urlscan.io logo urlscan.io
SecurityTrails logo

badoo.com Open in urlscan Pro
31.222.67.112  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://0.0-okta-network-gateway-prod-malaysia-manage.55.blendr.com/
Effective URL: https://badoo.com/
Submission: On March 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 51 HTTP transactions. The main IP is 31.222.67.112, located in Cyprus and belongs to BADOO-U, CY. The main domain is badoo.com. The Cisco Umbrella rank of the primary domain is 54143.
TLS certificate: Issued by R3 on February 3rd 2023. Valid for: 3 months.
This is the only time badoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    31.222.67.115 (Cyprus)

ASN12678 (BADOO-U, CY)
0.0-okta-network-gateway-prod-malaysia-manage.55.blendr.com
9    31.222.67.112 (Cyprus)

ASN12678 (BADOO-U, CY)
badoo.com
eu1.badoo.com
12    18.66.97.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-72.fra56.r.cloudfront.net
consent.badoo.com
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
20    31.222.66.68 (Cyprus)

ASN12678 (BADOO-U, CY)
eu1.badoocdn.com
1    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    18.66.147.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-49.fra60.r.cloudfront.net
cdn.privacy-mgmt.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
21 badoo.com
badoo.com — Cisco Umbrella Rank: 54143
consent.badoo.com — Cisco Umbrella Rank: 263122
eu1.badoo.com — Cisco Umbrella Rank: 61317
246 KB
20 badoocdn.com
eu1.badoocdn.com — Cisco Umbrella Rank: 97022
636 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
112 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6069
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
455 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 32
2 KB
1 gstatic.com
fonts.gstatic.com
38 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
1 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4815
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 147
86 KB
1 blendr.com
0.0-okta-network-gateway-prod-malaysia-manage.55.blendr.com
365 B
51 12
Domain Requested by
20 eu1.badoocdn.com badoo.com
eu1.badoocdn.com
12 consent.badoo.com badoo.com
consent.badoo.com
6 badoo.com badoo.com
consent.badoo.com
eu1.badoocdn.com
3 eu1.badoo.com badoo.com
eu1.badoocdn.com
2 www.googletagmanager.com badoo.com
www.googletagmanager.com
1 www.google.de
1 www.google.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.facebook.com connect.facebook.net
1 cdn.privacy-mgmt.com consent.badoo.com
1 fonts.googleapis.com client
1 connect.facebook.net eu1.badoocdn.com
1 0.0-okta-network-gateway-prod-malaysia-manage.55.blendr.com 1 redirects
51 14

This site contains links to these domains. Also see Links.

Domain
team.bumble.com
bumble.wd3.myworkdayjobs.com
eu1.badoocdn.com
Subject Issuer Validity Valid
*.badoo.app
R3		 2023-02-03 -
2023-05-04		 3 months crt.sh
consent.badoo.com
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.badoocdn.com
R3		 2023-02-03 -
2023-05-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-20		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.privacy-mgmt.com
Amazon RSA 2048 M02		 2022-11-07 -
2023-12-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://badoo.com/
Frame ID: 148F042EB558DB52F92E9368E46B8E70
Requests: 40 HTTP requests in this frame

Frame: https://badoo.com/jss/csp_report.phtml?token=badoo_web&release=28334&env=production
Frame ID: B1807E14BE1FDD54DA4650BB8BEE14C9
Requests: 1 HTTP requests in this frame

Frame: https://badoo.com/jss/csp_report.phtml?token=badoo_web&release=28334&env=production
Frame ID: 4A38460E62FC50608CA4CF6AC2F1A349
Requests: 1 HTTP requests in this frame

Frame: https://consent.badoo.com/index.html?message_id=767155&consentUUID=null&requestUUID=91f11007-3056-48dc-bb76-1ea607557cf9&preload_message=true&hasCsp=true&version=v1&consentLanguage=de
Frame ID: 841132A6C578617DBA6D1402BBCA699A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Beste kostenlose App und Website für Online-Dating – Freunde, chatten, flirten | Badoo

Page URL History Show full URLs

  1. http://0.0-okta-network-gateway-prod-malaysia-manage.55.blendr.com/ HTTP 307
    https://0.0-okta-network-gateway-prod-malaysia-manage.55.blendr.com/ HTTP 301
    http://badoo.com/ HTTP 307
    https://badoo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

51
Requests

100 %
HTTPS

62 %
IPv6

12
Domains

14
Subdomains

13
IPs

3
Countries

1123 kB
Transfer

3830 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://0.0-okta-network-gateway-prod-malaysia-manage.55.blendr.com/ HTTP 307
    https://0.0-okta-network-gateway-prod-malaysia-manage.55.blendr.com/ HTTP 301
    http://badoo.com/ HTTP 307
    https://badoo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
badoo.com/
Redirect Chain
  • http://0.0-okta-network-gateway-prod-malaysia-manage.55.blendr.com/
  • https://0.0-okta-network-gateway-prod-malaysia-manage.55.blendr.com/
  • http://badoo.com/
  • https://badoo.com/
198 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://badoo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.222.67.112 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
b2de9c1bb08d62dca10cf39b7770655f1f59dfb547411a861dfaff0e2679e9cd
Security Headers
Name Value
Content-Security-Policy default-src 'self' badoocdn.com *.badoocdn.com eu1.badoocdn.com; connect-src 'self' badoo.com eu1.badoo.com us1.badoo.com am1.badoo.com gew3.badoo.com fr1.badoo.com badoocdn.com *.badoocdn.com eu1.badoocdn.com *.api.here.com *.paypal.com *.googlesyndication.com *.gstatic.com api.giphy.com api.tenor.com g.tenor.com *.doubleclick.net *.mapbox.com https://www.facebook.com wss://badoocdn.com:* wss://*.badoocdn.com:* *.google.de wss://badoocdn.com:* wss://*.badoocdn.com:* https://consent.badoo.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.googletagmanager.com https://*.analytics.google.com https://*.google.com https://www.facebook.com https://adservice.google.com/tt/r https://cdn.ampproject.org https://essentialaccessibility.com https://analytics.google.com; script-src 'self' 'strict-dynamic' 'unsafe-inline' 'nonce-n0Sny5a5N7tuo1O/wE7EqlkkU2s=' 'report-sample' badoocdn.com *.badoocdn.com eu1.badoocdn.com *.googleapis.com *.gstatic.com *.google.com vk.com *.vk.me cdn.syndication.twitter.com *.facebook.net *.facebook.com *.paypal.com www.paypalobjects.com *.youtube.com *.ytimg.com *.google-analytics.com *.googletagmanager.com *.api.here.com *.instagram.com *.digicert.com *.googlesyndication.com *.googleadservices.com adservice.google.com adservice.google.de https://cdn.ampproject.org https://consent.badoo.com https://essentialaccessibility.com *.googlesyndication.com *.googletagservices.com *.googleadservices.com *.doubleclick.net *.googlesyndication.com *.ampproject.org *.amazon-adsystem.com adservice.google.com; style-src 'self' 'unsafe-inline' badoocdn.com *.badoocdn.com eu1.badoocdn.com vk.com *.vk.me *.googleapis.com; font-src 'self' data: badoocdn.com *.badoocdn.com eu1.badoocdn.com fonts.googleapis.com fonts.gstatic.com; prefetch-src 'self' badoocdn.com *.badoocdn.com eu1.badoocdn.com *.googlesyndication.com *.googletagservices.com *.googleadservices.com *.doubleclick.net *.googlesyndication.com *.ampproject.org *.amazon-adsystem.com adservice.google.com adservice.google.de; img-src * data: blob:; child-src 'self' blob:; worker-src 'self' blob:; media-src * data: blob:; object-src 'self' badoocdn.com *.badoocdn.com eu1.badoocdn.com; base-uri 'self'; form-action 'self' *; frame-src * bds: bdp:; frame-ancestors 'self' apps.facebook.com; upgrade-insecure-requests; report-uri /jss/csp_report.phtml?token=badoo_web&release=28334&env=production
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' badoocdn.com *.badoocdn.com eu1.badoocdn.com; connect-src 'self' badoo.com eu1.badoo.com us1.badoo.com am1.badoo.com gew3.badoo.com fr1.badoo.com badoocdn.com *.badoocdn.com eu1.badoocdn.com *.api.here.com *.paypal.com *.googlesyndication.com *.gstatic.com api.giphy.com api.tenor.com g.tenor.com *.doubleclick.net *.mapbox.com https://www.facebook.com wss://badoocdn.com:* wss://*.badoocdn.com:* *.google.de wss://badoocdn.com:* wss://*.badoocdn.com:* https://consent.badoo.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.googletagmanager.com https://*.analytics.google.com https://*.google.com https://www.facebook.com https://adservice.google.com/tt/r https://cdn.ampproject.org https://essentialaccessibility.com https://analytics.google.com; script-src 'self' 'strict-dynamic' 'unsafe-inline' 'nonce-n0Sny5a5N7tuo1O/wE7EqlkkU2s=' 'report-sample' badoocdn.com *.badoocdn.com eu1.badoocdn.com *.googleapis.com *.gstatic.com *.google.com vk.com *.vk.me cdn.syndication.twitter.com *.facebook.net *.facebook.com *.paypal.com www.paypalobjects.com *.youtube.com *.ytimg.com *.google-analytics.com *.googletagmanager.com *.api.here.com *.instagram.com *.digicert.com *.googlesyndication.com *.googleadservices.com adservice.google.com adservice.google.de https://cdn.ampproject.org https://consent.badoo.com https://essentialaccessibility.com *.googlesyndication.com *.googletagservices.com *.googleadservices.com *.doubleclick.net *.googlesyndication.com *.ampproject.org *.amazon-adsystem.com adservice.google.com; style-src 'self' 'unsafe-inline' badoocdn.com *.badoocdn.com eu1.badoocdn.com vk.com *.vk.me *.googleapis.com; font-src 'self' data: badoocdn.com *.badoocdn.com eu1.badoocdn.com fonts.googleapis.com fonts.gstatic.com; prefetch-src 'self' badoocdn.com *.badoocdn.com eu1.badoocdn.com *.googlesyndication.com *.googletagservices.com *.googleadservices.com *.doubleclick.net *.googlesyndication.com *.ampproject.org *.amazon-adsystem.com adservice.google.com adservice.google.de; img-src * data: blob:; child-src 'self' blob:; worker-src 'self' blob:; media-src * data: blob:; object-src 'self' badoocdn.com *.badoocdn.com eu1.badoocdn.com; base-uri 'self'; form-action 'self' *; frame-src * bds: bdp:; frame-ancestors 'self' apps.facebook.com; upgrade-insecure-requests; report-uri /jss/csp_report.phtml?token=badoo_web&release=28334&env=production
Content-Type
text/html; charset=utf-8
Date
Mon, 13 Mar 2023 08:44:56 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Keep-Alive
timeout=60
P3P
policyref="https://badoo.com/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
User-Agent
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
DENY
X-Server
www18
X-XSS-Protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://badoo.com/
Non-Authoritative-Reason
HSTS
wrapperMessagingWithoutDetection.js
consent.badoo.com/unified/ 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.badoo.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: badoo.com
URL: https://badoo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3affa3c14decd26f591fcf4c1d49d69dd937577dc0b6a25e032d8de778bd14e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 07:53:21 GMT
content-encoding
gzip
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:10:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
3114
x-amz-server-side-encryption
AES256
etag
W/"77a0817633db5f2ab0ac9acf9d44f0be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
avtPi5L4ZYR7pOglHWeF4WL9PiBweS79Nl72DaOKronNqfrreHq6Bw==
csp_report.phtml
badoo.com/jss/ 		2 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://badoo.com/jss/csp_report.phtml?token=badoo_web&release=28334&env=production
Requested by
Host: badoo.com
URL: https://badoo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.222.67.112 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://badoo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Mon, 13 Mar 2023 08:44:56 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://badoo.com
Access-Control-Expose-Headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
https://badoo.com
Keep-Alive
timeout=60
Access-Control-Allow-Headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
gtm.js
www.googletagmanager.com/ 		163 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NRVTQM9
Requested by
Host: badoo.com
URL: https://badoo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c7421effb0bd6508fb5076dd8cc98ba214a66b16108260e4cb5073df5677543
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62272
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Mar 2023 08:44:56 GMT
csp_report.phtml
badoo.com/jss/ Frame B180 		2 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://badoo.com/jss/csp_report.phtml?token=badoo_web&release=28334&env=production
Requested by
Host: badoo.com
URL: https://badoo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.222.67.112 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Mon, 13 Mar 2023 08:44:56 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://badoo.com
Access-Control-Expose-Headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=60
Access-Control-Allow-Headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
csp_report.phtml
badoo.com/jss/ Frame 4A38 		2 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://badoo.com/jss/csp_report.phtml?token=badoo_web&release=28334&env=production
Requested by
Host: badoo.com
URL: https://badoo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.222.67.112 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Mon, 13 Mar 2023 08:44:56 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://badoo.com
Access-Control-Expose-Headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=60
Access-Control-Allow-Headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
base-lite.e6bbb2bd2da596267c92.js
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/ 		1 MB
293 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-lite.e6bbb2bd2da596267c92.js
Requested by
Host: badoo.com
URL: https://badoo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
b3ec9581c0a8573a4947d855dc49310062f60c0e91924b3e33d6743c65c36d5d
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://badoo.com/
Origin
https://badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
298932
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 16:54:48 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
access-control-max-age
3600, 3600
content-type
application/x-javascript
x-frame-options
deny
access-control-allow-origin
https://badoo.com
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-credentials
true
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
base-app-unauth.1c2276dd33ad74cf6bca.js
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/ 		320 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-app-unauth.1c2276dd33ad74cf6bca.js
Requested by
Host: badoo.com
URL: https://badoo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
d62c7a3ea2997004c75af041852eb8d0d5068a18c43dc3d1dac7937229f854f4
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://badoo.com/
Origin
https://badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
222
x-xss-protection
0
last-modified
Sun, 08 Jan 2023 10:43:40 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
access-control-max-age
3600, 3600
content-type
application/x-javascript
x-frame-options
deny
access-control-allow-origin
https://badoo.com
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-credentials
true
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
base-app.a1ca5b3c4c8b051390a6.js
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-app.a1ca5b3c4c8b051390a6.js
Requested by
Host: badoo.com
URL: https://badoo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://badoo.com/
Origin
https://badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
609
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 10:21:52 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
access-control-max-age
3600, 3600
content-type
application/x-javascript
x-frame-options
deny
access-control-allow-origin
https://badoo.com
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-credentials
true
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
page.homepage.705f752f2a70a1c0b92b.js
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/entrypoints/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/entrypoints/page.homepage.705f752f2a70a1c0b92b.js
Requested by
Host: badoo.com
URL: https://badoo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
aa64d47cb7d3ee62e1255ce9837c344ecf1fb4a67dc44fb5a1049d993697dfc8
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://badoo.com/
Origin
https://badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
15658
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 16:54:48 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
access-control-max-age
3600, 3600
content-type
application/x-javascript
x-frame-options
deny
access-control-allow-origin
https://badoo.com
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-credentials
true
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
generic.3ac9b5fa60d829432ab8.css
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/assets/css/ltr/-/css/hotornot_v2/ 		275 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/assets/css/ltr/-/css/hotornot_v2/generic.3ac9b5fa60d829432ab8.css
Requested by
Host: badoo.com
URL: https://badoo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
5724f12b176be560b62c3b240fad10b2ed2a9e27c5e3e9ab43af4e8ba410055c
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
38926
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 13:58:16 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
x-frame-options
deny
content-type
text/css
access-control-allow-origin
https://badoo.com
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-max-age
3600
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
page.homepage.7ecc81a4fc624ce1ea69.css
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/assets/css/ltr/-/css/hotornot_v2/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/assets/css/ltr/-/css/hotornot_v2/page.homepage.7ecc81a4fc624ce1ea69.css
Requested by
Host: badoo.com
URL: https://badoo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
c06ee155247dd2b66c9029c23be072ddaec408ac64ec21fc1a13cfc3e9304652
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
2089
x-xss-protection
0
last-modified
Sun, 08 Jan 2023 10:43:40 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
x-frame-options
deny
content-type
text/css
access-control-allow-origin
https://badoo.com
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-max-age
3600
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
ccpa.83b119fcb8d241d4d823.bundle.js
consent.badoo.com/unified/4.6.1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.badoo.com/unified/4.6.1/ccpa.83b119fcb8d241d4d823.bundle.js
Requested by
Host: consent.badoo.com
URL: https://consent.badoo.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2eb49a8f20848e1628efa23797cf725b92ad3318549c42850cd02bb3283ea702

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 02:29:16 GMT
content-encoding
br
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
last-modified
Tue, 28 Feb 2023 14:30:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
22542
etag
W/"14169d3611eee53fd481c91fe80dccae"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
l_0CIveLDp6bZIsFQafutJlI0aXRu-lKJaczNtVe9GuiRx6c68SqgQ==
gdpr-tcf.4beb2afb0070f1a389db.bundle.js
consent.badoo.com/unified/4.6.1/ 		86 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.badoo.com/unified/4.6.1/gdpr-tcf.4beb2afb0070f1a389db.bundle.js
Requested by
Host: consent.badoo.com
URL: https://consent.badoo.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a5c006e43cef72a54f0a1e35ef86a10323eb99493791be543a1be1c8043ce19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 03:54:51 GMT
content-encoding
gzip
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
last-modified
Tue, 28 Feb 2023 14:30:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
17407
x-amz-server-side-encryption
AES256
etag
W/"e4bf94e14b325568efb7d08b31403756"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
Vbz47HcDRdwdj8iRX99uYUXtfH_luTnPcoyabBkNIi-RbWKG_3bG_A==
get_site_data
consent.badoo.com/mms/v2/ 		214 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.badoo.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fbadoo.com%2F&account_id=1789
Requested by
Host: consent.badoo.com
URL: https://consent.badoo.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-72.fra56.r.cloudfront.net
Software
/
Resource Hash
684ade3b1d9bd1431b6b49ccf59001617d71ee4c3635cc52dc1ee6796902d941
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 02:13:51 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-37-93
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
23466
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
we72LOI8yddaWoOP29oyprQ2t7oDAUtu6AMktKZ6SO3rfKTyjrgEOg==
meta-data
consent.badoo.com/wrapper/v2/ 		285 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.badoo.com/wrapper/v2/meta-data?hasCsp=true&accountId=1789&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%2C%22gdpr%22%3A%7B%7D%7D&propertyId=22304&scriptVersion=4.6.1&scriptType=unified
Requested by
Host: consent.badoo.com
URL: https://consent.badoo.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-72.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
25f5c0708db6be3e0e4872d2f3c385d368cfd34ecd703ddb11f725fdc5294e7e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://badoo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 13 Mar 2023 08:21:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1437
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
285
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
OvHHzqcwjQnI2Kfk6iK7YGhJElj6fMIG28sx7J19YG8UGxBanzF2Pg==
meta-data
consent.badoo.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.badoo.com/wrapper/v2/meta-data?hasCsp=true&accountId=1789&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%2C%22gdpr%22%3A%7B%7D%7D&propertyId=22304&scriptVersion=4.6.1&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-72.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://badoo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
25758
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Mon, 13 Mar 2023 01:35:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-id
Bhxj1V_s-Yl5Z8henhvOThV35taQdsGacLkPKQ-YffBpbG9Si2PzgQ==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-powered-by
Express
messages
consent.badoo.com/wrapper/v2/ 		91 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.badoo.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1789%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.badoo.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fbadoo.com%2F%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%2C%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&scriptVersion=4.6.1&scriptType=unified
Requested by
Host: consent.badoo.com
URL: https://consent.badoo.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-72.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
1ad2a78c0196eafe470944a9b28f5274ff667506b81b0f8f81b08684cedc00b6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://badoo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 13 Mar 2023 08:38:38 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
379
x-powered-by
Express
x-cache
Hit from cloudfront
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
9J5X_2ApPvhwLQ9VL7S3Xv5OmHlznCwqYHVHLPSCEU0aAokrOnYdVg==
messages
consent.badoo.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.badoo.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1789%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.badoo.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fbadoo.com%2F%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%2C%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&scriptVersion=4.6.1&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-72.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://badoo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
62861
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 12 Mar 2023 15:17:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-id
mbUHOlYunoPqmcLOlJrANi2Ubfzv84RLi7dfjuyukmyS-Lm1eD-sKw==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-powered-by
Express
hearts.9a918b2cf48b772bf4c3.svg
eu1.badoocdn.com/i/v2/-/-/i/hotornot_v2/homepage/ 		525 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu1.badoocdn.com/i/v2/-/-/i/hotornot_v2/homepage/hearts.9a918b2cf48b772bf4c3.svg
Requested by
Host: badoo.com
URL: https://badoo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
3da2397b76f8a427acf8059f5732d7b8c15233bb5b3a6c4db257e35add68a58a
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
x-xss-protection
0
last-modified
Sun, 08 Jan 2023 10:43:38 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
x-frame-options
deny
content-type
image/svg+xml
access-control-allow-origin
https://badoo.com
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-max-age
3600
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
logo-boxed-inverted.14c6ba0ff124291734c9.svg
eu1.badoocdn.com/i/v2/-/-/i/ui/assets/cosmos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu1.badoocdn.com/i/v2/-/-/i/ui/assets/cosmos/logo-boxed-inverted.14c6ba0ff124291734c9.svg
Requested by
Host: badoo.com
URL: https://badoo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
95c8f52a949dcf05351ea22549f17802eff846e85f9c82f1a838b006f5501117
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
x-xss-protection
0
last-modified
Sun, 08 Jan 2023 10:43:38 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
x-frame-options
deny
content-type
image/svg+xml
access-control-allow-origin
https://badoo.com
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-max-age
3600
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
index.html
consent.badoo.com/ Frame 8411 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.badoo.com/index.html?message_id=767155&consentUUID=null&requestUUID=91f11007-3056-48dc-bb76-1ea607557cf9&preload_message=true&hasCsp=true&version=v1&consentLanguage=de
Requested by
Host: consent.badoo.com
URL: https://consent.badoo.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b6ef2a2ff5a4d970620e02b429548dfb6acbf6e63a7ef4065502251d8433f00

Request headers

Referer
https://badoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
958
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Mon, 13 Mar 2023 08:29:00 GMT
etag
W/"56ced6c92a94bd4ee47d5c270e624599"
last-modified
Thu, 02 Mar 2023 17:33:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-id
KhU7-ahKo602gk9QauDb3CL2S2F8Ob3hJEeRv8_785A9zNm-2qESfg==
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
7335.471d216fefbe8781c2ad.js
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/7335.471d216fefbe8781c2ad.js
Requested by
Host: eu1.badoocdn.com
URL: https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-lite.e6bbb2bd2da596267c92.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
e92bdea05277650c0c84dd02ca04437be0d360bcae29919cbbf7b1cf699c1a1b
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://badoo.com/
Origin
https://badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
3516
x-xss-protection
0
last-modified
Sun, 08 Jan 2023 10:43:40 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
access-control-max-age
3600, 3600
content-type
application/x-javascript
x-frame-options
deny
access-control-allow-origin
https://badoo.com
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-credentials
true
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
5203.b9aea30118e43ba3a8fa.js
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/5203.b9aea30118e43ba3a8fa.js
Requested by
Host: eu1.badoocdn.com
URL: https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-lite.e6bbb2bd2da596267c92.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
db8530554973c40d361aaebd46414d48d93797983fc401d17e31b34b71c969b9
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://badoo.com/
Origin
https://badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
2979
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 16:54:48 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
access-control-max-age
3600, 3600
content-type
application/x-javascript
x-frame-options
deny
access-control-allow-origin
https://badoo.com
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-credentials
true
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
3850.d2e1cb6af89565f58c9e.js
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/3850.d2e1cb6af89565f58c9e.js
Requested by
Host: eu1.badoocdn.com
URL: https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-lite.e6bbb2bd2da596267c92.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
9e2360d72af33171979fe6a8e790d2e63d862300f9d4b8d30042d150efa20389
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://badoo.com/
Origin
https://badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
10509
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 16:54:48 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
access-control-max-age
3600, 3600
content-type
application/x-javascript
x-frame-options
deny
access-control-allow-origin
https://badoo.com
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-credentials
true
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
9176.4d87acc141d74ecc9059.js
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/ 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/9176.4d87acc141d74ecc9059.js
Requested by
Host: eu1.badoocdn.com
URL: https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-lite.e6bbb2bd2da596267c92.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
03b4f49eff90493b9787662b7aa004a1a1af19f210a38179c31ddaf4b00fa6c4
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://badoo.com/
Origin
https://badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
17331
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 16:54:48 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
access-control-max-age
3600, 3600
content-type
application/x-javascript
x-frame-options
deny
access-control-allow-origin
https://badoo.com
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-credentials
true
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
3378.fc0ebaebab52b307846a.js
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/ 		19 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/3378.fc0ebaebab52b307846a.js
Requested by
Host: eu1.badoocdn.com
URL: https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-lite.e6bbb2bd2da596267c92.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
d30bcae62a388a5ff91f67bb2a1578329fc5a41dbcd92de9a33bad84b5d01bef
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://badoo.com/
Origin
https://badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
2319
x-xss-protection
0
last-modified
Sun, 08 Jan 2023 10:43:40 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
access-control-max-age
3600, 3600
content-type
application/x-javascript
x-frame-options
deny
access-control-allow-origin
https://badoo.com
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-credentials
true
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
1668.ccc688d1c850a10f8cdc.js
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/1668.ccc688d1c850a10f8cdc.js
Requested by
Host: eu1.badoocdn.com
URL: https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-lite.e6bbb2bd2da596267c92.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
3b8b34602841b9eb4b6a689f421349043fe203854856c425c9939e3eea1fbb72
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://badoo.com/
Origin
https://badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
14346
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 13:58:16 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
access-control-max-age
3600, 3600
content-type
application/x-javascript
x-frame-options
deny
access-control-allow-origin
https://badoo.com
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-credentials
true
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
3623.258950b99c4a7491194e.js
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/ 		42 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/3623.258950b99c4a7491194e.js
Requested by
Host: eu1.badoocdn.com
URL: https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-lite.e6bbb2bd2da596267c92.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
1c4a8a2c121b5af7cadeac80918e6c5691a6e4748830eb854e03173e40f76466
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://badoo.com/
Origin
https://badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
4289
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 16:54:48 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
access-control-max-age
3600, 3600
content-type
application/x-javascript
x-frame-options
deny
access-control-allow-origin
https://badoo.com
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-credentials
true
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
7659.81ec98a7c1bc29df2af1.js
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/ 		123 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/7659.81ec98a7c1bc29df2af1.js
Requested by
Host: eu1.badoocdn.com
URL: https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-lite.e6bbb2bd2da596267c92.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
c61dec9cc8bc606f13d7317fe23c3cee5c0471d1d793f6deec351575e3ffbd75
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://badoo.com/
Origin
https://badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
24464
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 16:54:48 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
access-control-max-age
3600, 3600
content-type
application/x-javascript
x-frame-options
deny
access-control-allow-origin
https://badoo.com
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-credentials
true
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
sdk.js
eu1.badoocdn.com/facebook_sdk/fbc418de/de_DE/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/facebook_sdk/fbc418de/de_DE/sdk.js
Requested by
Host: eu1.badoocdn.com
URL: https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-lite.e6bbb2bd2da596267c92.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
380325ef49d226d5fbfaf6716e366635ef4f3fff321f0b4130f202e92efec0e1
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload; includeSubDomains, max-age=31536000; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY, deny
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
content-md5
nMKMgU//xnbhDycI8DFg6w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
8dcc1e632b47dd5da1737dc7579a72bc
etag
W/"f7f1f5f9f410be201cf065d13f87a6aa"
vary
Accept-Encoding
x-frame-options
DENY, deny
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://badoo.com
origin-agent-cluster
?0
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=86400
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 14 Mar 2023 08:44:57 GMT
date
Mon, 13 Mar 2023 08:44:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains, max-age=31536000; preload
x-content-type-options
nosniff, nosniff
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
x-fb-debug
ahSFlO8BfbpZ2FGT1KBhJlm79Ye88eXYpAvWqYkSiNgQZsWVuuVN+u0dnuaOrARlF1ZVpC6tJn9/5bTAJuSgVw==
x-fb-trip-id
95149190
server
nginx
cross-origin-opener-policy
same-origin-allow-popups
x-pr-bypass
facebook_sdk_cache
access-control-max-age
3600
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
access-control-allow-credentials
true
timing-allow-origin
https://badoo.com
truncated
/ 		54 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10d7df3af837244603c9fb9b8052934d2dd02eec3e9c1962db8a0fdbd972749e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/webp
Notice.cebe9.css
consent.badoo.com/ Frame 8411 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent.badoo.com/Notice.cebe9.css
Requested by
Host: consent.badoo.com
URL: https://consent.badoo.com/index.html?message_id=767155&consentUUID=null&requestUUID=91f11007-3056-48dc-bb76-1ea607557cf9&preload_message=true&hasCsp=true&version=v1&consentLanguage=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bd12e30c80ebaa26b56c4b2d9c16dc9b4f533a10b27271568c774c718644478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.badoo.com/index.html?message_id=767155&consentUUID=null&requestUUID=91f11007-3056-48dc-bb76-1ea607557cf9&preload_message=true&hasCsp=true&version=v1&consentLanguage=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 07:48:37 GMT
content-encoding
gzip
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 17:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
3380
x-amz-server-side-encryption
AES256
etag
W/"2906e24155ed9b893ffa1589740821ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600
x-amz-cf-id
N_FsfG3YJeV0_RQ_Mct94aW7_TCHB0UZ5LV3iaIHQ6kLyib8nbC7dQ==
polyfills.d36c5.js
consent.badoo.com/ Frame 8411 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.badoo.com/polyfills.d36c5.js
Requested by
Host: consent.badoo.com
URL: https://consent.badoo.com/index.html?message_id=767155&consentUUID=null&requestUUID=91f11007-3056-48dc-bb76-1ea607557cf9&preload_message=true&hasCsp=true&version=v1&consentLanguage=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.badoo.com/index.html?message_id=767155&consentUUID=null&requestUUID=91f11007-3056-48dc-bb76-1ea607557cf9&preload_message=true&hasCsp=true&version=v1&consentLanguage=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:25:50 GMT
content-encoding
gzip
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 17:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
1148
etag
W/"89661b8fd918815bcb224bba79cabab1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
H1uJ8rB9MKVxK_Dc_fRFPEPw7YYYavX4Y69rpp9vxyYwoEYDSd6wSw==
Notice.3712f.js
consent.badoo.com/ Frame 8411 		262 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.badoo.com/Notice.3712f.js
Requested by
Host: consent.badoo.com
URL: https://consent.badoo.com/index.html?message_id=767155&consentUUID=null&requestUUID=91f11007-3056-48dc-bb76-1ea607557cf9&preload_message=true&hasCsp=true&version=v1&consentLanguage=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4c2b200550ff5b1c078b2eb9cb177145904a01b23e84cde65721369a85362dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.badoo.com/index.html?message_id=767155&consentUUID=null&requestUUID=91f11007-3056-48dc-bb76-1ea607557cf9&preload_message=true&hasCsp=true&version=v1&consentLanguage=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 07:48:37 GMT
content-encoding
gzip
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 17:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
3380
x-amz-server-side-encryption
AES256
etag
W/"93ded739e3803e21694d7a33dfe765e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
HxA4RADfVEANSrd5hvJpIyIZsFmbrXb7wYWcVr3lI4G3kBxalWMyHQ==
sdk.js
connect.facebook.net/de_DE/ 		301 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/sdk.js?hash=da433aced7c469cf1d9e0ffffa4bc322
Requested by
Host: eu1.badoocdn.com
URL: https://eu1.badoocdn.com/facebook_sdk/fbc418de/de_DE/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a568c417849a9b180bb9e252915eaa6a6849f4e4a75af2d5deea5611019c4075
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://badoo.com/
Origin
https://badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 13 Mar 2023 08:44:57 GMT
content-md5
npR98EnSPusOAlNetBsXzw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87172
x-fb-rlafr
0
x-fb-debug
SsMk6m/XFv6ufWT5DB0Zk+h72ayHMgiRVace/EUSmk+k44Tbbn0Zrk2O4yplFgBBTKOBn2aP3MMHNBSo0uurmg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
x-fb-content-md5
1895976e50886dc1aa525853ec7c5300
cross-origin-opener-policy
same-origin-allow-popups
etag
"0241faff17979141fb11eef0c2a66e59"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 12 Mar 2024 07:45:03 GMT
de.f9c759b609095a6b4a4d.js
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/localization/ 		285 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/localization/de.f9c759b609095a6b4a4d.js
Requested by
Host: eu1.badoocdn.com
URL: https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-lite.e6bbb2bd2da596267c92.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
85874f2748b235fa2264248f0a6ae990f05ff8b2a4c8388a9938108d6f9680af
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://badoo.com/
Origin
https://badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
52091
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 15:36:12 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
access-control-max-age
3600, 3600
content-type
application/x-javascript
x-frame-options
deny
access-control-allow-origin
https://badoo.com
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-credentials
true
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
css2
fonts.googleapis.com/ Frame 8411 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d27c8ab7e8071771e28d1ee6bc3cf0fb9845b7f38e22a7e1b08cbd6669900a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 08:20:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Mar 2023 08:44:57 GMT
categories
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame 8411 		990 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=22304&consentLanguage=de
Requested by
Host: consent.badoo.com
URL: https://consent.badoo.com/Notice.3712f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-49.fra60.r.cloudfront.net
Software
/
Resource Hash
bad53b414eb46b05ee21dc1401bc8fe736f26d4659f65ed803607b53f2085993
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 07:56:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
2901
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=0, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
990
x-amz-cf-id
cjV6CxeNxeLSjFZDBSpLyB6aa3apvn42h6h1RFDfWB4QNjBw5GwdiQ==
logo.svg
badoo.com/static/badoo/images/ Frame 8411 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://badoo.com/static/badoo/images/logo.svg
Requested by
Host: consent.badoo.com
URL: https://consent.badoo.com/index.html?message_id=767155&consentUUID=null&requestUUID=91f11007-3056-48dc-bb76-1ea607557cf9&preload_message=true&hasCsp=true&version=v1&consentLanguage=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.222.67.112 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
2ae6a2e0e10943f68465282aa36bcce5b97b8ae3601e80c3d8b290dfb658ec71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 08:44:57 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 24 Nov 2020 11:04:19 GMT
Server
nginx
Content-Encoding
gzip
ETag
W/"5fbce8b3-857"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Connection
keep-alive
Keep-Alive
timeout=60
webapi.phtml
badoo.com/ 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://badoo.com/webapi.phtml?SERVER_APP_STARTUP
Requested by
Host: eu1.badoocdn.com
URL: https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/7335.471d216fefbe8781c2ad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.222.67.112 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
8bebbeb5f90677c219f90cc1f125b2576a8b05a014dcf21fb349e5a5b42aac0c

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
X-Pingback
0fd8954b7b4867e8c01574045c1afd5d
X-Use-Session-Cookie
1
Content-Type
application/json
Referer
https://badoo.com/
X-Message-type
2
X-User-id

Response headers

Date
Mon, 13 Mar 2023 08:44:57 GMT
Content-Encoding
gzip
Server
nginx
X-BMA-Server
wwwbma282
Transfer-Encoding
chunked
Content-Type
application/json
Connection
keep-alive
X-Static-Version
28334
Keep-Alive
timeout=60
X-Mapi-Endpoint
webapi
X-User-id
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=107433747809&input_token&origin=1&redirect_uri=https%3A%2F%2Fbadoo.com%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=da433aced7c469cf1d9e0ffffa4bc322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Mon, 13 Mar 2023 08:44:57 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
FPpGlHPHmAvt4s4cdIz8fVCIK//j1rKCjmGqGG/L7wCQY1Ao6Usb1O1lQqWQaspozXqiyY2jEpFQJvHfXnQcVg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://badoo.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ Frame 8411 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://consent.badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 09:17:36 GMT
x-content-type-options
nosniff
age
343641
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 09:17:36 GMT
icons.cf518cb11dac1fbdfa75.svg
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/assets/images/ui/ 		192 KB
58 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/assets/images/ui/icons.cf518cb11dac1fbdfa75.svg?
Requested by
Host: eu1.badoocdn.com
URL: https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-lite.e6bbb2bd2da596267c92.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
eff948b13cb9eedae9387ffc24b933e66ad39a4ac7fb7daff83fe052c4d74708
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; preload
content-length
58365
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 13:58:16 GMT
server
nginx
x-pr-bypass
images_proxy
vary
Accept-Encoding
access-control-max-age
3600, 3600
content-type
image/svg+xml
x-frame-options
deny
access-control-allow-origin
https://badoo.com
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-credentials
true
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
noi-grotesk-badoo-semibold.f81e568fa9d4a96c5960.woff2
eu1.badoocdn.com/i/v2/-/-/js/hon_v3/assets/fonts/ 		80 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/assets/fonts/noi-grotesk-badoo-semibold.f81e568fa9d4a96c5960.woff2
Requested by
Host: badoo.com
URL: https://badoo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
236618e1d3ac6b0887e809e30a99eb7ca004040e1d5498eb1fe6966210a112e1
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://badoo.com/
Origin
https://badoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
content-length
81760
x-xss-protection
0
last-modified
Sun, 08 Jan 2023 10:43:40 GMT
server
nginx
x-pr-bypass
images_proxy
access-control-max-age
3600, 3600
x-frame-options
deny
content-type
application/octet-stream
access-control-allow-origin
https://badoo.com
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-expose-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://badoo.com
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Cache-Control, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
expires
Tue, 12 Mar 2024 08:44:57 GMT
js
www.googletagmanager.com/gtag/ 		131 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-380862078&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRVTQM9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
795aa77cec22eb814d9c5a8b9a2157705a1b02278b01c6101e2fd219ca992a17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51681
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Mar 2023 08:44:57 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/380862078/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/380862078/?random=1678697097640&cv=11&fst=1678697097640&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fbadoo.com%2F&tiba=Beste%20kostenlose%20App%20und%20Website%20f%C3%BCr%20Online-Dating%20%E2%80%93%20Freunde%2C%20chatten%2C%20flirten%20%7C%20Badoo&us_privacy=1---&auid=546461470.1678697097&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-380862078&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca851d4f58569e32e1c886bcf544f69b50d299c2b41b3b5fe93e193d11237c85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Mar 2023 08:44:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1271
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/380862078/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/380862078/?random=1678697097640&cv=11&fst=1678694400000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fbadoo.com%2F&tiba=Beste%20kostenlose%20App%20und%20Website%20f%C3%BCr%20Online-Dating%20%E2%80%93%20Freunde%2C%20chatten%2C%20flirten%20%7C%20Badoo&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3115050382&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Mar 2023 08:44:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/380862078/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/380862078/?random=1678697097640&cv=11&fst=1678694400000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fbadoo.com%2F&tiba=Beste%20kostenlose%20App%20und%20Website%20f%C3%BCr%20Online-Dating%20%E2%80%93%20Freunde%2C%20chatten%2C%20flirten%20%7C%20Badoo&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3115050382&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://badoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Mar 2023 08:44:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotpanel.phtml
eu1.badoo.com/hotpanel/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://eu1.badoo.com/hotpanel/hotpanel.phtml?version=2.0
Requested by
Host: badoo.com
URL: https://badoo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.222.67.112 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://badoo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
hotpanel.phtml
eu1.badoo.com/hotpanel/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://eu1.badoo.com/hotpanel/hotpanel.phtml?version=2.0
Requested by
Host: eu1.badoocdn.com
URL: https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-lite.e6bbb2bd2da596267c92.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.222.67.112 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://badoo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
hotpanel.phtml
eu1.badoo.com/hotpanel/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://eu1.badoo.com/hotpanel/hotpanel.phtml?version=2.0
Requested by
Host: eu1.badoocdn.com
URL: https://eu1.badoocdn.com/i/v2/-/-/js/hon_v3/bundles/base-lite.e6bbb2bd2da596267c92.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.222.67.112 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://badoo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| $s object| dataLayer function| _typeof function| __tcfapi function| __uspapi function| getParameterByName string| lang object| cookieLanguage object| cookieProperty object| _sp_queue object| _sp_ object| $vars boolean| DEBUG function| $class function| $super function| $config function| $clone function| __$sendTestError object| google_tag_manager object| google_tag_data object| _sp_wp_jsonp object| webpackChunk_badoo_dw_badoo_site object| B object| __$messageBusReferenceHack object| __$overlayReferenceHack undefined| fbAsyncInit object| FB object| __buffer object| GooglebQhCsO

11 Cookies

Domain/Path Name / Value
.badoo.com/ Name: session_cookie_name
Value: session
.badoo.com/ Name: device_id
Value: 37fcfad4-fad4-d441-4113-1343aaa718d2
.badoo.com/ Name: _gcl_au
Value: 1.1.546461470.1678697097
.badoo.com/ Name: dnsDisplayed
Value: undefined
.badoo.com/ Name: ccpaApplies
Value: false
.badoo.com/ Name: signedLspa
Value: undefined
.badoo.com/ Name: _sp_su
Value: false
.badoo.com/ Name: first_web_visit_id
Value: 1a45a8c3b82c34b602ddf62c4b1c3ac17cf19ca8
.badoo.com/ Name: HDR-X-User-id
Value:
.badoo.com/ Name: session
Value: s1:9999:xXk0CubB4GxqmI8oGu3zckBDMRaGcEMNPCGnGgaq
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' badoocdn.com *.badoocdn.com eu1.badoocdn.com; connect-src 'self' badoo.com eu1.badoo.com us1.badoo.com am1.badoo.com gew3.badoo.com fr1.badoo.com badoocdn.com *.badoocdn.com eu1.badoocdn.com *.api.here.com *.paypal.com *.googlesyndication.com *.gstatic.com api.giphy.com api.tenor.com g.tenor.com *.doubleclick.net *.mapbox.com https://www.facebook.com wss://badoocdn.com:* wss://*.badoocdn.com:* *.google.de wss://badoocdn.com:* wss://*.badoocdn.com:* https://consent.badoo.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.googletagmanager.com https://*.analytics.google.com https://*.google.com https://www.facebook.com https://adservice.google.com/tt/r https://cdn.ampproject.org https://essentialaccessibility.com https://analytics.google.com; script-src 'self' 'strict-dynamic' 'unsafe-inline' 'nonce-n0Sny5a5N7tuo1O/wE7EqlkkU2s=' 'report-sample' badoocdn.com *.badoocdn.com eu1.badoocdn.com *.googleapis.com *.gstatic.com *.google.com vk.com *.vk.me cdn.syndication.twitter.com *.facebook.net *.facebook.com *.paypal.com www.paypalobjects.com *.youtube.com *.ytimg.com *.google-analytics.com *.googletagmanager.com *.api.here.com *.instagram.com *.digicert.com *.googlesyndication.com *.googleadservices.com adservice.google.com adservice.google.de https://cdn.ampproject.org https://consent.badoo.com https://essentialaccessibility.com *.googlesyndication.com *.googletagservices.com *.googleadservices.com *.doubleclick.net *.googlesyndication.com *.ampproject.org *.amazon-adsystem.com adservice.google.com; style-src 'self' 'unsafe-inline' badoocdn.com *.badoocdn.com eu1.badoocdn.com vk.com *.vk.me *.googleapis.com; font-src 'self' data: badoocdn.com *.badoocdn.com eu1.badoocdn.com fonts.googleapis.com fonts.gstatic.com; prefetch-src 'self' badoocdn.com *.badoocdn.com eu1.badoocdn.com *.googlesyndication.com *.googletagservices.com *.googleadservices.com *.doubleclick.net *.googlesyndication.com *.ampproject.org *.amazon-adsystem.com adservice.google.com adservice.google.de; img-src * data: blob:; child-src 'self' blob:; worker-src 'self' blob:; media-src * data: blob:; object-src 'self' badoocdn.com *.badoocdn.com eu1.badoocdn.com; base-uri 'self'; form-action 'self' *; frame-src * bds: bdp:; frame-ancestors 'self' apps.facebook.com; upgrade-insecure-requests; report-uri /jss/csp_report.phtml?token=badoo_web&release=28334&env=production
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.0-okta-network-gateway-prod-malaysia-manage.55.blendr.com
badoo.com
cdn.privacy-mgmt.com
connect.facebook.net
consent.badoo.com
eu1.badoo.com
eu1.badoocdn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
18.66.147.49
18.66.97.72
2a00:1450:4001:802::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2008
2a00:1450:4001:813::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
31.222.66.68
31.222.67.112
31.222.67.115
03b4f49eff90493b9787662b7aa004a1a1af19f210a38179c31ddaf4b00fa6c4
10d7df3af837244603c9fb9b8052934d2dd02eec3e9c1962db8a0fdbd972749e
1ad2a78c0196eafe470944a9b28f5274ff667506b81b0f8f81b08684cedc00b6
1b6ef2a2ff5a4d970620e02b429548dfb6acbf6e63a7ef4065502251d8433f00
1c4a8a2c121b5af7cadeac80918e6c5691a6e4748830eb854e03173e40f76466
236618e1d3ac6b0887e809e30a99eb7ca004040e1d5498eb1fe6966210a112e1
25f5c0708db6be3e0e4872d2f3c385d368cfd34ecd703ddb11f725fdc5294e7e
2ae6a2e0e10943f68465282aa36bcce5b97b8ae3601e80c3d8b290dfb658ec71
2eb49a8f20848e1628efa23797cf725b92ad3318549c42850cd02bb3283ea702
380325ef49d226d5fbfaf6716e366635ef4f3fff321f0b4130f202e92efec0e1
3a5c006e43cef72a54f0a1e35ef86a10323eb99493791be543a1be1c8043ce19
3affa3c14decd26f591fcf4c1d49d69dd937577dc0b6a25e032d8de778bd14e4
3b8b34602841b9eb4b6a689f421349043fe203854856c425c9939e3eea1fbb72
3da2397b76f8a427acf8059f5732d7b8c15233bb5b3a6c4db257e35add68a58a
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4bd12e30c80ebaa26b56c4b2d9c16dc9b4f533a10b27271568c774c718644478
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
5724f12b176be560b62c3b240fad10b2ed2a9e27c5e3e9ab43af4e8ba410055c
684ade3b1d9bd1431b6b49ccf59001617d71ee4c3635cc52dc1ee6796902d941
795aa77cec22eb814d9c5a8b9a2157705a1b02278b01c6101e2fd219ca992a17
7c7421effb0bd6508fb5076dd8cc98ba214a66b16108260e4cb5073df5677543
7d27c8ab7e8071771e28d1ee6bc3cf0fb9845b7f38e22a7e1b08cbd6669900a4
85874f2748b235fa2264248f0a6ae990f05ff8b2a4c8388a9938108d6f9680af
8bebbeb5f90677c219f90cc1f125b2576a8b05a014dcf21fb349e5a5b42aac0c
95c8f52a949dcf05351ea22549f17802eff846e85f9c82f1a838b006f5501117
9e2360d72af33171979fe6a8e790d2e63d862300f9d4b8d30042d150efa20389
a568c417849a9b180bb9e252915eaa6a6849f4e4a75af2d5deea5611019c4075
aa64d47cb7d3ee62e1255ce9837c344ecf1fb4a67dc44fb5a1049d993697dfc8
b2de9c1bb08d62dca10cf39b7770655f1f59dfb547411a861dfaff0e2679e9cd
b3ec9581c0a8573a4947d855dc49310062f60c0e91924b3e33d6743c65c36d5d
bad53b414eb46b05ee21dc1401bc8fe736f26d4659f65ed803607b53f2085993
c06ee155247dd2b66c9029c23be072ddaec408ac64ec21fc1a13cfc3e9304652
c61dec9cc8bc606f13d7317fe23c3cee5c0471d1d793f6deec351575e3ffbd75
ca851d4f58569e32e1c886bcf544f69b50d299c2b41b3b5fe93e193d11237c85
d30bcae62a388a5ff91f67bb2a1578329fc5a41dbcd92de9a33bad84b5d01bef
d62c7a3ea2997004c75af041852eb8d0d5068a18c43dc3d1dac7937229f854f4
db8530554973c40d361aaebd46414d48d93797983fc401d17e31b34b71c969b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c2b200550ff5b1c078b2eb9cb177145904a01b23e84cde65721369a85362dc
e92bdea05277650c0c84dd02ca04437be0d360bcae29919cbbf7b1cf699c1a1b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff948b13cb9eedae9387ffc24b933e66ad39a4ac7fb7daff83fe052c4d74708