33:59 GMT
age: 21079
x-served-by: cache-lga21944-LGA, cache-bma1656-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 3276
vary: Accept-Encoding
content-length: 10696
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 086c95a2ad2c1ca6dd066b3cc1a2112f
77a7627959fb883c6a5e56780b356ef2cb75023e
d6716460c3241ba8e5420447e5d335307ce8d3a47f7b4d69805d18f50a293b3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6716460C3241BA8E5420447E5D335307CE8D3A47F7B4D69805D18F50A293B3F"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3032
Expires: Sat, 14 Jan 2023 04:24:31 GMT
Date: Sat, 14 Jan 2023 03:33:59 GMT
Connection: keep-alive
productreviews.shopifycdn.com/assets/v4/spr-07102fd76ff4bc22a3e0c32f0cca9ee51c77c34bbc4bdac79abb48f698de10dd.css
200 OK 8.6 kB URL HTTP/2 productreviews.shopifycdn.com/assets/v4/spr-07102fd76ff4bc22a3e0c32f0cca9ee51c77c34bbc4bdac79abb48f698de10dd.css
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (17640)
Hash 1d313d39f89205cc282a85bd6f9136b9
44f4dd1fb54dd88a0fb1e06dc4d832cf53f63a91
37711d8c0d88128551e83df7d076cad33901463c2ebdeb331fd577e4a1967697
GET /assets/v4/spr-07102fd76ff4bc22a3e0c32f0cca9ee51c77c34bbc4bdac79abb48f698de10dd.css HTTP/1.1
Host: productreviews.shopifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:59 GMT
content-type: text/css
last-modified: Mon, 28 Feb 2022 16:33:49 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: origin-when-cross-origin
content-security-policy: default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-dc: gcp-us-east1,us-east1
x-request-id: f595aabb-d094-4991-811a-91477d90003b
cf-cache-status: HIT
age: 9288368
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNtB3V8vsPpjdzYsnHM1dzoimf%2BbJDi8OMbgsRYUbwCVW4ONLfTInwPwjDnnjs4oZEOGdKE7JC2eoVSF4bLGRpJGs1e2CGVoju3IYSg97XOL%2BKHKS0n1nwp%2BmW4QiXb7sIZ8cKBMdCaIq%2BeMG0zB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: processing;dur=1, socket_queue;dur=2.104, util;dur=0.0, cfRequestDuration;dur=10.999918
server: cloudflare
cf-ray: 789350361ecdb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-tracking.klaviyo.com/onsite/js/static.afc80bee31dc9e622dc1.js?cb=1
200 OK 5.3 kB URL HTTP/2 static-tracking.klaviyo.com/onsite/js/static.afc80bee31dc9e622dc1.js?cb=1
IP
File type ASCII text, with very long lines (12659), with no line terminators
Hash 11ebf21f15c50424dd6beb159a12b25e
bdd433be7297384f5660dfe49154d266dda64432
c13b107bff92bbb4ed98886fa87d14faba7f3010b9f9d502eaf133e2321c51cb
GET /onsite/js/static.afc80bee31dc9e622dc1.js?cb=1 HTTP/1.1
Host: static-tracking.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://witchesfalls.com.au
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZFZ8THkCuT87hlNdYT/1gE0cGMwUOTZwHkpxdf7ULnVqWD+3NU8uwHPgGM4vlbagxFgSA7mLY3o=
x-amz-request-id: 8QKB1CHS4E49FXPS
last-modified: Mon, 05 Dec 2022 14:41:22 GMT
etag: "9aa89eda5d828bf8fce2ee83e11483a0"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: jO5CINofch2U3rpuRhEwzIKTUk198WIK
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 14 Jan 2023 03:33:59 GMT
age: 18513
x-served-by: cache-lga21925-LGA, cache-bma1656-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 3334
vary: Accept-Encoding
content-length: 5321
X-Firefox-Spdy: h2
chimpstatic.com/mcjs-connected/js/users/8da4a2339656cc142ad128bec/952b7da84e5974daa364d9dd3.js?shop=witches-falls.myshopify.com
200 OK 5.1 kB URL HTTP/1.1 chimpstatic.com/mcjs-connected/js/users/8da4a2339656cc142ad128bec/952b7da84e5974daa364d9dd3.js?shop=witches-falls.myshopify.com
IP
File type ASCII text, with very long lines (2862)
Hash b687ef635cdbd9109c6e2dd39d385567
4c01b405c544ae0ad2ce041f7fbe24d3ab744a75
fdec8532dfb5ccffc813c337155652444a0e9cdfaebeb1bd79fb33313b6b8eac
GET /mcjs-connected/js/users/8da4a2339656cc142ad128bec/952b7da84e5974daa364d9dd3.js?shop=witches-falls.myshopify.com HTTP/1.1
Host: chimpstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 84SHbeE30L5u43DzSXJu/2FY3jU1IrJ8KXBc+GClMJHGw2Z9XsgRpwlJTWAGFeOJmQbbhJdevG4=
x-amz-request-id: FGYY4JYWN3B3HVAQ
Last-Modified: Wed, 03 Aug 2022 02:06:55 GMT
ETag: "989d5687bf5a14e66c89300ee49f34f2"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
X-EdgeConnect-MidMile-RTT: 0, 6, 6
X-EdgeConnect-Origin-MEX-Latency: 103, 104, 102
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1800
Expires: Sat, 14 Jan 2023 04:03:59 GMT
Date: Sat, 14 Jan 2023 03:33:59 GMT
Content-Length: 5117
Connection: keep-alive
monorail-edge.shopifysvc.com/v1/produce
200 OK 0 B URL HTTP/2 monorail-edge.shopifysvc.com/v1/produce
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/produce HTTP/1.1
Host: monorail-edge.shopifysvc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms
Referer: https://witchesfalls.com.au/
Origin: https://witchesfalls.com.au
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:59 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://witchesfalls.com.au
access-control-max-age: 86400
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
x-request-id: ac594d42-e6c2-48af-83ce-d947198bb8f9
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2StrA6qJw8%2F3q30vmHhOaRvz0riJgqVmCTNigNQyxMNfMEtkKW4%2BXQkuO9KmfbazE4GDX%2FK4IahirB97s3n%2F25WbyAlBap0yME0XhkBmvKzwBNqJLmM9PpkNVS%2B7iUGnLv7mRMuASRpGKTMIwo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfRequestDuration;dur=225.999832
server: cloudflare
cf-ray: 789350364a35b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
shy.elfsight.com/p/platform.js?shop=witches-falls.myshopify.com
200 OK 4.3 kB URL HTTP/2 shy.elfsight.com/p/platform.js?shop=witches-falls.myshopify.com
IP
File type C source, ASCII text, with very long lines (4266)
Hash 81bb8dd71edaa05552e5924b48547769
bb0d2ba5108507e19e24bef15696a78339e26dce
b3f64f23e0dc62db5b1976f2220eee75fe8f5d32312e7198933d00ddfb24fd78
GET /p/platform.js?shop=witches-falls.myshopify.com HTTP/1.1
Host: shy.elfsight.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 13 Dec 2022 13:26:39 GMT
vary: Accept-Encoding
etag: W/"63987d8f-2711"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Byu2JQyguVjQUO46W6M9XSUMDEbSuWSiJFGtDotDr2RlQCN5sJ3quw24HGZZKxvU%2FFrMHU4cSRhQhNQJg6BzwR3l4Wq1FMnUlstDxMw%2FsFhni6G13kZu6noVsPkv1VgtQG0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78935034bf9bb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
monorail-edge.shopifysvc.com/v1/produce
200 OK 0 B URL HTTP/2 monorail-edge.shopifysvc.com/v1/produce
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/produce HTTP/1.1
Host: monorail-edge.shopifysvc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://witchesfalls.com.au/
Content-Type: application/json; charset=utf-8
X-Monorail-Edge-Event-Created-At-Ms: 1673667223129
X-Monorail-Edge-Event-Sent-At-Ms: 1673667223129
X-Monorail-Edge-Client-Message-Id: 1ecdba1b-40a3-46e6-b998-fe713684f567
Origin: https://witchesfalls.com.au
Content-Length: 312
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:59 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://witchesfalls.com.au
access-control-max-age: 86400
x-request-id: 3c1ab7c2-fea8-4068-8638-4400b45cd68b
x-robots-tag: noindex
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7MYRviXCe8Z5g4oGplkPPYdjJvOc8pR9gOCBiqpbfecHsBR23HYjlrnLwgOu4v8SMvVwD48BCpe731NACis781VX8NSXjvd1AAENEnpI02aZ63PRQq6P5chkoCKCKzLoo6TbdM%2FMhx7boRgy1U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfRequestDuration;dur=149.999857
server: cloudflare
cf-ray: 789350374a84b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
spcdn.incartupsell.com/country
200 OK 6.5 kB URL HTTP/2 spcdn.incartupsell.com/country
IP
File type JSON data\012- , ASCII text, with very long lines (18289), with no line terminators
Hash c81aea2ba1e6f54ca1fc2128a56c0b19
078da548979cc0055d2891dc610f9e3318558bcd
1eb1efa356f8d43c49b99c694ff913a94feafb6662442fc7779d90756a81874f
GET /country HTTP/1.1
Host: spcdn.incartupsell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://witchesfalls.com.au
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
date: Sat, 14 Jan 2023 03:34:00 GMT
x-hw: 1673667240.cds246.sk1.hn,1673667240.cds246.sk1.sl
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2ecf6b3-8443-4b47-96b6-2695fa885f0d.jpeg
200 OK 20 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2ecf6b3-8443-4b47-96b6-2695fa885f0d.jpeg
IP
Hash 19a888c8c46f5e03a163355baf8e1aa6
64b42aad290c83a3aa845e4b7cdbe818736f49a9
530da3410450c06e8cf305029f3ab3fcf7f348275f0ecfda8876f119f329ec14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2ecf6b3-8443-4b47-96b6-2695fa885f0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7437
x-amzn-requestid: 0efc1457-5919-4244-9837-6e75d03ef1d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAd0F0poAMF6PA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7abe-24df70ad7e1811a744a7c9de;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:13:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezdnQ-2RPpSESm42QCywHIZf4AmanMmy2f19NcUhzQ-PRjsFQfLNkg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 03:43:23 GMT
age: 85842
etag: "4a939794eb33d9fb1b2cc56ca92f683a7d28e407"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
productreviews.shopifycdn.com/embed/loader.js?shop=witches-falls.myshopify.com
200 OK 0 B URL HTTP/2 productreviews.shopifycdn.com/embed/loader.js?shop=witches-falls.myshopify.com
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /embed/loader.js?shop=witches-falls.myshopify.com HTTP/1.1
Host: productreviews.shopifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:59 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
p3p: CP="Shopify does not support P3P."
cache-control: max-age=300, public
x-robots-tag: noindex,nofollow
etag: W/"a3812189666813b6f4ab0c83f9df0be9"
x-request-id: 0d80788f-217d-4eb3-b778-9d55e64cb6b7
x-runtime: 0.003450
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: origin-when-cross-origin
content-security-policy: default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
x-dc: gcp-us-east1,us-east1,gke
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xiKRDdiK0keQTRdVZ%2FdPM%2F0G5L6AacX%2FLlwjNFPrU5EmSrvd93zwOtfgdebDA07bP2X28xZpbUDXrjBvb4oUw88FooYU17w2QGfpOrpTT%2B%2B69KBA8%2BVduT%2F8wCp1VpUs6WSBS7vZWo0XPVORrqYF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: processing;dur=5, socket_queue;dur=1.077, edge;dur=1.039, util;dur=0.0, cfRequestDuration;dur=177.000046
server: cloudflare
cf-ray: 78935034ce5fb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
productreviews.shopifycdn.com/assets/v4/spr-0e683603bfa450170bff33e7fbad64e7dfe9585e1caeb951bbe283e5a2306523.js
200 OK 0 B URL HTTP/2 productreviews.shopifycdn.com/assets/v4/spr-0e683603bfa450170bff33e7fbad64e7dfe9585e1caeb951bbe283e5a2306523.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /assets/v4/spr-0e683603bfa450170bff33e7fbad64e7dfe9585e1caeb951bbe283e5a2306523.js HTTP/1.1
Host: productreviews.shopifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:59 GMT
content-type: application/javascript
last-modified: Fri, 24 Jun 2022 17:10:46 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: origin-when-cross-origin
content-security-policy: default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-dc: gcp-us-east1,us-east1
x-request-id: 0b2f7904-047a-4c8e-b448-f6bea8df4caa
cf-cache-status: HIT
age: 12983020
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjWywSgOCUe55%2BX32MfmEZ3CsJ61v5O0rffJeX%2BVSpHlb%2BAgkokLML1qceDbQGTa%2B1rtu2%2FkMO9eOoQGZL7JAGFYyoYHHmlQW56%2BXb9UCzdHV7Wlh27AiYruLjuLB0o10Ou4XjP06lyN3Mw8T8gA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: processing;dur=1, socket_queue;dur=2.647, cfRequestDuration;dur=9.999990
server: cloudflare
cf-ray: 78935035fec1b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/lazysizes.min.js?v=174358363404432586981621999184
200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/lazysizes.min.js?v=174358363404432586981621999184
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /s/files/1/0373/4106/9444/t/8/assets/lazysizes.min.js?v=174358363404432586981621999184 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:56 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/lazysizes.min.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 12be31d3-c182-497e-a979-1eb21a04c8b7
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-central1
last-modified: Wed, 07 Dec 2022 02:11:43 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQaPQPqySHMCCD1tk0mfgq939%2BaWclpKhArplmhSnv6%2FO%2BHmj%2Bw0jZGozsvCsx%2Bal%2FSGN0y3fdHl3vK%2BcXPGk2UbisoMVl7IKHASH%2Bm3YRyRt8aDYS0phz%2BtU63lrHfAWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=61.522, imageryFetch;dur=61.360, cfRequestDuration;dur=126.999855
server: cloudflare
cf-ray: 789350254b84b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/call-witches-falls-winery.svg?v=109969347330648689081655071244
200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/call-witches-falls-winery.svg?v=109969347330648689081655071244
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /s/files/1/0373/4106/9444/t/8/assets/call-witches-falls-winery.svg?v=109969347330648689081655071244 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:56 GMT
content-type: image/svg+xml
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/call-witches-falls-winery.svg>; rel="canonical"
source-length: 1394
source-type: image/svg+xml
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 3dd1249c-f3a0-41bb-8848-b170bf93f7e7
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Mon, 10 Oct 2022 02:19:50 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8Lffp4Hx7Cx3MmGrlKfIqU5ZBOSQhx8%2FY3Qhx2U0MyIjna2qAiMZ8hRJhVbDt3TNDLCU13MhqNUNV%2FtOQITsqFduuBTp1PYBDPpoQinsJ67aPe8Q015vyzzoPRlo%2Bmlgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=223.119, imageryFetch;dur=42.825, imageryProcess;dur=0.106;desc="image", cfRequestDuration;dur=128.999949
server: cloudflare
cf-ray: 789350254b82b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/custom.scss.css?v=46977948496596568641660709720
200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/custom.scss.css?v=46977948496596568641660709720
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /s/files/1/0373/4106/9444/t/8/assets/custom.scss.css?v=46977948496596568641660709720 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:56 GMT
content-type: text/css
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/custom.scss.css>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 5ee434b1-6a6a-44d4-b8cc-34b67bb76e75
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Mon, 10 Oct 2022 02:19:49 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvZ2%2FnMlZUgvs%2F4bMv3wVHyhoZDhUNdslKZu4mVW6g6k54d63X3Td81nFSereuzuaftEZ0k2IBVoCTNU6fMGbk9RwhVzfV%2Fb3t5ZG5R4WfS14fDwXVSbWPoX9LQm9izxRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=862.479, imageryFetch;dur=50.624, imageryProcess;dur=809.971;desc="scss", cfRequestDuration;dur=130.999804
server: cloudflare
cf-ray: 789350254b86b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab.js?v=20220906
200 OK 0 B URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab.js?v=20220906
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /shopifycloud/shopify/assets/shopify_pay/storefront-c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab.js?v=20220906 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://witchesfalls.com.au
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:56 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 6e57ce14-6917-4542-bfe4-a34705186e9e
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-east1
last-modified: Tue, 25 Oct 2022 20:36:08 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkPK6R1ZsbU2LIbRUtbcTRmfUsQz7fwzzpzPZpVcxdYbnC40jpHXMN1Ol%2FSM6OMYmvb3uoxSiUyZBhXytuVqXeZqKZ2t9CMkHZpdCJoGQeEuxeMcTWR9b4jUYbkF8u4lhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=32.256, imageryFetch;dur=31.953, cfRequestDuration;dur=125.999928
server: cloudflare
cf-ray: 789350255ad71c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kit.fontawesome.com/883c2d2d67.js
200 OK 0 B URL HTTP/2 kit.fontawesome.com/883c2d2d67.js
IP
GET /883c2d2d67.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://witchesfalls.com.au
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:56 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FzoPfAQENoJtbqMxkFUB
cf-cache-status: MISS
server: cloudflare
cf-ray: 78935024fe170b02-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=883c2d2d67
200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=883c2d2d67
IP
GET /releases/v5.15.4/css/free.min.css?token=883c2d2d67 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://witchesfalls.com.au/
Origin: https://witchesfalls.com.au
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:57 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 82bacd1af934cd2afa8b1ccc8f096b22.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C1
x-amz-cf-id: _anE0VZt67E4dweb7boyVeDtnB-3sP79hnhifyDUZwXFsMtvuvQKeg==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JPKVbowKU6Zy5h5Rtoy3g5%2FlylPqwd4EE2rggR1qhb8ckL0Pu8p%2FzvqG0uwoAQQM7O%2B1o2YpTzPQqlLHIiiJ6tSkpfFxfoee7wDhXmFmMnOcU5x1KCxGmCC%2Fr6MBh%2FIRVqyFYidiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789350277d582407-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/custom.js?v=54779968388498520851631854212
200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/custom.js?v=54779968388498520851631854212
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /s/files/1/0373/4106/9444/t/8/assets/custom.js?v=54779968388498520851631854212 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:57 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/custom.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: b6a86968-c914-400a-95e4-18ac77d754f0
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Sat, 29 Oct 2022 02:29:26 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZtqsecVRxD2I8AwBmXgs5aZ4kp1ms3ceQFwzYS2KqHi872CvfusBRK6z9WtHV4W7bfNhPjGGLIXGBOar7k2VJP5vf8v2C8AjC7vrWvzFjmFkd0%2B1QVzHcy8JjRzc0ekJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=90.192, imageryFetch;dur=89.144, cfRequestDuration;dur=549.999952
server: cloudflare
cf-ray: 789350254b80b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
shy.elfsight.com/p/boot/?callback=__esappsPlatformBoot5569449602&shop=witches-falls.myshopify.com&w=ff820ee8-0227-49f8-afbf-c6023eafd06b
200 OK 0 B URL HTTP/2 shy.elfsight.com/p/boot/?callback=__esappsPlatformBoot5569449602&shop=witches-falls.myshopify.com&w=ff820ee8-0227-49f8-afbf-c6023eafd06b
IP
GET /p/boot/?callback=__esappsPlatformBoot5569449602&shop=witches-falls.myshopify.com&w=ff820ee8-0227-49f8-afbf-c6023eafd06b HTTP/1.1
Host: shy.elfsight.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:59 GMT
content-type: text/javascript; charset=UTF-8
cf-ray: 78935036383bb50b-OSL
cache-control: no-cache, private
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
set-cookie: XSRF-TOKEN=eyJpdiI6ImlCbndwQzVvZnpneDYrSEJObUo3Z1E9PSIsInZhbHVlIjoiM3VhcFZQb0VkdU5MKzlOYzdncDd4Tk81VkplaUhYZ2NFK3FTV1FCeUVjQVFMcGlIb3dFeHYwczNXblVaVnRvK3lENi9ub1NMNHd6dS9KL2R0Z0ZpdnMzL0xnQkxpbUhjbFY5V3NoejFqbzcwbmRHNUE1a1E2aXptZ2ZTV1I1UnMiLCJtYWMiOiIwZGQxMGY5NjJjOTlmNTUxYTk2ODRiOGQ5MGE0YTFkY2ZmYWI0NmI3OTBhM2VlMDVhZDAxMmI1ZmJjNGFjNzZlIn0%3D; expires=Sat, 14-Jan-2023 05:33:59 GMT; Max-Age=7200; path=/
shopify_session=eyJpdiI6ImY2K1pVVVZOQkR5bE5TWnRDUVVmclE9PSIsInZhbHVlIjoiMXQvTEMwN2ZKWm1oaHhnQXJJT0J6Wk5pRkt6NGlrcWpQb0ZtazlYYTRLOE1CTlVLd2J3RnBkY01lNFpOZG4rekRZeFd2MWVmNjJsOHRsRFFYNCt3SVhsRnA5OENzRHpRMXZpRzdiRHdyVFpLVDQ1NVpYMHYyQmZSeVdDQURxVkMiLCJtYWMiOiJiMzA4ZmIyZWIzMzE3ZmQ4MWEzOWU3NDY2NjEwNjg5NTBhNGYxZTgwNjRiOWNiYjk1MDkyMzA5NTgwZTQ0OWE0In0%3D; expires=Sat, 14-Jan-2023 05:33:59 GMT; Max-Age=7200; path=/; httponly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5MQLMpdOGWS8VQENGv8f7A3hCRHO7aiLoH0czhVE35upaQpkZe7ooTlEn63Tyvan4pJfoXyZBoCHR1USMNMeQ6a9hi690dFfGx0v3LJz1TJ7ILcIgoiE0m2zLv3LO9JlC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
witchesfalls.com.au/
200 OK 0 B IP
GET / HTTP/1.1
Host: witchesfalls.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:56 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 131
x-sorting-hat-shopid: 37341069444
x-storefront-renderer-rendered: 1
set-cookie: keep_alive=cbacbbea-369f-430f-89fc-2527b15fda52; path=/; expires=Sat, 14 Jan 2023 04:03:56 GMT; HttpOnly; SameSite=Lax
secure_customer_sig=; path=/; expires=Sun, 14 Jan 2024 03:33:56 GMT; secure; HttpOnly; SameSite=Lax
localization=AU; path=/; expires=Sun, 14 Jan 2024 03:33:56 GMT
cart_currency=AUD; path=/; expires=Sat, 28 Jan 2023 03:33:56 GMT
_orig_referrer=; Expires=Sat, 28-Jan-23 03:33:56 GMT; Domain=witchesfalls.com.au; Path=/; HttpOnly; SameSite=Lax
_landing_page=%2F; Expires=Sat, 28-Jan-23 03:33:56 GMT; Domain=witchesfalls.com.au; Path=/; HttpOnly; SameSite=Lax
_y=9c51504d-49be-4dd9-976a-55fa3aa79df6; Expires=Sun, 14-Jan-24 03:33:56 GMT; Domain=witchesfalls.com.au; Path=/; SameSite=Lax
_s=2371d2f2-e8f0-4e92-9311-4f0cab695405; Expires=Sat, 14-Jan-23 04:03:56 GMT; Domain=witchesfalls.com.au; Path=/; SameSite=Lax
_shopify_y=9c51504d-49be-4dd9-976a-55fa3aa79df6; Expires=Sun, 14-Jan-24 03:33:56 GMT; Domain=witchesfalls.com.au; Path=/; SameSite=Lax
_shopify_s=2371d2f2-e8f0-4e92-9311-4f0cab695405; Expires=Sat, 14-Jan-23 04:03:56 GMT; Domain=witchesfalls.com.au; Path=/; SameSite=Lax
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-alternate-cache-key: cacheable:40ee3e4b21dd97cbe2f65939ed040d74
x-cache: hit, server
x-frame-options: DENY
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
strict-transport-security: max-age=7889238
x-shopid: 37341069444
x-shardid: 131
vary: Accept
content-language: en
x-shopify-stage: production
x-dc: gcp-europe-north1,europe-west1,gcp-europe-west1
x-request-id: 831205bd-80ac-480c-8f19-87d1af08e319
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sq%2Furd9RHb161cDmYHrCtmhjaXJUKS0Yf%2FjXLgohzlsRD949t2aRkxzB2exiAqOTa5ctDi1YNvJGVAqjuDcc817qBug7z6JARwgLMAtY%2FnENI1MSiiHvGTqdetbHF9oNr74Afmg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: processing;dur=16, db;dur=7, asn;desc="50304", edge;desc="OSL", country;desc="NO", cfRequestDuration;dur=289.000034
server: cloudflare
cf-ray: 789350220fbf0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pkg-store.dl.mail.ru/packages/shop/0_2015844distrib3/Find%20a%20way%20out;%20Abode%20of%20darkness/ProjectFaWO/Binaries/Win64/ProjectFaWO-Win64-Shipping.exe
200 OK 0 B URL HTTP/1.1 pkg-store.dl.mail.ru/packages/shop/0_2015844distrib3/Find%20a%20way%20out;%20Abode%20of%20darkness/ProjectFaWO/Binaries/Win64/ProjectFaWO-Win64-Shipping.exe
IP
NIDS Severity Alert suricata high ET POLICY PE EXE or DLL Windows file download HTTP
GET /packages/shop/0_2015844distrib3/Find%20a%20way%20out;%20Abode%20of%20darkness/ProjectFaWO/Binaries/Win64/ProjectFaWO-Win64-Shipping.exe HTTP/1.1
Host: pkg-store.dl.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 14 Jan 2023 03:33:56 GMT
Content-Type: application/octet-stream
Content-Length: 79033344
Last-Modified: Wed, 28 Dec 2022 13:55:01 GMT
Connection: keep-alive
ETag: "63ac4ab5-4b5f400"
Accept-Ranges: bytes
spcdn.incartupsell.com/gaehi-nyPwGKwmws6Bx6yfYeSe.js?c=1673650860&shop=witches-falls.myshopify.com
200 OK 0 B URL HTTP/2 spcdn.incartupsell.com/gaehi-nyPwGKwmws6Bx6yfYeSe.js?c=1673650860&shop=witches-falls.myshopify.com
IP
GET /gaehi-nyPwGKwmws6Bx6yfYeSe.js?c=1673650860&shop=witches-falls.myshopify.com HTTP/1.1
Host: spcdn.incartupsell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:59 GMT
accept-ranges: bytes
cache-control: max-age=72000
content-encoding: gzip
content-type: application/javascript
x-hw: 1673667239.cds016.sk1.hn,1673667239.cds212.sk1.sc,1673667239.cds212.sk1.p
access-control-allow-origin: *
etag: "3b975c3d7c8396fb9e97d8e1e4700319"
server: WasabiS3/7.10.1198-2022-12-14-39a7a2e69e (XB27-U41)
x-amz-id-2: bvobPTk3DTiAGlXWtOWt8nl9BUJqEpd4DB/Bl+6tjuJ1KwovXZShVbkW72ZPlJmUuQQ1cRW0h16M
x-amz-request-id: A610F39D89D4F9D8:A
last-modified: Fri, 13 Jan 2023 23:01:00 GMT
x-sp-metadata: HS256.CLfhiJ4GEocBCiRhZTRkZGQzYy1kMDc0LTRlNDgtODYyNi0wNzg4NDQxODA2OTYQ+JOOzbS0/AIaBginxYieBiIMOTEuOTAuNDIuMTU0KP3PATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GioSJDNkY2M5ZWU3LTBhMGQtNDMyNC1iYzMzLTg0MDBjMmJlZjc5ORj/jQwiGggCEhRjZHMyMTIuc2sxLmh3Y2RuLm5ldBgJ.X7S47q4fv/Hd4F/tUfFFxGLmpZXkYwXK6HKhRg9AHAw=
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/theme.min.js?v=101812004007097122321621999193
200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/theme.min.js?v=101812004007097122321621999193
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /s/files/1/0373/4106/9444/t/8/assets/theme.min.js?v=101812004007097122321621999193 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:56 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/theme.min.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: ad3ca676-3997-4445-82a8-38302edf125c
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-east1
last-modified: Sat, 14 Jan 2023 03:33:56 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSqVKzmjXvR2p3nhFAeVeiVE66T2dT%2BWkIJ5dLnBeRuMdK5fZlX0gYzkcu7EijLo7uAXoUdGcTiFTyhTaaBBJ3PjAo3vN3lBSV4RMP6QrhNNjGFiozaeXenWMTby6FHN3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=94.116, imageryFetch;dur=93.930, cfRequestDuration;dur=274.999857
server: cloudflare
cf-ray: 789350254b85b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cp.boldapps.net/js/csp.js
200 OK 0 B URL HTTP/2 cp.boldapps.net/js/csp.js
IP
GET /js/csp.js HTTP/1.1
Host: cp.boldapps.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:56 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 16:05:50 GMT
etag: "3ca61-5efa3ad509380-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=172800
via: 1.1 google
cf-cache-status: HIT
age: 66952
expires: Mon, 16 Jan 2023 03:33:56 GMT
set-cookie: __cf_bm=U_0jqXShNCGUflUW0ZrPEOsw0fLyLUi3TdDPfC76RGs-1673667236-0-AbDVvkALemso6Zp07s/MWaV5GJrEu/piu9GucYxtsIGhArZYKA/O+v2w/vZg76vixsdQWVoQHCQVMmgT7V3UBWM=; path=/; expires=Sat, 14-Jan-23 04:03:56 GMT; domain=.boldapps.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78935025280e0b45-OSL
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/libs.min.js?v=26178543184394469741621999184
200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/libs.min.js?v=26178543184394469741621999184
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /s/files/1/0373/4106/9444/t/8/assets/libs.min.js?v=26178543184394469741621999184 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:56 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0373/4106/9444/t/8/assets/libs.min.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: b7e2a97b-5b05-4eb0-80d2-9d9816703251
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Thu, 01 Dec 2022 20:57:09 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8WJp3GD0OrT8m6l7lqFpcywljBhDey6MJhcII7sDPOvQDG6yPjesJSicBQWHb6xG%2BUSls8Qgc%2BSAqIpqvZ65Tx%2FBhXWfSjaW0WvC5bAojt1tdwGmvtU0%2FVCUlbSu9LfEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=83.738, imageryFetch;dur=83.552, cfRequestDuration;dur=233.000040
server: cloudflare
cf-ray: 789350255b8fb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secure.apps.shappify.com/apps/csp/customer_pricing.php?shop=witches-falls.myshopify.com
200 OK 0 B URL HTTP/2 secure.apps.shappify.com/apps/csp/customer_pricing.php?shop=witches-falls.myshopify.com
IP
GET /apps/csp/customer_pricing.php?shop=witches-falls.myshopify.com HTTP/1.1
Host: secure.apps.shappify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:59 GMT
content-type: application/javascript
expires: Sat, 14 Jan 2023 11:33:59 GMT
last-modified: Sat, 14 Jan 2023 03:33:59 GMT
access-control-allow-origin: *
p3p: CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
cache-control: public, max-age=28800
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
cf-cache-status: MISS
set-cookie: __cf_bm=DM.ArjO9hq..K8FQdjNeKIsVGaUhnBMjsjYh0axgXaU-1673667239-0-AW4NOmh7+kJtz4sJ7g1RwWbthYPj/ZY0LvlNeWZ/QSL87cNQcGSj/lNXUjvFJf5AWG7rZR/FywI4tZWI0y/gzDY=; path=/; expires=Sat, 14-Jan-23 04:03:59 GMT; domain=.shappify.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 789350349b9cb521-OSL
X-Firefox-Spdy: h2
sdk.loyaltylion.net/sdk/css/1c7998c90e7c91ba71ee25292922eb0c/legacy-2356bf3-07222af.css
200 OK 0 B URL HTTP/2 sdk.loyaltylion.net/sdk/css/1c7998c90e7c91ba71ee25292922eb0c/legacy-2356bf3-07222af.css
IP
GET /sdk/css/1c7998c90e7c91ba71ee25292922eb0c/legacy-2356bf3-07222af.css HTTP/1.1
Host: sdk.loyaltylion.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
date: Wed, 14 Dec 2022 21:33:17 GMT
server: nginx
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"234fc-7cgqsObLZGN+JPEE1UMd5zN0j6U"
x-cache-status: MISS
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M9vYIlfBiT3HZMXt0647fOepEFLKeg14hKh7v2h_iK0CzdDHniF7hA==
age: 2613640
X-Firefox-Spdy: h2
sdk.loyaltylion.net/sdk/config/1c7998c90e7c91ba71ee25292922eb0c?build=18384&t=2023011403
200 OK 0 B URL HTTP/2 sdk.loyaltylion.net/sdk/config/1c7998c90e7c91ba71ee25292922eb0c?build=18384&t=2023011403
IP
GET /sdk/config/1c7998c90e7c91ba71ee25292922eb0c?build=18384&t=2023011403 HTTP/1.1
Host: sdk.loyaltylion.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://witchesfalls.com.au/
X-SDK-Version: 2021-04
Origin: https://witchesfalls.com.au
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sat, 14 Jan 2023 03:33:57 GMT
server: nginx
x-dns-prefetch-control: off
access-control-allow-origin: *
cache-control: private, max-age=60, must-revalidate
etag: W/"cb34-GZlcM0eBgnhNQZOcic+459sriHA"
x-cache-status: STALE
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QbeRsZgQPGLR2Bj7BiM4HFac5YbZC1BRY_3Kg9fRh1xDxav156oMrA==
X-Firefox-Spdy: h2
service-reviews-ultimate.elfsight.com/data/sources?&uris[]=ChIJk5HsfrUikWsRmaGSLfS2j9o&with_text_only=1&min_rating=5&exclude_keywords[]=shit&exclude_keywords[]=fuck&exclude_keywords[]=ass&exclude_keywords[]=arse&exclude_keywords[]=piss&exclude_keywords[]=boring&exclude_keywords[]=terrible&exclude_keywords[]=awful&exclude_keywords[]=dick&exclude_keywords[]=bloody&exclude_keywords[]=worst&exclude_keywords[]=disgusting&exclude_keywords[]=gross&order=date&page_length=100
200 OK 0 B URL HTTP/2 service-reviews-ultimate.elfsight.com/data/sources?&uris[]=ChIJk5HsfrUikWsRmaGSLfS2j9o&with_text_only=1&min_rating=5&exclude_keywords[]=shit&exclude_keywords[]=fuck&exclude_keywords[]=ass&exclude_keywords[]=arse&exclude_keywords[]=piss&exclude_keywords[]=boring&exclude_keywords[]=terrible&exclude_keywords[]=awful&exclude_keywords[]=dick&exclude_keywords[]=bloody&exclude_keywords[]=worst&exclude_keywords[]=disgusting&exclude_keywords[]=gross&order=date&page_length=100
IP
GET /data/sources?&uris[]=ChIJk5HsfrUikWsRmaGSLfS2j9o&with_text_only=1&min_rating=5&exclude_keywords[]=shit&exclude_keywords[]=fuck&exclude_keywords[]=ass&exclude_keywords[]=arse&exclude_keywords[]=piss&exclude_keywords[]=boring&exclude_keywords[]=terrible&exclude_keywords[]=awful&exclude_keywords[]=dick&exclude_keywords[]=bloody&exclude_keywords[]=worst&exclude_keywords[]=disgusting&exclude_keywords[]=gross&order=date&page_length=100 HTTP/1.1
Host: service-reviews-ultimate.elfsight.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://witchesfalls.com.au/
Origin: https://witchesfalls.com.au
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:34:00 GMT
content-type: application/json
cf-ray: 7893503bee1fb4f9-OSL
access-control-allow-origin: https://witchesfalls.com.au
cache-control: no-cache, private
strict-transport-security: max-age=0
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTICRQamMZ0FIQcn5aaWFjdpALqz5w9jC9BwGTLIey8c%2B2y%2BBkqLSO%2FAxKP7dQMez%2BcDP3b1vk0kHNC2DO9bwhPVQMGuKeiDvv2F9oqCkeXA6SkZuKj0wQi3t9U8BaO%2Br1s%2FN27I6Wa2KN9YDkVzdLGSET7b25Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-e154599399e6b8b29dcb1102cc76eb199fa33a09af4fa78d15e8f8544ee64fcd.js
200 OK 0 B URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-e154599399e6b8b29dcb1102cc76eb199fa33a09af4fa78d15e8f8544ee64fcd.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /shopifycloud/shopify/assets/storefront/load_feature-e154599399e6b8b29dcb1102cc76eb199fa33a09af4fa78d15e8f8544ee64fcd.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://witchesfalls.com.au
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:56 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-e154599399e6b8b29dcb1102cc76eb199fa33a09af4fa78d15e8f8544ee64fcd.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: e43bfb77-fca8-4828-a71e-4d4e830031f3
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Wed, 04 Jan 2023 20:17:50 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AX1BhC6o6b7epH7XCqlQr7ZLb4mfqSwmFO4OTi0nvKUIXOFVev64U%2BCEdW7i7IhpOQvuSMd9vhKp0WGI%2FODPhTeJLktGgg%2FmbD%2F%2Bmx%2FWZt%2BmUe2%2FAyYToWXJQQo5cfPw0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=23.396, imageryFetch;dur=23.200, cfRequestDuration;dur=121.999979
server: cloudflare
cf-ray: 789350254ad61c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js
200 OK 0 B URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://witchesfalls.com.au
Connection: keep-alive
Referer: https://witchesfalls.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 03:33:56 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: a32ea59f-e025-4141-a599-65dba2b2a4f2
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Wed, 16 Nov 2022 20:21:13 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2F7Mpvdv95FPIZugM3FI5uDyk3Lpz3BiM2Mg5iXKtVp7Cd2MpoymBJHe6W66qB83QSj%2BQLv7uSttRbdY0qNjvTLZ%2B2sooKsBLJt3a2KEuR2e%2FhB7vy6iX9bU8CzxmuC72g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=16.312, imageryFetch;dur=16.082, cfRequestDuration;dur=219.000101
server: cloudflare
cf-ray: 789350254ad41c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
23.227.38.65
52.88.220.109
31.13.72.36
96.6.17.210
104.17.96.24
52.18.176.90
188.93.63.73
185.244.209.62
93.184.220.29