Submitted URL: https://www.baecosmetics.wpdemo.aesirx.io/
Effective URL: https://baecosmetics.wpdemo.aesirx.io/
Submission: On November 16 via api from US — Scanned from SE

Summary

This website contacted 7 IPs in 3 countries across 4 domains to perform 64 HTTP transactions. The main IP is 20.240.161.187, located in Sweden and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is baecosmetics.wpdemo.aesirx.io.
TLS certificate: Issued by R11 on October 15th 2024. Valid for: 3 months.
This is the only time baecosmetics.wpdemo.aesirx.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 31 20.240.161.187 8075 (MICROSOFT...)
3 192.0.76.3 2635 (AUTOMATTIC)
1 104.18.26.46 13335 (CLOUDFLAR...)
1 51.12.245.22 8075 (MICROSOFT...)
26 104.18.27.46 13335 (CLOUDFLAR...)
2 34.36.103.82 396982 (GOOGLE-CL...)
64 7
Apex Domain
Subdomains
Transfer
32 aesirx.io
www.baecosmetics.wpdemo.aesirx.io
baecosmetics.wpdemo.aesirx.io
web3id.backend.aesirx.io
3 MB
27 walletconnect.com
verify.walletconnect.com — Cisco Umbrella Rank: 55500
explorer-api.walletconnect.com — Cisco Umbrella Rank: 71599
68 KB
3 wp.com
stats.wp.com — Cisco Umbrella Rank: 3804
pixel.wp.com — Cisco Umbrella Rank: 3757
9 KB
2 concordium.software
grpc.mainnet.concordium.software
677 B
64 4
Domain Requested by
30 baecosmetics.wpdemo.aesirx.io baecosmetics.wpdemo.aesirx.io
26 explorer-api.walletconnect.com baecosmetics.wpdemo.aesirx.io
2 grpc.mainnet.concordium.software baecosmetics.wpdemo.aesirx.io
2 stats.wp.com baecosmetics.wpdemo.aesirx.io
1 web3id.backend.aesirx.io baecosmetics.wpdemo.aesirx.io
1 verify.walletconnect.com baecosmetics.wpdemo.aesirx.io
1 pixel.wp.com baecosmetics.wpdemo.aesirx.io
1 www.baecosmetics.wpdemo.aesirx.io 1 redirects
64 8

This site contains links to these domains. Also see Links.

Domain
wordpress.org
dapp.shield.aesirx.io
aesirx.io
shield.aesirx.io
Subject Issuer Validity Valid
baecosmetics.wpdemo.aesirx.io
R11
2024-10-15 -
2025-01-13
3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2023-11-28 -
2024-12-28
a year crt.sh
walletconnect.com
WE1
2024-11-02 -
2025-01-31
3 months crt.sh
web3id.backend.aesirx.io
E5
2024-11-09 -
2025-02-07
3 months crt.sh
grpc.mainnet.concordium.software
WR3
2024-10-15 -
2025-01-13
3 months crt.sh

This page contains 2 frames:

Primary Page: https://baecosmetics.wpdemo.aesirx.io/
Frame ID: 136CF71098F4F63DC267FA48B2379580
Requests: 68 HTTP requests in this frame

Frame: https://verify.walletconnect.com/76324905a70fe5c388bab46d3e0564dc
Frame ID: FF62BAC039CE15E92898D7D2402014C1
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Home - Wp Demo Analytics

Page URL History Show full URLs

  1. https://www.baecosmetics.wpdemo.aesirx.io/ HTTP 301
    https://baecosmetics.wpdemo.aesirx.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

64
Requests

98 %
HTTPS

0 %
IPv6

4
Domains

8
Subdomains

7
IPs

3
Countries

2806 kB
Transfer

7782 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.baecosmetics.wpdemo.aesirx.io/ HTTP 301
    https://baecosmetics.wpdemo.aesirx.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
baecosmetics.wpdemo.aesirx.io/
Redirect Chain
  • https://www.baecosmetics.wpdemo.aesirx.io/
  • https://baecosmetics.wpdemo.aesirx.io/
40 KB
10 KB
Document
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
e16efa41bfebd29e68688d1b7f415679d7171ed10ff42207fdd01615646ff300

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
9929
content-type
text/html; charset=UTF-8
date
Sat, 16 Nov 2024 10:39:37 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://baecosmetics.wpdemo.aesirx.io/wp-json/>; rel="https://api.w.org/", <https://baecosmetics.wpdemo.aesirx.io/wp-json/wp/v2/pages/13>; rel="alternate"; title="JSON"; type="application/json", <https://baecosmetics.wpdemo.aesirx.io/>; rel=shortlink
pragma
no-cache
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 16 Nov 2024 10:39:34 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://baecosmetics.wpdemo.aesirx.io/
pragma
no-cache
server
Apache
x-redirect-by
WordPress
style.min.css
baecosmetics.wpdemo.aesirx.io/wp-includes/css/dist/block-library/
112 KB
15 KB
Stylesheet
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-includes/css/dist/block-library/style.min.css?ver=6.7
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"1c012-626d2a43330cf-gzip"
accept-ranges
bytes
content-length
15177
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Wed, 13 Nov 2024 22:13:20 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
mediaelementplayer-legacy.min.css
baecosmetics.wpdemo.aesirx.io/wp-includes/js/mediaelement/
11 KB
3 KB
Stylesheet
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"2bf8-61b10363466d5-gzip"
accept-ranges
bytes
content-length
2592
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:23 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
wp-mediaelement.min.css
baecosmetics.wpdemo.aesirx.io/wp-includes/js/mediaelement/
4 KB
1 KB
Stylesheet
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.7
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"105a-61b10363466d5-gzip"
accept-ranges
bytes
content-length
1156
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:23 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
woocommerce-layout.css
baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/css/
17 KB
3 KB
Stylesheet
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=8.8.5
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
f3025cb2afeb54d4dcb1ca02606b0e2e48639ee78a9d55ef4e9a80767351e118

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"4518-61b10378eb83b-gzip"
accept-ranges
bytes
content-length
2573
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:45 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
twenty-twenty.css
baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/css/
40 KB
7 KB
Stylesheet
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/css/twenty-twenty.css?ver=8.8.5
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
e15b91ebec0ab514c13a5dd312c287431c9613b8d324efdce976ed2f2e0ce439

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"9ffb-61b10378ec7db-gzip"
accept-ranges
bytes
content-length
6853
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:45 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
style.css
baecosmetics.wpdemo.aesirx.io/wp-content/themes/twentytwenty/
119 KB
22 KB
Stylesheet
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/themes/twentytwenty/style.css?ver=2.1
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
22312f28ccf2006064c8910b9661d8ce672ca1bdaefc3029e475507421c8112f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"1da5d-61b1036441683-gzip"
accept-ranges
bytes
content-length
22907
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:24 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
twentytwenty.css
baecosmetics.wpdemo.aesirx.io/wp-content/plugins/jetpack/modules/theme-tools/compat/
6 KB
2 KB
Stylesheet
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/jetpack/modules/theme-tools/compat/twentytwenty.css?ver=14.0
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
033794a968aac6c58033346a1db1a78789b3000630fd94e7481f0161f0fbfb7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"17d8-6265d2b2fcd36-gzip"
accept-ranges
bytes
content-length
1890
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Fri, 08 Nov 2024 02:04:18 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
jquery.min.js
baecosmetics.wpdemo.aesirx.io/wp-includes/js/jquery/
86 KB
30 KB
Script
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"15601-61b1036315993-gzip"
accept-ranges
bytes
content-length
30368
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:22 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
jquery-migrate.min.js
baecosmetics.wpdemo.aesirx.io/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"3509-61b1036315993-gzip"
accept-ranges
bytes
content-length
4872
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:22 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
jquery.blockUI.min.js
baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/js/jquery-blockui/
9 KB
4 KB
Script
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.8.5
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"25a4-61b10379b5aa6-gzip"
accept-ranges
bytes
content-length
3537
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:46 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
add-to-cart.min.js
baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/js/frontend/
3 KB
1 KB
Script
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.8.5
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
4f0a4e5ff7378b48f06c23a8ff4e52633c828fee56f2495085eeea5c1a7f8aba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"bf2-61b10379b4b06-gzip"
accept-ranges
bytes
content-length
1107
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:46 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
js.cookie.min.js
baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/js/js-cookie/
2 KB
887 B
Script
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.8.5
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
8b083f64f2e9e8ac445c730dfce7013cc6449ce155fd1c2f42b60edba4ecb4b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"6b8-61b10379b5aa6-gzip"
accept-ranges
bytes
content-length
833
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:46 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
woocommerce.min.js
baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/js/frontend/
2 KB
853 B
Script
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.8.5
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"85b-61b10379adda6-gzip"
accept-ranges
bytes
content-length
799
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:46 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
index.js
baecosmetics.wpdemo.aesirx.io/wp-content/themes/twentytwenty/assets/js/
25 KB
7 KB
Script
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/themes/twentytwenty/assets/js/index.js?ver=2.1
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
6a9c7d809cf7886b0418e90771e5cb9b0d04c7fa4da523ca397698c3a4b4de86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"65ff-61b1036444563-gzip"
accept-ranges
bytes
content-length
6986
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:24 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
s-202446.js
stats.wp.com/
9 KB
4 KB
Script
General
Full URL
https://stats.wp.com/s-202446.js
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d92c0cb8715f872b995e9166602b68fd389905b7942fe245ce0eaf9ae9743686

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-nc
HIT arn
etag
W/"65717c6c-25ea"
access-control-allow-methods
GET, HEAD
expires
Mon, 10 Nov 2025 21:58:06 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 10:39:37 GMT
content-type
application/javascript
last-modified
Thu, 07 Dec 2023 08:03:56 GMT
server
nginx
vary
Accept-Encoding
test.jpeg
baecosmetics.wpdemo.aesirx.io/wp-content/uploads/2024/06/
18 KB
18 KB
Image
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/uploads/2024/06/test.jpeg
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
d67ab36d79bb8103c204c40a9ba0559238b03c7a7f1d7e85b7f98636c4c8ae52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

accept-ranges
bytes
content-length
18122
etag
"46ca-61b10363800b8"
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:23 GMT
content-type
image/jpeg
server
Apache
wc-blocks.css
baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/client/blocks/
12 KB
3 KB
Stylesheet
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/client/blocks/wc-blocks.css?ver=wc-8.8.5
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
9e8a3a012ab500ce90d9ad5c0fbeca46eaaa80780b944466a1c9a05ebf2e61f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"31c7-61b10379407a0-gzip"
accept-ranges
bytes
content-length
2530
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:46 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
w.js
stats.wp.com/
13 KB
5 KB
Script
General
Full URL
https://stats.wp.com/w.js?ver=202446
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bbcc769c4704058d89afc024f24dde11deed8ec61b99f1d52ba935fad8614523

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-nc
HIT arn
etag
W/12868-1717166113635.1218
x-minify
t
x-minify-cache
hit
access-control-allow-methods
GET, HEAD
expires
Mon, 10 Nov 2025 19:08:11 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 10:39:37 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
tracks-callables.js
baecosmetics.wpdemo.aesirx.io/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-connection/dist/
1 KB
636 B
Script
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-connection/dist/tracks-callables.js?minify=false&ver=a8b23de97e9658b5993f
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
d6e7b4436592223ebcc69d329af9afce74ed8ec34420d677d810387489191d1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"435-6265d2b2de8d4-gzip"
accept-ranges
bytes
content-length
582
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Fri, 08 Nov 2024 02:04:18 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
analytics.js
baecosmetics.wpdemo.aesirx.io/wp-content/plugins/aesirx-analytics/assets/js/
7 MB
2 MB
Script
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/aesirx-analytics/assets/js/analytics.js?ver=1
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
b7d4bd2526b598880700227afa451abb3d9527255b0331faa01e5181eea802b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"6867f1-61b1036c0e80d-gzip"
accept-ranges
bytes
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:32 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
sourcebuster.min.js
baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/js/sourcebuster/
14 KB
4 KB
Script
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=8.8.5
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
881f4e9fde0d4d4bdcf1eae9fd2d68378c5203969e6ceedf59b4e29567f238a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"38a4-61b10379a8f85-gzip"
accept-ranges
bytes
content-length
4543
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:46 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
order-attribution.min.js
baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/js/frontend/
2 KB
1 KB
Script
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=8.8.5
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
db654754e1783f1b2b85dbac3a04d98a1c7aec8f22a42bb6a63d431109a83434

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"88a-61b10379aed46-gzip"
accept-ranges
bytes
content-length
1065
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:46 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
61c7c80d-f419-472a-abb4-d20a58ab0343
https://baecosmetics.wpdemo.aesirx.io/ Frame
0
0

woocommerce-smallscreen.css
baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/css/
7 KB
1 KB
Stylesheet
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=8.8.5
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
401373c6cddfc333e45314482184906a357ae96d1fccd5ef6c40d8b7656e7349

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"1b83-61b10378eb83b-gzip"
accept-ranges
bytes
content-length
1181
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:45 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
print.css
baecosmetics.wpdemo.aesirx.io/wp-content/themes/twentytwenty/
3 KB
1 KB
Stylesheet
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/themes/twentytwenty/print.css?ver=2.1
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
3a6e534ba6c925e8646018b5b7133e0e42fa33c8d67bd104e7b0f2521bcdf595

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"a8e-61b10364406e3-gzip"
accept-ranges
bytes
content-length
1009
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:24 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
g.gif
pixel.wp.com/
50 B
177 B
Image
General
Full URL
https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.9323377839187426
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

cache-control
no-cache
access-control-allow-origin
*
content-length
50
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 10:39:37 GMT
content-type
image/gif
server
nginx
truncated
/
157 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca029fc7a766ab119b6308cdb31a5dda0cb77300f614da79029d44952dd62c36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
Inter-upright-var.woff2
baecosmetics.wpdemo.aesirx.io/wp-content/themes/twentytwenty/assets/fonts/inter/
219 KB
219 KB
Font
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/themes/twentytwenty/assets/fonts/inter/Inter-upright-var.woff2
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/wp-content/themes/twentytwenty/style.css?ver=2.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/wp-content/themes/twentytwenty/style.css?ver=2.1

Response headers

accept-ranges
bytes
content-length
223892
etag
"36a94-61b1036444563"
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:24 GMT
content-type
font/woff2
server
Apache
truncated
/
808 B
808 B
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2314a04de305a6bcf2bc9d951d3a0596084649fce911b7e4e085d0c69ac6985b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer

Response headers

Content-Type
application/font-woff2;charset=utf-8
wp-emoji-release.min.js
baecosmetics.wpdemo.aesirx.io/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-includes/js/wp-emoji-release.min.js?ver=6.7
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

content-encoding
gzip
etag
"4926-61b103630ec32-gzip"
accept-ranges
bytes
content-length
5062
date
Sat, 16 Nov 2024 10:39:38 GMT
last-modified
Mon, 17 Jun 2024 06:38:22 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
start
baecosmetics.wpdemo.aesirx.io/visitor/v2/
159 B
207 B
Fetch
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/visitor/v2/start
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/aesirx-analytics/assets/js/analytics.js?ver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
326f6c06f4712b678a91c3cad1d3cab53382d07ce0d4730dd81b8abcd6f12637

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
date
Sat, 16 Nov 2024 10:39:38 GMT
content-type
application/json; charset=utf-8
server
Apache
test.jpeg
baecosmetics.wpdemo.aesirx.io/wp-content/uploads/2024/06/
18 KB
0
Other
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/uploads/2024/06/test.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
d67ab36d79bb8103c204c40a9ba0559238b03c7a7f1d7e85b7f98636c4c8ae52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

accept-ranges
bytes
content-length
18122
etag
"46ca-61b10363800b8"
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:23 GMT
content-type
image/jpeg
server
Apache
test.jpeg
baecosmetics.wpdemo.aesirx.io/wp-content/uploads/2024/06/
18 KB
0
Other
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/wp-content/uploads/2024/06/test.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
d67ab36d79bb8103c204c40a9ba0559238b03c7a7f1d7e85b7f98636c4c8ae52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

accept-ranges
bytes
content-length
18122
etag
"46ca-61b10363800b8"
date
Sat, 16 Nov 2024 10:39:37 GMT
last-modified
Mon, 17 Jun 2024 06:38:23 GMT
content-type
image/jpeg
server
Apache
76324905a70fe5c388bab46d3e0564dc
verify.walletconnect.com/ Frame FF62
0
0
Document
General
Full URL
https://verify.walletconnect.com/76324905a70fe5c388bab46d3e0564dc
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/aesirx-analytics/assets/js/analytics.js?ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://baecosmetics.wpdemo.aesirx.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-ray
8e36dbbd5caf15ec-ARN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 16 Nov 2024 10:39:39 GMT
priority
u=0,i
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
547a8ace-216b-448e-a7c3-062c58850a3e
baecosmetics.wpdemo.aesirx.io/remember_flow/
4 B
79 B
Fetch
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/remember_flow/547a8ace-216b-448e-a7c3-062c58850a3e
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/aesirx-analytics/assets/js/analytics.js?ver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
content-length
24
date
Sat, 16 Nov 2024 10:39:39 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Apache
truncated
/
150 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9478d9762b6341d93f1c28ddab90c6455fc0ab80d1677a4a42d0f279a4c7af5f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
754 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1fb8039e0117231f3f411cb0dc867b9ce97a2503ebc5bc0b9ba564f268e10059

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
7170a61e-4494-49a2-9e6b-2b171e119f1c
baecosmetics.wpdemo.aesirx.io/visitor/v1/
752 B
777 B
XHR
General
Full URL
https://baecosmetics.wpdemo.aesirx.io/visitor/v1/7170a61e-4494-49a2-9e6b-2b171e119f1c
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/aesirx-analytics/assets/js/analytics.js?ver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.240.161.187 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
e33ae970be40aa98c444160499ffa6c0bdc0e2f043b7cee60058e02fc1aa6f83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
date
Sat, 16 Nov 2024 10:39:39 GMT
content-type
application/json; charset=utf-8
server
Apache
baecosmetics.wpdemo.aesirx.io
web3id.backend.aesirx.io/datastream/template/
58 B
627 B
XHR
General
Full URL
https://web3id.backend.aesirx.io:8001/datastream/template/baecosmetics.wpdemo.aesirx.io
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/aesirx-analytics/assets/js/analytics.js?ver=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.12.245.22 , Sweden, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.25.3 / Express
Resource Hash
24a42895f82eb7b82e17484aac4eb1d56a7e677168e6137b3f5dafb79640b197

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

Access-Control-Expose-Headers
Content-Length,Content-Range
ETag
W/"3a-6ZTjDC7LOZ/rrhfr1qGDXH1ZmYg"
Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Content-Length
58
Date
Sat, 16 Nov 2024 10:39:40 GMT
Content-Type
application/json; charset=utf-8
X-Powered-By
Express
Server
nginx/1.25.3
Access-Control-Allow-Headers
Access-Control-Allow-Headers, Authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
getDesktopListings
explorer-api.walletconnect.com/w3m/v1/
7 KB
2 KB
Fetch
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getDesktopListings?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1&page=1&entries=9&version=2
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/aesirx-analytics/assets/js/analytics.js?ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85e991e1aacc4ffffbb21c2bbff8668e64d3df7a7eb51bdce975e379c4b53c33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-robots-tag
noindex
cache-control
public, max-age=43200, s-maxage=21600
content-encoding
br
cf-ray
8e36dbbf29b082c4-ARN
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:39 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
getInjectedListings
explorer-api.walletconnect.com/w3m/v1/
57 KB
13 KB
Fetch
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getInjectedListings?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/aesirx-analytics/assets/js/analytics.js?ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53fb0f0a6bf638c8e6cf71dfb3a432d8f628d6498fbbbe547d3a46b75822ff75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-robots-tag
noindex
cache-control
public, max-age=43200, s-maxage=21600
content-encoding
br
cf-ray
8e36dbbf29b982c4-ARN
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:40 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
GetConsensusInfo
grpc.mainnet.concordium.software/concordium.v2.Queries/ Frame
0
0
Preflight
General
Full URL
https://grpc.mainnet.concordium.software:20000/concordium.v2.Queries/GetConsensusInfo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.103.82 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
82.103.36.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-grpc-web
Access-Control-Request-Method
POST
Origin
https://baecosmetics.wpdemo.aesirx.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-grpc-web,content-type,x-user-agent,grpc-timeout
access-control-allow-origin
https://baecosmetics.wpdemo.aesirx.io
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 16 Nov 2024 10:39:39 GMT
vary
origin access-control-request-method access-control-request-headers
via
1.1 google
GetConsensusInfo
grpc.mainnet.concordium.software/concordium.v2.Queries/
544 B
677 B
Fetch
General
Full URL
https://grpc.mainnet.concordium.software:20000/concordium.v2.Queries/GetConsensusInfo
Requested by
Host: baecosmetics.wpdemo.aesirx.io
URL: https://baecosmetics.wpdemo.aesirx.io/wp-content/plugins/aesirx-analytics/assets/js/analytics.js?ver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.103.82 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
82.103.36.34.bc.googleusercontent.com
Software
/
Resource Hash
2eb91036d6261598611eb4906e301d9f6ad2a90d14a386bbdf33f51bccd97056

Request headers

Referer
https://baecosmetics.wpdemo.aesirx.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/grpc-web-text
content-type
application/grpc-web-text
x-grpc-web
1

Response headers

access-control-expose-headers
grpc-status,grpc-message,grpc-status-details-bin
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://baecosmetics.wpdemo.aesirx.io
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 10:39:39 GMT
content-type
application/grpc-web-text+proto
vary
origin, access-control-request-method, access-control-request-headers
truncated
/
489 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75ff3aca08ff10454b044ba11afcb536766c1c65ee7441205186b28e1240acf3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
832 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
175642ac2305846431c86d0c06bf9f7549ae21635b97f041bd7a563a093a0452

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50431d32473b0dec85d55a244790d8995f66d8516cc1092a229591803a1120f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
600a9a04-c1b9-42ca-6785-9b4b6ff85200
explorer-api.walletconnect.com/w3m/v1/getAssetImage/
2 KB
3 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/600a9a04-c1b9-42ca-6785-9b4b6ff85200?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0826c82ae7c1f26581be76f49f165cf5e801dc47376d755b78b819475174ee4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cfuwYBbesV8l5_F8TO91Cr3GddfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:40 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=710+7 c=0+7 v=2024.10.6 l=2174 f=false
cf-ray
8e36dbc418bd82c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
2174
server
cloudflare
30c46e53-e989-45fb-4549-be3bd4eb3b00
explorer-api.walletconnect.com/w3m/v1/getAssetImage/
960 B
2 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/30c46e53-e989-45fb-4549-be3bd4eb3b00?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c585ae9166b8258f04b1a8fc5bb6cce7acd29a02ca7001d303f4e342b47e2e8f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cfCDuIYmEheLZSNq1I6sdaPFcLfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:40 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=31+4 c=0+4 v=2024.10.6 l=960 f=false
cf-ray
8e36dbc428c882c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
960
server
cloudflare
93564157-2e8e-4ce7-81df-b264dbee9b00
explorer-api.walletconnect.com/w3m/v1/getAssetImage/
3 KB
3 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/93564157-2e8e-4ce7-81df-b264dbee9b00?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3c7fd42c1cae833f4f4732829cf156ef9064b51df3753e0304e246cf904cc14
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cf1ApOabfxxTRxuFHP4nttwOIZfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:40 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=474+3 c=0+3 v=2024.10.6 l=2928 f=false
cf-ray
8e36dbc438df82c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
2928
server
cloudflare
f926ff41-260d-4028-635e-91913fc28e00
explorer-api.walletconnect.com/w3m/v1/getAssetImage/
2 KB
2 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/f926ff41-260d-4028-635e-91913fc28e00?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed66519dde07d8e675936a1bce37007e441ebb9d13f822a600d06df22fb12586
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
HIT
etag
"cfKJijt2HBDM9Fgxnveby3YemGfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=3159+4 c=1+3 v=2024.9.1 l=1540 f=false
cf-ray
8e36dbc438e382c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
1540
server
cloudflare
06b26297-fe0c-4733-5d6b-ffa5498aac00
explorer-api.walletconnect.com/w3m/v1/getAssetImage/
1 KB
2 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/06b26297-fe0c-4733-5d6b-ffa5498aac00?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5d7900be8d62596545ba234d6411aecd2557e682955bb4c1e48a6d4cb7b135
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cfg5kHfR4p5rKyX_HbosXNTDTYfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=1883+2 c=0+2 v=2024.10.6 l=1520 f=false
cf-ray
8e36dbc438e782c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
1520
server
cloudflare
5a73b3dd-af74-424e-cae0-0de859ee9400
explorer-api.walletconnect.com/w3m/v1/getAssetImage/
1 KB
2 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/5a73b3dd-af74-424e-cae0-0de859ee9400?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
859d3ba675c611abdd52d68dc014d639147d17730a250ba16b14eff1bc69164e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cfNkNSoWSlTilKznUP_1v8C9G0fmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:40 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=1080+2 c=0+2 v=2024.9.3 l=1428 f=false
cf-ray
8e36dbc438f182c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
1428
server
cloudflare
02b53f6a-e3d4-479e-1cb4-21178987d100
explorer-api.walletconnect.com/w3m/v1/getAssetImage/
2 KB
3 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/02b53f6a-e3d4-479e-1cb4-21178987d100?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91e0e02282685eed1ab3093bd34dab51ee47fff41612c3900dad38631c91329c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cfWZAsl8NuIEfqKyeWc7tg4MUZfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=1689+4 c=0+4 v=2024.10.6 l=1964 f=false
cf-ray
8e36dbc438fa82c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
1964
server
cloudflare
34e68754-e536-40da-c153-6ef2e7188a00
explorer-api.walletconnect.com/w3m/v1/getAssetImage/
1 KB
2 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/34e68754-e536-40da-c153-6ef2e7188a00?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
024baf52ae8ccac6225b40206e5f02cb1c571b2de8328ca8b210bdf7600c0619
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cf_Cryga85ZcDJ3MAq0tLg2RvFfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:40 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=810+0 c=1+4 v=2024.6.0 l=1344
cf-ray
8e36dbc438ff82c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
1344
server
cloudflare
692ed6ba-e569-459a-556a-776476829e00
explorer-api.walletconnect.com/w3m/v1/getAssetImage/
628 B
1 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/692ed6ba-e569-459a-556a-776476829e00?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b22b238c613c9bfcf13e8340213b734fea3bd0b9b2fe67648e3ba6decc104e89
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cfaRKjj98wG78-Q94g8ciN3whHfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:40 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=725+2 c=0+2 v=2024.10.6 l=628 f=false
cf-ray
8e36dbc4390382c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
628
server
cloudflare
3897a66d-40b9-4833-162f-a2c90531c900
explorer-api.walletconnect.com/w3m/v1/getAssetImage/
2 KB
2 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/3897a66d-40b9-4833-162f-a2c90531c900?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
450e5503c4caacd9e4d49e9a70280e862945cb1a9a3ae8e1d21aedbea8ebecb7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cfzT_6fQ9YTp_H2nmGfe7Pewo5fmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ram/- q=0 n=0+0 c=0+0 v=2024.7.0 l=1544
cf-ray
8e36dbc4390782c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
1544
server
cloudflare
161038da-44ae-4ec7-1208-0ea569454b00
explorer-api.walletconnect.com/w3m/v1/getAssetImage/
894 B
1 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/161038da-44ae-4ec7-1208-0ea569454b00?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a60e763d98861a565ad3cddb64f4a9c173ab13f3253a7a2cfe8db5f8077a966e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cf7sHZBACE3O0I9TEj49247x2afmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=741+3 c=1+2 v=2024.10.0 l=894 f=false
cf-ray
8e36dbc4390c82c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
894
server
cloudflare
f1d73bb6-5450-4e18-38f7-fb6484264a00
explorer-api.walletconnect.com/w3m/v1/getAssetImage/
1 KB
2 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/f1d73bb6-5450-4e18-38f7-fb6484264a00?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
407d80a90535e7c7df4439bb1b10e396fea272724edfb7aac9f68fbb10df5ba8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cflbMa8nSAeWa_7UlfBn3pH436fmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=954+4 c=1+3 v=2024.10.6 l=1480 f=false
cf-ray
8e36dbc4391082c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
1480
server
cloudflare
ab9c186a-c52f-464b-2906-ca59d760a400
explorer-api.walletconnect.com/w3m/v1/getAssetImage/
1 KB
2 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/ab9c186a-c52f-464b-2906-ca59d760a400?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3192afa6823f7276cf6e7e4eb6363c0f2b227aa28392b6e124d5486c251417d5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cf1bMzkffidOhcD7Rqm7-8S115fmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=2640+2 c=0+2 v=2024.10.6 l=1062 f=false
cf-ray
8e36dbc4391182c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
1062
server
cloudflare
41d04d42-da3b-4453-8506-668cc0727900
explorer-api.walletconnect.com/w3m/v1/getAssetImage/
1 KB
2 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/41d04d42-da3b-4453-8506-668cc0727900?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1e40b02198365213323c48f1ccd4b2ea8945df4ee94617faf8232ba4c19855a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
HIT
etag
"cfIBgbS-WAFgZUOOKJGP6fnCtOfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=678+8 c=0+8 v=2024.10.6 l=1452 f=false
cf-ray
8e36dbc4391482c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
1452
server
cloudflare
b310f07f-4ef7-49f3-7073-2a0a39685800
explorer-api.walletconnect.com/w3m/v1/getAssetImage/
756 B
1 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/b310f07f-4ef7-49f3-7073-2a0a39685800?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4937661332a26ffe7428347ac145e98f56fc0bec8f3022f4058985acf0ef5fe2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cfpx6q1v8xyg4BOHKTAKOUyr4jfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:40 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=867+14 c=2+12 v=2024.10.6 l=756 f=false
cf-ray
8e36dbc4391982c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
756
server
cloudflare
18711270-36a3-4d89-e20f-1f1ccb262a00
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
1 KB
2 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/18711270-36a3-4d89-e20f-1f1ccb262a00?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8ea3d80dc02793b61a5038753931dfae14c8767d9cf768eb1002d0d87821a85
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
HIT
etag
"cfhrdQwLmzrbLNBkD1hnrCJvpbfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=693+3 c=0+3 v=2024.10.6 l=1180 f=false
cf-ray
8e36dbc4391b82c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
1180
server
cloudflare
f79ccec4-6729-434e-4c61-7b164eb11500
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
1 KB
2 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/f79ccec4-6729-434e-4c61-7b164eb11500?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bb72f567d1c8f4797ca49a346ab2187603ce74ec85fb44e733464a4cc5c0545
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
HIT
etag
"cf_rAbs6bVlA8sIJkkHirBcwLffmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ram/- q=0 n=0+0 c=0+0 v=2024.10.6 l=1412
cf-ray
8e36dbc4391c82c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
1412
server
cloudflare
7e1514ba-932d-415d-1bdb-bccb6c2cbc00
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
910 B
1 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/7e1514ba-932d-415d-1bdb-bccb6c2cbc00?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e352c8a9e65670d43fa8709cbde5535226746cc4d4777e07b251e117ca4aa95
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cfmeYviP6kCNFgjEWLRBgPUJnDfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=768+3 c=0+3 v=2024.10.6 l=910 f=false
cf-ray
8e36dbc4392082c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
910
server
cloudflare
c39b3a16-1a38-4588-f089-cb7aeb584700
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
2 KB
2 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/c39b3a16-1a38-4588-f089-cb7aeb584700?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f08bd5fd73b03bd498bdea7b974f26bc80a03b26b6efb63e3d856fe324a1e288
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cfzxenqWecI6yJVG_C8-69sArsfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=24+4 c=0+4 v=2024.10.6 l=1700 f=false
cf-ray
8e36dbc4392382c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
1700
server
cloudflare
9f259366-0bcd-4817-0af9-f78773e41900
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
2 KB
2 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/9f259366-0bcd-4817-0af9-f78773e41900?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac3ab06433e114c3e21ae87b9ba5b79cb3ee2829e4354397352fd04d01251e22
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cftQTt3un0HlQqBazMK6bKNWLifmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=51+15 c=2+13 v=2024.10.6 l=1860 f=false
cf-ray
8e36dbc4392482c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
1860
server
cloudflare
204b2240-5ce4-4996-6ec4-f06a22726900
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
3 KB
4 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/204b2240-5ce4-4996-6ec4-f06a22726900?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2afca389fab7fb59ce8f7e39c2796f4e48e3e292f24558710fc9359fe8da86b5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
HIT
etag
"cfHSK7haDWQDA9lEEikk-9BEcPfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=3252+6 c=3+3 v=2024.10.6 l=2986 f=false
cf-ray
8e36dbc4392982c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
2986
server
cloudflare
b6ee4efc-f53e-475b-927b-a7ded6211700
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
3 KB
3 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/b6ee4efc-f53e-475b-927b-a7ded6211700?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c636ba07da1373f4c0e7ef915f807b125b1921f03cac429a4805c1cb22750659
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cf9TnuhjIqeWjX901zZxsJee5JfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=989+13 c=7+6 v=2024.10.6 l=2666 f=false
cf-ray
8e36dbc4392b82c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
2666
server
cloudflare
fbd441cc-e861-46dc-48ae-a04228ddb500
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
3 KB
3 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/fbd441cc-e861-46dc-48ae-a04228ddb500?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e4db7cebb517a9dffb833d5ec75b5e91b9eff4eeae380476df7f85e21459081
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
MISS
etag
"cfFJ943IWAd-AliTnsJ2QbJY_MfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:41 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=834+10 c=5+5 v=2024.10.6 l=2790 f=false
cf-ray
8e36dbc4392e82c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
2790
server
cloudflare
7fd5a23a-3a01-4cfb-3c8b-9f43ae414400
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
3 KB
3 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/7fd5a23a-3a01-4cfb-3c8b-9f43ae414400?projectId=76324905a70fe5c388bab46d3e0564dc&sdkType=w3m&sdkVersion=js-2.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0236ca1c9ca15fafaabee69e69e3e8a0570801cbb31da6768ba8318070baed97
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://baecosmetics.wpdemo.aesirx.io
Referer
https://baecosmetics.wpdemo.aesirx.io/

Response headers

x-wc-r2-status
HIT
x-robots-tag
noindex
cf-cache-status
HIT
etag
"cfRafM7wSd8-Qni9A0q6y28FCOfmDcyauXnchu_YTSDQ"
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 10:39:40 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000, s-maxage=86400
cf-images
internal=ok/- q=0 n=43+9 c=1+8 v=2024.10.6 l=2974 f=false
cf-ray
8e36dbc4392f82c4-ARN
accept-ranges
bytes
access-control-allow-origin
*
content-length
2974
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
baecosmetics.wpdemo.aesirx.io
URL
blob:https://baecosmetics.wpdemo.aesirx.io/61c7c80d-f419-472a-abb4-d20a58ab0343

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wca object| _wpemojiSettings function| jQuery object| wc_add_to_cart_params object| woocommerce_params object| wpcom object| _tkq object| _stq object| analytics string| aesirx1stparty string| disableAnalyticsConsent string| aesirxClientID string| aesirxClientSecret string| aesirxTrackEcommerce object| twentytwenty function| twentytwentyDomReady function| twentytwentyToggleAttribute function| twentytwentyMenuToggle function| twentytwentyFindParents object| FontAwesomeConfig object| ___FONT_AWESOME___ object| process function| Buffer function| tracker function| trackEventAnalytics object| sbjs object| wc_order_attribution object| Cookies object| twemoji object| wp string| event_uuid string| visitor_uuid object| reactiveElementVersions object| litHtmlVersions object| litElementVersions

13 Cookies

Domain/Path Name / Value
www.baecosmetics.wpdemo.aesirx.io/ Name: PHPSESSID
Value: f1rptfmboo3q0ec5or0bcrusb7
baecosmetics.wpdemo.aesirx.io/ Name: PHPSESSID
Value: 9d39pe0vg58969jmucijvgtb0j
.baecosmetics.wpdemo.aesirx.io/ Name: sbjs_migrations
Value: 1418474375998%3D1
.baecosmetics.wpdemo.aesirx.io/ Name: sbjs_current_add
Value: fd%3D2024-11-16%2010%3A39%3A38%7C%7C%7Cep%3Dhttps%3A%2F%2Fbaecosmetics.wpdemo.aesirx.io%2F%7C%7C%7Crf%3D%28none%29
.baecosmetics.wpdemo.aesirx.io/ Name: sbjs_first_add
Value: fd%3D2024-11-16%2010%3A39%3A38%7C%7C%7Cep%3Dhttps%3A%2F%2Fbaecosmetics.wpdemo.aesirx.io%2F%7C%7C%7Crf%3D%28none%29
.baecosmetics.wpdemo.aesirx.io/ Name: sbjs_current
Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29
.baecosmetics.wpdemo.aesirx.io/ Name: sbjs_first
Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29
.baecosmetics.wpdemo.aesirx.io/ Name: sbjs_udata
Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F130.0.0.0%20Safari%2F537.36
.baecosmetics.wpdemo.aesirx.io/ Name: sbjs_session
Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fbaecosmetics.wpdemo.aesirx.io%2F
.aesirx.io/ Name: tk_or
Value: %22%22
.aesirx.io/ Name: tk_r3d
Value: %22%22
.aesirx.io/ Name: tk_lr
Value: %22%22
.walletconnect.com/ Name: __cf_bm
Value: pwsiDQC3jgOPwG9trgzeas6Y5wKtkiil.XdeGZnRfVE-1731753579-1.0.1.1-jDKOYfrzYv3jLWmtfVJpbw80jrdCM5aM5DL._b3idrLW04eZqbkcQn_i5ELJWmVsIItN7GYv8ry4MO8WDvMpOw

1 Console Messages

Source Level URL
Text
network error URL: https://web3id.backend.aesirx.io:8001/datastream/template/baecosmetics.wpdemo.aesirx.io
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

baecosmetics.wpdemo.aesirx.io
explorer-api.walletconnect.com
grpc.mainnet.concordium.software
pixel.wp.com
stats.wp.com
verify.walletconnect.com
web3id.backend.aesirx.io
www.baecosmetics.wpdemo.aesirx.io
baecosmetics.wpdemo.aesirx.io
104.18.26.46
104.18.27.46
192.0.76.3
20.240.161.187
34.36.103.82
51.12.245.22
0236ca1c9ca15fafaabee69e69e3e8a0570801cbb31da6768ba8318070baed97
024baf52ae8ccac6225b40206e5f02cb1c571b2de8328ca8b210bdf7600c0619
033794a968aac6c58033346a1db1a78789b3000630fd94e7481f0161f0fbfb7b
0bb72f567d1c8f4797ca49a346ab2187603ce74ec85fb44e733464a4cc5c0545
175642ac2305846431c86d0c06bf9f7549ae21635b97f041bd7a563a093a0452
1fb8039e0117231f3f411cb0dc867b9ce97a2503ebc5bc0b9ba564f268e10059
22312f28ccf2006064c8910b9661d8ce672ca1bdaefc3029e475507421c8112f
2314a04de305a6bcf2bc9d951d3a0596084649fce911b7e4e085d0c69ac6985b
24a42895f82eb7b82e17484aac4eb1d56a7e677168e6137b3f5dafb79640b197
2afca389fab7fb59ce8f7e39c2796f4e48e3e292f24558710fc9359fe8da86b5
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e4db7cebb517a9dffb833d5ec75b5e91b9eff4eeae380476df7f85e21459081
2eb91036d6261598611eb4906e301d9f6ad2a90d14a386bbdf33f51bccd97056
3192afa6823f7276cf6e7e4eb6363c0f2b227aa28392b6e124d5486c251417d5
326f6c06f4712b678a91c3cad1d3cab53382d07ce0d4730dd81b8abcd6f12637
3a6e534ba6c925e8646018b5b7133e0e42fa33c8d67bd104e7b0f2521bcdf595
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
401373c6cddfc333e45314482184906a357ae96d1fccd5ef6c40d8b7656e7349
407d80a90535e7c7df4439bb1b10e396fea272724edfb7aac9f68fbb10df5ba8
450e5503c4caacd9e4d49e9a70280e862945cb1a9a3ae8e1d21aedbea8ebecb7
4937661332a26ffe7428347ac145e98f56fc0bec8f3022f4058985acf0ef5fe2
4d5d7900be8d62596545ba234d6411aecd2557e682955bb4c1e48a6d4cb7b135
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f0a4e5ff7378b48f06c23a8ff4e52633c828fee56f2495085eeea5c1a7f8aba
50431d32473b0dec85d55a244790d8995f66d8516cc1092a229591803a1120f5
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53fb0f0a6bf638c8e6cf71dfb3a432d8f628d6498fbbbe547d3a46b75822ff75
6a9c7d809cf7886b0418e90771e5cb9b0d04c7fa4da523ca397698c3a4b4de86
75ff3aca08ff10454b044ba11afcb536766c1c65ee7441205186b28e1240acf3
859d3ba675c611abdd52d68dc014d639147d17730a250ba16b14eff1bc69164e
85e991e1aacc4ffffbb21c2bbff8668e64d3df7a7eb51bdce975e379c4b53c33
881f4e9fde0d4d4bdcf1eae9fd2d68378c5203969e6ceedf59b4e29567f238a9
8b083f64f2e9e8ac445c730dfce7013cc6449ce155fd1c2f42b60edba4ecb4b1
8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6
8e352c8a9e65670d43fa8709cbde5535226746cc4d4777e07b251e117ca4aa95
91e0e02282685eed1ab3093bd34dab51ee47fff41612c3900dad38631c91329c
9478d9762b6341d93f1c28ddab90c6455fc0ab80d1677a4a42d0f279a4c7af5f
9e8a3a012ab500ce90d9ad5c0fbeca46eaaa80780b944466a1c9a05ebf2e61f3
a1e40b02198365213323c48f1ccd4b2ea8945df4ee94617faf8232ba4c19855a
a60e763d98861a565ad3cddb64f4a9c173ab13f3253a7a2cfe8db5f8077a966e
ac3ab06433e114c3e21ae87b9ba5b79cb3ee2829e4354397352fd04d01251e22
b0826c82ae7c1f26581be76f49f165cf5e801dc47376d755b78b819475174ee4
b22b238c613c9bfcf13e8340213b734fea3bd0b9b2fe67648e3ba6decc104e89
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7d4bd2526b598880700227afa451abb3d9527255b0331faa01e5181eea802b2
bbcc769c4704058d89afc024f24dde11deed8ec61b99f1d52ba935fad8614523
c3c7fd42c1cae833f4f4732829cf156ef9064b51df3753e0304e246cf904cc14
c585ae9166b8258f04b1a8fc5bb6cce7acd29a02ca7001d303f4e342b47e2e8f
c636ba07da1373f4c0e7ef915f807b125b1921f03cac429a4805c1cb22750659
ca029fc7a766ab119b6308cdb31a5dda0cb77300f614da79029d44952dd62c36
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620
d67ab36d79bb8103c204c40a9ba0559238b03c7a7f1d7e85b7f98636c4c8ae52
d6e7b4436592223ebcc69d329af9afce74ed8ec34420d677d810387489191d1c
d92c0cb8715f872b995e9166602b68fd389905b7942fe245ce0eaf9ae9743686
db654754e1783f1b2b85dbac3a04d98a1c7aec8f22a42bb6a63d431109a83434
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03
e15b91ebec0ab514c13a5dd312c287431c9613b8d324efdce976ed2f2e0ce439
e16efa41bfebd29e68688d1b7f415679d7171ed10ff42207fdd01615646ff300
e33ae970be40aa98c444160499ffa6c0bdc0e2f043b7cee60058e02fc1aa6f83
ed66519dde07d8e675936a1bce37007e441ebb9d13f822a600d06df22fb12586
f08bd5fd73b03bd498bdea7b974f26bc80a03b26b6efb63e3d856fe324a1e288
f3025cb2afeb54d4dcb1ca02606b0e2e48639ee78a9d55ef4e9a80767351e118
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f8ea3d80dc02793b61a5038753931dfae14c8767d9cf768eb1002d0d87821a85