urlscan.io logo urlscan.io
SecurityTrails logo

bellesaplus.co Open in urlscan Pro
2606:4700:4400::6812:2465  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bellesaplus.co/
Effective URL: https://bellesaplus.co/login
Submission: On December 18 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 39 HTTP transactions. The main IP is 2606:4700:4400::6812:2465, located in United States and belongs to CLOUDFLARENET, US. The main domain is bellesaplus.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 9th 2023. Valid for: a year.
This is the only time bellesaplus.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    2606:4700:4400::6812:2465 (United States)

ASN13335 (CLOUDFLARENET, US)
bellesaplus.co
1    2a04:4e42:800::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
4    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:1::6813:8e6e (United States)

ASN13335 (CLOUDFLARENET, US)
c.bellesa.co
3    2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
5    2606:4700::6812:135f (United States)

ASN13335 (CLOUDFLARENET, US)
config.gorgias.chat
assets.gorgias.chat
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.222.206.178 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-178.fra56.r.cloudfront.net
cdn.amplitude.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
13 bellesaplus.co
bellesaplus.co
577 KB
5 gorgias.chat
config.gorgias.chat — Cisco Umbrella Rank: 7936
assets.gorgias.chat — Cisco Umbrella Rank: 12669
320 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
245 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5770
12 KB
2 gstatic.com
fonts.gstatic.com
92 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6765
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
395 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
652 B
2 bellesa.co
c.bellesa.co — Cisco Umbrella Rank: 527332
152 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2546
18 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 2069
51 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1345
616 B
39 14
Domain Requested by
13 bellesaplus.co 1 redirects bellesaplus.co
4 www.googletagmanager.com bellesaplus.co
www.googleoptimize.com
www.googletagmanager.com
3 config.gorgias.chat bellesaplus.co
config.gorgias.chat
3 challenges.cloudflare.com 1 redirects bellesaplus.co
challenges.cloudflare.com
2 fonts.gstatic.com fonts.googleapis.com
2 assets.gorgias.chat config.gorgias.chat
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.de bellesaplus.co
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 c.bellesa.co bellesaplus.co
1 www.google.com bellesaplus.co
1 fonts.googleapis.com client
1 cdn.amplitude.com bellesaplus.co
1 region1.analytics.google.com www.googletagmanager.com
1 www.googleoptimize.com bellesaplus.co
1 polyfill.io bellesaplus.co
39 16

This site contains links to these domains. Also see Links.

Domain
www.bboutique.co
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-09 -
2024-08-08		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2023-12-02 -
2024-01-01		 a month crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
gorgias.chat
E1		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cdn.amplitude.com
Amazon RSA 2048 M02		 2023-12-14 -
2025-01-12		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://bellesaplus.co/login
Frame ID: 6AB52C3F82D7B71BFA322DDF228991A5
Requests: 36 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tn9ii/0x4AAAAAAAEEFMS0Qn-MrSpV/light/normal
Frame ID: 25D3803E8FDE45CC4C821006CC46D68F
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Frame ID: 77E8FFD182C4E2D1424C6A23FAABEF49
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bellesa Plus

Page URL History Show full URLs

  1. https://bellesaplus.co/ HTTP 302
    https://bellesaplus.co/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

39
Requests

97 %
HTTPS

93 %
IPv6

14
Domains

16
Subdomains

16
IPs

3
Countries

1490 kB
Transfer

2990 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bellesaplus.co/ HTTP 302
    https://bellesaplus.co/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/74bd6362/api.js?render=explicit

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
bellesaplus.co/
Redirect Chain
  • https://bellesaplus.co/
  • https://bellesaplus.co/login
44 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bellesaplus.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf6651ddf4a3f904a132e4a3c0ab3a797ebfc146ad73a24532162605ee388c81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83792622db36371c-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 17:33:06 GMT
expect-ct
max-age=86400
permissions-policy
geolocation=(), microphone=(), camera=()
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-session-validation
valid
x-xss-protection
1

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8379261fcea4371c-FRA
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 17:33:06 GMT
expect-ct
max-age=86400
location
/login
permissions-policy
geolocation=(), microphone=(), camera=()
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-session-validation
valid
x-xss-protection
1
main.8933bae7e89a46bb85d0.min.css
bellesaplus.co/dist_plus/ 		764 B
423 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bellesaplus.co/dist_plus/main.8933bae7e89a46bb85d0.min.css
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f247afe16e640819ed39f5a20627826f9b2e7bd07414f018bb6522f4f48ee485
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Mon, 18 Dec 2023 17:33:06 GMT
strict-transport-security
max-age=15552000
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Dec 2023 16:05:46 GMT
server
cloudflare
etag
W/"656df8da-2fc"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
83792623fdb82c75-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Dec 2023 21:33:06 GMT
polyfill.min.js
polyfill.io/v3/ 		104 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es2015,es2016,es2017,es2018,IntersectionObserver,fetch,performance.now,Object.entries
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bellesaplus.co/
Origin
https://bellesaplus.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 18 Dec 2023 17:33:06 GMT
age
60739
detected-user-agent
Chrome Mobile/120.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/120.0.0
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
optimize.js
www.googleoptimize.com/ 		135 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-WH4N5VX
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e736b807a10318525aa187bac1671bf7898ff7293de3a7cdace8dcf7b5a060cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:33:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51940
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Dec 2023 17:33:06 GMT
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2D88P9D6ZE
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
33d94a773f58eccaabf654e3c1f4850a01e8e0254f8e61306cc256e49111080b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:33:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93022
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Dec 2023 17:33:07 GMT
vendors.8933bae7e89a46bb85d0.min.js
bellesaplus.co/dist_plus/ 		403 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bellesaplus.co/dist_plus/vendors.8933bae7e89a46bb85d0.min.js
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da05077815a559b6a7ffe9fe4be36e7a1caf9b323f80a5d4d540ff6daeb9ba62
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Mon, 18 Dec 2023 17:33:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Dec 2023 16:05:46 GMT
server
cloudflare
strict-transport-security
max-age=15552000
etag
W/"656df8da-64b9c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
837926240dbf2c75-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Dec 2023 21:33:06 GMT
main.8933bae7e89a46bb85d0.min.js
bellesaplus.co/dist_plus/ 		263 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bellesaplus.co/dist_plus/main.8933bae7e89a46bb85d0.min.js
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
630a491ff4fa5c454a1732246b76e4634d915bcf2728b53506ed06ddf573598f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Mon, 18 Dec 2023 17:33:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Dec 2023 16:05:46 GMT
server
cloudflare
strict-transport-security
max-age=15552000
etag
W/"656df8da-41bbd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
837926240dc12c75-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Dec 2023 21:33:07 GMT
vendors~pages-Account-pages-Account~pages-Account-pages-CancelMembership~pages-Account-pages-Favorit~cd49b2a0.8933bae7e89a46bb85d0.min.js
bellesaplus.co/dist_plus/ 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bellesaplus.co/dist_plus/vendors~pages-Account-pages-Account~pages-Account-pages-CancelMembership~pages-Account-pages-Favorit~cd49b2a0.8933bae7e89a46bb85d0.min.js
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d11bfadb11cc3c2be77cdacc6da6a5ad96ea228af5fad03f721e5775fc139b8e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Mon, 18 Dec 2023 17:33:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Dec 2023 16:05:46 GMT
server
cloudflare
strict-transport-security
max-age=15552000
etag
W/"656df8da-13600"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
837926240dc32c75-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Dec 2023 21:33:06 GMT
pages-Account-pages-Account~pages-Account-pages-CancelMembership~pages-Account-pages-Favorites~pages~f4245c95.8933bae7e89a46bb85d0.min.js
bellesaplus.co/dist_plus/ 		101 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bellesaplus.co/dist_plus/pages-Account-pages-Account~pages-Account-pages-CancelMembership~pages-Account-pages-Favorites~pages~f4245c95.8933bae7e89a46bb85d0.min.js
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcc6d15f3f553a97e234b3c32dd7ec0738892d242b93c0ac9f720f7f6c6d8e61
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Mon, 18 Dec 2023 17:33:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Dec 2023 16:05:46 GMT
server
cloudflare
strict-transport-security
max-age=15552000
etag
W/"656df8da-19215"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
837926240dc52c75-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Dec 2023 21:33:06 GMT
pages-Login.8933bae7e89a46bb85d0.min.js
bellesaplus.co/dist_plus/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bellesaplus.co/dist_plus/pages-Login.8933bae7e89a46bb85d0.min.js
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ab449162b00b1c33238d35370f1b384a9f77c0a09e8d42fcd2cdace4a4968c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Mon, 18 Dec 2023 17:33:06 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Mon, 04 Dec 2023 16:05:46 GMT
server
cloudflare
strict-transport-security
max-age=15552000
etag
W/"656df8da-e266"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
837926240dc72c75-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Dec 2023 21:33:06 GMT
bellesa-plus-logo.svg
c.bellesa.co/dkvdbifey/image/upload/v1599752495/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bellesa.co/dkvdbifey/image/upload/v1599752495/bellesa-plus-logo.svg
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:8e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90e49315cd772fb735a3f014bdb2f5c7dca9db0c265353fce4f05e405563acaf
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 17:33:06 GMT
Strict-Transport-Security
max-age=0
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Content-Encoding
br
Age
557819
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Thu, 10 Sep 2020 15:41:44 GMT
Server
cloudflare
ETag
W/"5f5a4938-2a10"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=957690
CF-RAY
83792624cea7c301-VIE
Expires
Fri, 29 Dec 2023 19:34:36 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2D88P9D6ZE&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-WH4N5VX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ef197e753b84f7c4a382c12039610ff3e67bbb1d948d76ead9901467b00a8e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:33:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91943
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Dec 2023 17:33:07 GMT
login.jpg
c.bellesa.co/dkvdbifey/image/upload/v1605736667/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bellesa.co/dkvdbifey/image/upload/v1605736667/login.jpg
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:8e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd035b384132f8d4ea33d6ee1b1d6d3d47122d5a0c4eb7195babd83b926e35b9
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 17:33:07 GMT
Strict-Transport-Security
max-age=0
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Age
89609
Connection
keep-alive
Content-Length
150050
Cf-Bgj
h2pri
Last-Modified
Thu, 19 Aug 2021 12:54:35 GMT
Server
cloudflare
ETag
"611e548b-24a22"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2331162
Accept-Ranges
bytes
CF-RAY
8379262729fcc301-VIE
Expires
Sun, 14 Jan 2024 17:05:49 GMT
truncated
/ 		168 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8324c49da17c4ebc605c080edd3052bd67125f16e1c72a86621b3a55958b31d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
Gilroy-Bold.woff
bellesaplus.co/assets/font/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bellesaplus.co/assets/font/Gilroy-Bold.woff
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/dist_plus/main.8933bae7e89a46bb85d0.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
487feff9b96f49228218302f5bc485e4cd0e5d5a42e7b0e364dde936f1f12e9b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://bellesaplus.co/dist_plus/main.8933bae7e89a46bb85d0.min.css
Origin
https://bellesaplus.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Mon, 18 Dec 2023 17:33:07 GMT
strict-transport-security
max-age=15552000
cf-cache-status
HIT
last-modified
Sun, 29 Nov 2020 18:44:46 GMT
server
cloudflare
etag
"5fc3ec1e-fa70"
vary
Accept-Encoding
content-type
font/woff
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
837926272a462c75-FRA
alt-svc
h3=":443"; ma=86400
content-length
64112
expires
Mon, 18 Dec 2023 21:33:07 GMT
Gilroy-Medium.woff
bellesaplus.co/assets/font/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bellesaplus.co/assets/font/Gilroy-Medium.woff
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/dist_plus/main.8933bae7e89a46bb85d0.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6193c0f41bdb0b100d1a1ecef3baee8b1c730ae61d3fc8e516644a0dd1393725
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://bellesaplus.co/dist_plus/main.8933bae7e89a46bb85d0.min.css
Origin
https://bellesaplus.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Mon, 18 Dec 2023 17:33:07 GMT
strict-transport-security
max-age=15552000
cf-cache-status
HIT
last-modified
Sun, 29 Nov 2020 18:44:46 GMT
server
cloudflare
etag
"5fc3ec1e-10344"
vary
Accept-Encoding
content-type
font/woff
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
837926272a4b2c75-FRA
alt-svc
h3=":443"; ma=86400
content-length
66372
expires
Mon, 18 Dec 2023 21:33:07 GMT
Gilroy-Regular.woff
bellesaplus.co/assets/font/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bellesaplus.co/assets/font/Gilroy-Regular.woff
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/dist_plus/main.8933bae7e89a46bb85d0.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
727220690711f7479cf71e6ede979f4c03d2ae0bc046d4e9755f939020a47173
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://bellesaplus.co/dist_plus/main.8933bae7e89a46bb85d0.min.css
Origin
https://bellesaplus.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Mon, 18 Dec 2023 17:33:07 GMT
strict-transport-security
max-age=15552000
cf-cache-status
HIT
last-modified
Sun, 29 Nov 2020 18:44:46 GMT
server
cloudflare
etag
"5fc3ec1e-fc5c"
vary
Accept-Encoding
content-type
font/woff
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
837926272a4c2c75-FRA
alt-svc
h3=":443"; ma=86400
content-length
64604
expires
Mon, 18 Dec 2023 21:33:07 GMT
Gilroy-Light.woff
bellesaplus.co/assets/font/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bellesaplus.co/assets/font/Gilroy-Light.woff
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/dist_plus/main.8933bae7e89a46bb85d0.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a99bcea89c2c927bd8f61d2d792c22bfe1ec1c284c606beea6476ee44950c8bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://bellesaplus.co/dist_plus/main.8933bae7e89a46bb85d0.min.css
Origin
https://bellesaplus.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Mon, 18 Dec 2023 17:33:07 GMT
strict-transport-security
max-age=15552000
cf-cache-status
HIT
last-modified
Sun, 29 Nov 2020 18:44:46 GMT
server
cloudflare
etag
"5fc3ec1e-10150"
vary
Accept-Encoding
content-type
font/woff
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
837926272a622c75-FRA
alt-svc
h3=":443"; ma=86400
content-length
65872
expires
Mon, 18 Dec 2023 21:33:07 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/74bd6362/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/g/74bd6362/api.js?render=explicit
34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/74bd6362/api.js?render=explicit
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
H2
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd9ac3177195b3d9537e0cf71222057ec70de67715715b570a80287ba78c8d3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:33:07 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
837926291d409152-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 18 Dec 2023 17:33:07 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/g/74bd6362/api.js?render=explicit
cache-control
max-age=300, public
cf-ray
83792628cca39152-FRA
alt-svc
h3=":443"; ma=86400
gorgias-chat-bundle-loader.js
config.gorgias.chat/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config.gorgias.chat/gorgias-chat-bundle-loader.js?applicationId=3800
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/dist_plus/main.8933bae7e89a46bb85d0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:135f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d284f2f6f534f74e12395c27c6480c539df7daeed9d6751aa652458e99ca6b
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:33:07 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 google
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
age
2432
x-dns-prefetch-control
off
content-encoding
br
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
etag
W/"81f-kg09dCzCmVpzohMtA2tTn/3SAmo"
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding
cf-ray
83792628ca7530c6-FRA
notifications
bellesaplus.co/api/rest/v1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bellesaplus.co/api/rest/v1/notifications?filter[source]=plus&order[plus_order]=ASC
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/dist_plus/vendors.8933bae7e89a46bb85d0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a171b1f2c0f9404008223e98f728d963b9da2757a474b1ae3f4cf96e2edbbc0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
application/json, text/plain, */*
Referer
https://bellesaplus.co/login
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:33:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-bellesa-cache
hit
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"81e-/fFmHJOMVMulwTfDOq7NH5cOyP0"
expect-ct
max-age=86400
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
permissions-policy
geolocation=(), microphone=(), camera=()
x-session-validation
valid
cf-ray
837926287c4f2c75-FRA
gorgias-chat-bundle.js
config.gorgias.chat/ 		532 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config.gorgias.chat/gorgias-chat-bundle.js?rev=552a47e8&applicationId=3800
Requested by
Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle-loader.js?applicationId=3800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:135f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2717980f48ed38e3fd94ce74a9e459172bc3fa2ad776db9aad0688266ac75112
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:33:07 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 google
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
age
2431
x-dns-prefetch-control
off
content-encoding
br
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
etag
W/"851df-1oh+NN4RJL3AyxLMZg3ADrQ1Bxc"
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Accept-Encoding
cf-ray
837926292b0130c6-FRA
js
www.googletagmanager.com/gtag/ 		174 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-74691049-4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2D88P9D6ZE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
754bc2c41c017fadfd74ffe446e63412129f26cab14f267977ab0d7cfa618379
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:33:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64867
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Dec 2023 17:33:07 GMT
collect
region1.analytics.google.com/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-2D88P9D6ZE&gtm=45je3bt0v879732830&_p=1702920787430&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1086874926.1702920787&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702920787&sct=1&seg=0&dl=https%3A%2F%2Fbellesaplus.co%2Flogin&dt=Bellesa%20Plus&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1689
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2D88P9D6ZE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 17:33:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bellesaplus.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2D88P9D6ZE&cid=1086874926.1702920787&gtm=45je3bt0v879732830&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2D88P9D6ZE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 17:33:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bellesaplus.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2D88P9D6ZE&cid=1086874926.1702920787&gtm=45je3bt0v879732830&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=967501516
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 17:33:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74691049-4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 18 Dec 2023 15:48:14 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6293
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 18 Dec 2023 17:48:14 GMT
998.b5ad0dc8e327ca5a.js
assets.gorgias.chat/build/static/js/ 		0
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.gorgias.chat/build/static/js/998.b5ad0dc8e327ca5a.js
Requested by
Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=552a47e8&applicationId=3800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:135f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:33:07 GMT
content-encoding
br
cf-cache-status
HIT
age
1067982
x-guploader-uploadid
ABPtcPpIHBaoEQFE4uROJY_Vfrwz7oNA_ggC8NrcYBQwtWhcAcpiSFXoyFhTMp0n0MZF8Ii4cbwFqctZp-e_G2M23cN1uw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
last-modified
Wed, 06 Dec 2023 08:36:56 GMT
server
cloudflare
etag
W/"3f810089ffaa5a6acf0226b7eec7c180"
vary
Accept-Encoding
x-goog-generation
1701851816097436
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=yHWi+w==, md5=P4EAif+qWmrPAia37sfBgA==
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-goog-stored-content-length
15963
cf-ray
8379262a5c8130c6-FRA
expires
Thu, 05 Dec 2024 08:42:46 GMT
gcmw.3b7cf39dab1d85b1.js
assets.gorgias.chat/build/static/js/ 		0
134 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.gorgias.chat/build/static/js/gcmw.3b7cf39dab1d85b1.js
Requested by
Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=552a47e8&applicationId=3800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:135f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:33:07 GMT
content-encoding
br
cf-cache-status
HIT
age
269590
x-guploader-uploadid
ABPtcPqPML4dbeQgTmGbIVeyUl_OJX-eMpYHDhRqLG2nGhfIM4y1hgpZkGQ6QRraz54NPykWlAexQv8zK3kgFM9xYE4cKw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
last-modified
Fri, 15 Dec 2023 14:22:22 GMT
server
cloudflare
etag
W/"604f2162bd6ff273f5788d0ea2005726"
vary
Accept-Encoding
x-goog-generation
1702650142930640
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=KL7dGA==, md5=YE8hYr1v8nP1eI0OogBXJg==
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-goog-stored-content-length
143113
cf-ray
8379262a5c7c30c6-FRA
expires
Sat, 14 Dec 2024 14:29:20 GMT
analytics-browser-0.4.1-min.js.gz
cdn.amplitude.com/libs/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/analytics-browser-0.4.1-min.js.gz
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-178.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d3b81d7cf7f951d87a3f2c4939b1c8e335e68f27818ff64ad77ded066766d3

Request headers

Referer
https://bellesaplus.co/
Origin
https://bellesaplus.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 21:20:52 GMT
content-encoding
gzip
via
1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
x-amz-version-id
3tiMn1yxqbLQOcjMnW8jUlpmbLeU2Kej
x-amz-cf-pop
FRA56-P3
age
4306336
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17692
last-modified
Tue, 17 May 2022 16:56:10 GMT
server
AmazonS3
etag
"8bd714eb9b159a7745c3f9359d646ba4"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
7-QSHpks5i9zFj69y6ApXhs3Nhbv6g0692nksSFBoobswosyvmrkwA==
agents
config.gorgias.chat/applications/3800/ 		544 B
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.gorgias.chat/applications/3800/agents
Requested by
Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=552a47e8&applicationId=3800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:135f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f4f026a211936d5946ae09c161dede007d328a58fa6de69a51b8ecb1d70aeb
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:33:07 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 google
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
age
3347
x-dns-prefetch-control
off
content-encoding
br
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
etag
W/"220-egGHHcpEb+LI9g4S73DIVlA79pY"
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
vary
Accept-Encoding
cf-ray
8379262bcf9535e1-FRA
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tn9ii/0x4AAAAAAAEEFMS0Qn-MrSpV/light/ Frame 25D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tn9ii/0x4AAAAAAAEEFMS0Qn-MrSpV/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Referer
https://bellesaplus.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8379262b3f4e65bc-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 17:33:07 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1317671650&t=pageview&_s=1&dl=https%3A%2F%2Fbellesaplus.co%2Flogin&ul=en-us&de=UTF-8&dt=Bellesa%20Plus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2049175596&gjid=1998272902&cid=1086874926.1702920787&tid=UA-74691049-4&_gid=714232779.1702920788&_r=1&gtm=457e3bt0z8879732830&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=231762561
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bellesaplus.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 17:33:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bellesaplus.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 77E8 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5a263756e794d5ad9a686025bb4174bd55dbbca9635748b247a8a527e89354c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Dec 2023 17:33:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 15:53:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Dec 2023 17:33:07 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-74691049-4&cid=1086874926.1702920787&jid=2049175596&gjid=1998272902&_gid=714232779.1702920788&_u=YADAAUAAAAAAACAAI~&z=491969825
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bellesaplus.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 18 Dec 2023 17:33:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bellesaplus.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame 77E8 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bellesaplus.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:53:58 GMT
x-content-type-options
nosniff
age
549550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:53:58 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame 77E8 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bellesaplus.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:53:58 GMT
x-content-type-options
nosniff
age
549550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:53:58 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-74691049-4&cid=1086874926.1702920787&jid=2049175596&_u=YADAAUAAAAAAACAAI~&z=2130827306
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 17:33:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-74691049-4&cid=1086874926.1702920787&jid=2049175596&_u=YADAAUAAAAAAACAAI~&z=2130827306
Requested by
Host: bellesaplus.co
URL: https://bellesaplus.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 17:33:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=OPT-WH4N5VX&cv=121&t=ol&p=opts&l=-3&q=1&f=213&e=275&i=2&d=-11&c=-49&hc=0&sr=0.050000&ps=0.01930795182837408&cb=223757101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bellesaplus.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:33:08 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| google_tag_manager object| google_tag_data object| dataLayer object| google_optimize function| gtag object| _learnq object| BELLESA_CLIENT_ON_ERROR function| logClientErrorRequest object| load object| __FLAGS__ object| __CAMPAIGNS__ object| __INTERNATIONAL__ object| bellesa string| __BUILD__ object| __CACHE__ object| __LOADABLE_LOADED_CHUNKS__ object| GorgiasChat object| gorgiasChatPendingEvents object| GorgiasBridge object| gorgiasChat function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga object| gorgiasChatConfiguration object| webpackChunk_gorgias_chat_client object| turnstile function| filterCSS function| filterXSS object| amplitude object| gaplugins object| gaData

8 Cookies

Domain/Path Name / Value
bellesaplus.co/ Name: bellesa_session
Value: b6a3c4b4-ee37-42d7-8b31-0e8c61cb8091
.bellesaplus.co/ Name: __cf_bm
Value: c.nkYF_km5lHvwp0v0qas5UAjbqn5iF.zFq08wOUSZI-1702920786-1-AUpq5mn57aPSVHq6pytf6WTxQdnu8oCiMedIFucP2H8ZapaY5NO5YCArLKJyp90ZRew5t8q0WZwVzzxMLuGVm4E=
bellesaplus.co/ Name: bellesa_flags
Value: e30%3D
.bellesaplus.co/ Name: _ga_2D88P9D6ZE
Value: GS1.1.1702920787.1.0.1702920787.60.0.0
.bellesaplus.co/ Name: _ga
Value: GA1.2.1086874926.1702920787
.bellesaplus.co/ Name: _gid
Value: GA1.2.714232779.1702920788
.bellesaplus.co/ Name: _gat_gtag_UA_74691049_4
Value: 1
bellesaplus.co/ Name: AMP_9bdc728a74
Value: {"deviceId":"4b4acad0-1315-409c-9ee9-94209c989930","sessionId":1702920787872,"optOut":false}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.gorgias.chat
bellesaplus.co
c.bellesa.co
cdn.amplitude.com
challenges.cloudflare.com
config.gorgias.chat
fonts.googleapis.com
fonts.gstatic.com
polyfill.io
region1.analytics.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
2001:4860:4802:32::36
2606:4700:1::6813:8e6e
2606:4700:4400::6812:2465
2606:4700::6811:3b8
2606:4700::6812:135f
2a00:1450:4001:803::200e
2a00:1450:4001:808::2008
2a00:1450:4001:813::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9c
2a04:4e42:800::282
52.222.206.178
0ef197e753b84f7c4a382c12039610ff3e67bbb1d948d76ead9901467b00a8e0
16f4f026a211936d5946ae09c161dede007d328a58fa6de69a51b8ecb1d70aeb
2717980f48ed38e3fd94ce74a9e459172bc3fa2ad776db9aad0688266ac75112
33d94a773f58eccaabf654e3c1f4850a01e8e0254f8e61306cc256e49111080b
487feff9b96f49228218302f5bc485e4cd0e5d5a42e7b0e364dde936f1f12e9b
5a171b1f2c0f9404008223e98f728d963b9da2757a474b1ae3f4cf96e2edbbc0
6193c0f41bdb0b100d1a1ecef3baee8b1c730ae61d3fc8e516644a0dd1393725
630a491ff4fa5c454a1732246b76e4634d915bcf2728b53506ed06ddf573598f
64ab449162b00b1c33238d35370f1b384a9f77c0a09e8d42fcd2cdace4a4968c
64d284f2f6f534f74e12395c27c6480c539df7daeed9d6751aa652458e99ca6b
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
727220690711f7479cf71e6ede979f4c03d2ae0bc046d4e9755f939020a47173
754bc2c41c017fadfd74ffe446e63412129f26cab14f267977ab0d7cfa618379
8324c49da17c4ebc605c080edd3052bd67125f16e1c72a86621b3a55958b31d2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
90e49315cd772fb735a3f014bdb2f5c7dca9db0c265353fce4f05e405563acaf
a5a263756e794d5ad9a686025bb4174bd55dbbca9635748b247a8a527e89354c
a99bcea89c2c927bd8f61d2d792c22bfe1ec1c284c606beea6476ee44950c8bb
bcc6d15f3f553a97e234b3c32dd7ec0738892d242b93c0ac9f720f7f6c6d8e61
cf6651ddf4a3f904a132e4a3c0ab3a797ebfc146ad73a24532162605ee388c81
d11bfadb11cc3c2be77cdacc6da6a5ad96ea228af5fad03f721e5775fc139b8e
da05077815a559b6a7ffe9fe4be36e7a1caf9b323f80a5d4d540ff6daeb9ba62
dd035b384132f8d4ea33d6ee1b1d6d3d47122d5a0c4eb7195babd83b926e35b9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e736b807a10318525aa187bac1671bf7898ff7293de3a7cdace8dcf7b5a060cb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f247afe16e640819ed39f5a20627826f9b2e7bd07414f018bb6522f4f48ee485
f6d3b81d7cf7f951d87a3f2c4939b1c8e335e68f27818ff64ad77ded066766d3
fd9ac3177195b3d9537e0cf71222057ec70de67715715b570a80287ba78c8d3d