urlscan.io logo urlscan.io
SecurityTrails logo

shop.truaurabeauty.com Open in urlscan Pro
104.131.100.45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://shop.truaurabeauty.com/#/resetCustomerPassword/9486/WjFdcktK9lEWtTivrLlHoEidRhVcT1HHITWMQTv0ThCgJrqjfhxyLATUXXySgprzkre...
Effective URL: https://shop.truaurabeauty.com/
Submission: On March 23 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 22 HTTP transactions. The main IP is 104.131.100.45, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is shop.truaurabeauty.com.
TLS certificate: Issued by R3 on March 21st 2023. Valid for: 3 months.
This is the only time shop.truaurabeauty.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 104.131.100.45 14061 (DIGITALOC...)
8 134.209.173.129 14061 (DIGITALOC...)
2 65.117.226.180 209 (CENTURYLI...)
4 2a00:1450:400... 15169 (GOOGLE)
22 4
Domain Requested by
8 webapi.bydesign.com shop.truaurabeauty.com
8 shop.truaurabeauty.com shop.truaurabeauty.com
4 fonts.gstatic.com shop.truaurabeauty.com
2 extranet.bydesign.com
22 4
Subject Issuer Validity Valid
shop.truaurabeauty.com
R3		 2023-03-21 -
2023-06-19		 3 months crt.sh
webapi.bydesign.com
R3		 2023-01-11 -
2023-04-11		 3 months crt.sh
*.bydesign.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-14 -
2023-04-18		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://shop.truaurabeauty.com/
Frame ID: 2DE45E8799C986113FC655371C9D79A0
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:div|html)[^>]+ng-app=
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

22
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

1231 kB
Transfer

4311 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shop.truaurabeauty.com/ 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shop.truaurabeauty.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.131.100.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cef0b8593a7ef604503f7ff11acb24c911fc5ad61f53574ba519cd1c9c4205fd
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
1370
Content-Security-Policy
default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Mar 2023 18:42:10 GMT
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Vary
Accept-Encoding
compiledStylesheet1.css
shop.truaurabeauty.com/css/ 		670 KB
92 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.truaurabeauty.com/css/compiledStylesheet1.css?v=2.0.875.35
Requested by
Host: shop.truaurabeauty.com
URL: https://shop.truaurabeauty.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.131.100.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
eaeaa280366db5a30ff7880225ad03d47456574ee96d7abc21a77e5c61775551
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shop.truaurabeauty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 18:42:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Last-Modified
Tue, 21 Mar 2023 13:33:46 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"a78b2-5f76917c58280-gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
compiledStylesheet2.css
shop.truaurabeauty.com/css/ 		505 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.truaurabeauty.com/css/compiledStylesheet2.css?v=2.0.875.35
Requested by
Host: shop.truaurabeauty.com
URL: https://shop.truaurabeauty.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.131.100.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a8c653cce3b124d17cca4532d119140a24d65febd83e644436ada11c817b96b7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shop.truaurabeauty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 18:42:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Last-Modified
Tue, 21 Mar 2023 13:33:46 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"7e5b3-5f76917c58280-gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
appcompiledpart1.js
shop.truaurabeauty.com/js/ 		1 MB
430 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.truaurabeauty.com/js/appcompiledpart1.js?v=2.0.875.35
Requested by
Host: shop.truaurabeauty.com
URL: https://shop.truaurabeauty.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.131.100.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d710d3634bb6bc8b279ceaa51f38a37e9511ae86ded24c06afbc92e76921040b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shop.truaurabeauty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 18:42:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Last-Modified
Tue, 21 Mar 2023 13:33:46 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"17b821-5f76917c58280-gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
appSettings.js
shop.truaurabeauty.com/js/ 		541 B
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.truaurabeauty.com/js/appSettings.js?v=2.0.875.35
Requested by
Host: shop.truaurabeauty.com
URL: https://shop.truaurabeauty.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.131.100.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
90c0d6d040d6afefadcb2f39fb8da366e23f890e54220fe31db4e57049cf5f69
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shop.truaurabeauty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 18:42:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Last-Modified
Tue, 21 Mar 2023 17:42:03 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"21d-5f76c8fb94f6a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
267
appcompiledpart2.js
shop.truaurabeauty.com/js/ 		802 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.truaurabeauty.com/js/appcompiledpart2.js?v=2.0.875.35
Requested by
Host: shop.truaurabeauty.com
URL: https://shop.truaurabeauty.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.131.100.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6e74b53f4aaa78adc7827290895e118241b4c936e8c3cd612007d965bdc9a331
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shop.truaurabeauty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 18:42:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Last-Modified
Tue, 21 Mar 2023 13:33:46 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"c8903-5f76917c58280-gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Translation
webapi.bydesign.com/truaurabeauty/api/Admin/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://webapi.bydesign.com/truaurabeauty/api/Admin/Translation?lang=en-us&localeID=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.209.173.129 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security "max-age=16000000;includeSubDomains;preload;"

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,pragma
Access-Control-Request-Method
GET
Origin
https://shop.truaurabeauty.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
cache-control,pragma
Access-Control-Allow-Origin
https://shop.truaurabeauty.com
Connection
keep-alive
Content-Length
0
Date
Thu, 23 Mar 2023 18:42:12 GMT
Server
nginx/1.10.3 (Ubuntu)
Server-Name
backoffice01
Strict-Transport-Security
"max-age=16000000;includeSubDomains;preload;"
X-Powered-By
ASP.NET
validatePasswordResetKey
webapi.bydesign.com/truaurabeauty/api/users/customer/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://webapi.bydesign.com/truaurabeauty/api/users/customer/validatePasswordResetKey
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.209.173.129 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security "max-age=16000000;includeSubDomains;preload;"

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://shop.truaurabeauty.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Origin
https://shop.truaurabeauty.com
Connection
keep-alive
Content-Length
0
Date
Thu, 23 Mar 2023 18:42:12 GMT
Server
nginx/1.10.3 (Ubuntu)
Server-Name
backoffice11
Strict-Transport-Security
"max-age=16000000;includeSubDomains;preload;"
X-Powered-By
ASP.NET
Locale
webapi.bydesign.com/truaurabeauty/api/Admin/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://webapi.bydesign.com/truaurabeauty/api/Admin/Locale?languageKey=en-us
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.209.173.129 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security "max-age=16000000;includeSubDomains;preload;"

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,pragma
Access-Control-Request-Method
GET
Origin
https://shop.truaurabeauty.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
cache-control,pragma
Access-Control-Allow-Origin
https://shop.truaurabeauty.com
Connection
keep-alive
Content-Length
0
Date
Thu, 23 Mar 2023 18:42:12 GMT
Server
nginx/1.10.3 (Ubuntu)
Server-Name
backoffice17
Strict-Transport-Security
"max-age=16000000;includeSubDomains;preload;"
X-Powered-By
ASP.NET
Translation
webapi.bydesign.com/truaurabeauty/api/Admin/ 		51 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://webapi.bydesign.com/truaurabeauty/api/Admin/Translation?lang=en-us&localeID=1
Requested by
Host: shop.truaurabeauty.com
URL: https://shop.truaurabeauty.com/js/appcompiledpart1.js?v=2.0.875.35
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.209.173.129 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / ASP.NET
Resource Hash
f8bb51d850840e9de5b9b69b5672f5e8051a40ebe77fad81c20627c42b678b3d
Security Headers
Name Value
Strict-Transport-Security "max-age=16000000;includeSubDomains;preload;"

Request headers

Accept
application/json, text/plain, */*
Pragma
no-cache
Cache-Control
no-cache
Referer
https://shop.truaurabeauty.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 18:42:12 GMT
Strict-Transport-Security
"max-age=16000000;includeSubDomains;preload;"
Server
nginx/1.10.3 (Ubuntu)
X-Powered-By
ASP.NET
X-Cache-Status
HIT
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Allow-Credentials
true
Server-Name
backoffice17
Connection
keep-alive
Content-Length
52478
validatePasswordResetKey
webapi.bydesign.com/truaurabeauty/api/users/customer/ 		21 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webapi.bydesign.com/truaurabeauty/api/users/customer/validatePasswordResetKey
Requested by
Host: shop.truaurabeauty.com
URL: https://shop.truaurabeauty.com/js/appcompiledpart1.js?v=2.0.875.35
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.209.173.129 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / ASP.NET
Resource Hash
3b43057fc02d6aefb3c2e0311585bac095d6bbc677209eb529a665aebb111559
Security Headers
Name Value
Strict-Transport-Security "max-age=16000000;includeSubDomains;preload;"

Request headers

Accept
application/json, text/plain, */*
Referer
https://shop.truaurabeauty.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Thu, 23 Mar 2023 18:42:12 GMT
Strict-Transport-Security
"max-age=16000000;includeSubDomains;preload;"
Server
nginx/1.10.3 (Ubuntu)
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Allow-Credentials
true
Server-Name
backoffice11
Connection
keep-alive
Content-Length
21
angular-locale_en-us.js
shop.truaurabeauty.com/angular/i18n/ 		3 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.truaurabeauty.com/angular/i18n/angular-locale_en-us.js
Requested by
Host: shop.truaurabeauty.com
URL: https://shop.truaurabeauty.com/js/appcompiledpart1.js?v=2.0.875.35
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.131.100.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
36f3de8125c18db4731b41f5403f2a7b9ac09fd6ed2ae40d4045f03a8cdd7a86
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shop.truaurabeauty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 18:42:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Last-Modified
Tue, 21 Mar 2023 13:33:44 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"b27-5f76917a6fe00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
973
Locale
webapi.bydesign.com/truaurabeauty/api/Admin/ 		693 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://webapi.bydesign.com/truaurabeauty/api/Admin/Locale?languageKey=en-us
Requested by
Host: shop.truaurabeauty.com
URL: https://shop.truaurabeauty.com/js/appcompiledpart1.js?v=2.0.875.35
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.209.173.129 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / ASP.NET
Resource Hash
1ac9682aa6b44a44e67fc8a9df9736df42c2f0dc03f146fe5a4837984fbc9deb
Security Headers
Name Value
Strict-Transport-Security "max-age=16000000;includeSubDomains;preload;"

Request headers

Accept
application/json, text/plain, */*
Pragma
no-cache
Cache-Control
no-cache
Referer
https://shop.truaurabeauty.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 18:42:12 GMT
Strict-Transport-Security
"max-age=16000000;includeSubDomains;preload;"
Server
nginx/1.10.3 (Ubuntu)
X-Powered-By
ASP.NET
X-Cache-Status
EXPIRED
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Allow-Credentials
true
Server-Name
backoffice17
Connection
keep-alive
Content-Length
693
logo-cart.png
extranet.bydesign.com/truaurabeauty/Personal/Header/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranet.bydesign.com/truaurabeauty/Personal/Header/logo-cart.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.117.226.180 Miami, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
00885d3f7620b1efb8546976e4cb9b6e98986f43b3df3856ddb4bc0d49cde099
Security Headers
Name Value
Strict-Transport-Security "max-age=16000000;includeSubDomains;preload;"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shop.truaurabeauty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 18:42:11 GMT
Strict-Transport-Security
"max-age=16000000;includeSubDomains;preload;"
Last-Modified
Mon, 13 Mar 2023 20:17:02 GMT
Server
Microsoft-IIS/8.5
ETag
"03398c5e855d91:0"
X-Powered-By
ASP.NET
Content-Type
image/png
P3P
policyref="https://www.securefreedom.com/w3c/p3p.xml", CP="NON CURa ADMa DEVa TAIa IVAa IVDa OUR NOR UNI"
Cache-control
private
Server-Name
extranet-03
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
70780
truaura-logo.png
extranet.bydesign.com/truaurabeauty/Personal/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranet.bydesign.com/truaurabeauty/Personal/images/truaura-logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.117.226.180 Miami, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3d33906d02d4ff51cc09001212fb6460d33d8947446271d74d484c42711dd262
Security Headers
Name Value
Strict-Transport-Security "max-age=16000000;includeSubDomains;preload;"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shop.truaurabeauty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 18:42:11 GMT
Strict-Transport-Security
"max-age=16000000;includeSubDomains;preload;"
Last-Modified
Mon, 13 Mar 2023 20:17:02 GMT
Server
Microsoft-IIS/8.5
ETag
"03398c5e855d91:0"
X-Powered-By
ASP.NET
Content-Type
image/png
P3P
policyref="https://www.securefreedom.com/w3c/p3p.xml", CP="NON CURa ADMa DEVa TAIa IVAa IVDa OUR NOR UNI"
Cache-control
private
Server-Name
extranet-02
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
10635
active
webapi.bydesign.com/truaurabeauty/api/admin/passwordregextype/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://webapi.bydesign.com/truaurabeauty/api/admin/passwordregextype/active
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.209.173.129 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security "max-age=16000000;includeSubDomains;preload;"

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,pragma
Access-Control-Request-Method
GET
Origin
https://shop.truaurabeauty.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
cache-control,pragma
Access-Control-Allow-Origin
https://shop.truaurabeauty.com
Connection
keep-alive
Content-Length
0
Date
Thu, 23 Mar 2023 18:42:12 GMT
Server
nginx/1.10.3 (Ubuntu)
Server-Name
backoffice11
Strict-Transport-Security
"max-age=16000000;includeSubDomains;preload;"
X-Powered-By
ASP.NET
active
webapi.bydesign.com/truaurabeauty/api/admin/passwordregextype/ 		266 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webapi.bydesign.com/truaurabeauty/api/admin/passwordregextype/active
Requested by
Host: shop.truaurabeauty.com
URL: https://shop.truaurabeauty.com/js/appcompiledpart1.js?v=2.0.875.35
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.209.173.129 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / ASP.NET
Resource Hash
b5a598466aa4a709b254ff19d1685534a7889cfa34fb47cc91534b498573c658
Security Headers
Name Value
Strict-Transport-Security "max-age=16000000;includeSubDomains;preload;"

Request headers

Accept
application/json, text/plain, */*
Pragma
no-cache
Cache-Control
no-cache
Referer
https://shop.truaurabeauty.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 18:42:12 GMT
Strict-Transport-Security
"max-age=16000000;includeSubDomains;preload;"
Server
nginx/1.10.3 (Ubuntu)
X-Powered-By
ASP.NET
X-Cache-Status
BYPASS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Allow-Credentials
true
Server-Name
backoffice17
Connection
keep-alive
Content-Length
266
pxiEyp8kv8JHgFVrFJA.ttf
fonts.gstatic.com/s/poppins/v20/ 		151 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrFJA.ttf
Requested by
Host: shop.truaurabeauty.com
URL: https://shop.truaurabeauty.com/css/compiledStylesheet2.css?v=2.0.875.35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdedb1729acac414ed01744a11da7badb86adf13108e7bd3fa161b9323f7fe54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shop.truaurabeauty.com/
Origin
https://shop.truaurabeauty.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69472
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:04:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Mar 2024 13:00:35 GMT
pxiByp8kv8JHgFVrLCz7V1s.ttf
fonts.gstatic.com/s/poppins/v20/ 		147 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7V1s.ttf
Requested by
Host: shop.truaurabeauty.com
URL: https://shop.truaurabeauty.com/css/compiledStylesheet2.css?v=2.0.875.35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1984efdda0fbe207d7ac20feac2ba7c2768c92a90094b02a206c9d58cc30ff2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shop.truaurabeauty.com/
Origin
https://shop.truaurabeauty.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68564
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Mar 2024 13:00:35 GMT
pxiByp8kv8JHgFVrLGT9V1s.ttf
fonts.gstatic.com/s/poppins/v20/ 		149 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9V1s.ttf
Requested by
Host: shop.truaurabeauty.com
URL: https://shop.truaurabeauty.com/css/compiledStylesheet2.css?v=2.0.875.35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcff04f4bec2b3636f05ed894dc1f9a752c4cb587ee49857ec7a82abaf6ca016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shop.truaurabeauty.com/
Origin
https://shop.truaurabeauty.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68742
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:10:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:40 GMT
fa-brands-400.woff2
shop.truaurabeauty.com/fonts/fontawesome5/webfonts/ 		77 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shop.truaurabeauty.com/fonts/fontawesome5/webfonts/fa-brands-400.woff2
Requested by
Host: shop.truaurabeauty.com
URL: https://shop.truaurabeauty.com/css/compiledStylesheet1.css?v=2.0.875.35
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.131.100.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://shop.truaurabeauty.com/css/compiledStylesheet1.css?v=2.0.875.35
Origin
https://shop.truaurabeauty.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 18:42:12 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Security-Policy
default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Last-Modified
Tue, 21 Mar 2023 13:33:48 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"13288-5f76917e40700"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
78472
pxiByp8kv8JHgFVrLDz8V1s.ttf
fonts.gstatic.com/s/poppins/v20/ 		153 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8V1s.ttf
Requested by
Host: shop.truaurabeauty.com
URL: https://shop.truaurabeauty.com/css/compiledStylesheet2.css?v=2.0.875.35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da1b33b82f5fb047fc50970643e66a09c28787013b0c7f2b771e5465f9ee6b9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shop.truaurabeauty.com/
Origin
https://shop.truaurabeauty.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69412
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:15:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:40 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| gtag function| fbq undefined| url undefined| pos undefined| urlRoot undefined| newUrl function| isDefined function| isUndefined function| isNumber function| isObject function| isArray function| extend function| toJson object| mod function| addQuantity function| subtractQuantity object| ByDesignJSCart function| $ function| jQuery function| moment object| angular object| ngMaterial object| kendo string| serviceBase

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.googleapis.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com https://player.vimeo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com https://*.googletagmanager.com http://localhost:* ; object-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.googleapis.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; style-src 'self' 'unsafe-inline' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; img-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://i.vimeocdn.com ; media-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.gstatic.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; frame-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* https://*.youtube.com https://player.vimeo.com ; font-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ; connect-src 'self' https://*.securefreedom.com https://*.doubleclick.net https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.twimg.com https://*.bydesign.com https://*.amazonaws.com https://*.cloudfront.net https://*.twitter.com https://*.addthis.com http://localhost:* ;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

extranet.bydesign.com
fonts.gstatic.com
shop.truaurabeauty.com
webapi.bydesign.com
104.131.100.45
134.209.173.129
2a00:1450:4001:80f::2003
65.117.226.180
00885d3f7620b1efb8546976e4cb9b6e98986f43b3df3856ddb4bc0d49cde099
1984efdda0fbe207d7ac20feac2ba7c2768c92a90094b02a206c9d58cc30ff2e
1ac9682aa6b44a44e67fc8a9df9736df42c2f0dc03f146fe5a4837984fbc9deb
36f3de8125c18db4731b41f5403f2a7b9ac09fd6ed2ae40d4045f03a8cdd7a86
3b43057fc02d6aefb3c2e0311585bac095d6bbc677209eb529a665aebb111559
3d33906d02d4ff51cc09001212fb6460d33d8947446271d74d484c42711dd262
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794
6e74b53f4aaa78adc7827290895e118241b4c936e8c3cd612007d965bdc9a331
90c0d6d040d6afefadcb2f39fb8da366e23f890e54220fe31db4e57049cf5f69
a8c653cce3b124d17cca4532d119140a24d65febd83e644436ada11c817b96b7
b5a598466aa4a709b254ff19d1685534a7889cfa34fb47cc91534b498573c658
cdedb1729acac414ed01744a11da7badb86adf13108e7bd3fa161b9323f7fe54
cef0b8593a7ef604503f7ff11acb24c911fc5ad61f53574ba519cd1c9c4205fd
d710d3634bb6bc8b279ceaa51f38a37e9511ae86ded24c06afbc92e76921040b
da1b33b82f5fb047fc50970643e66a09c28787013b0c7f2b771e5465f9ee6b9e
eaeaa280366db5a30ff7880225ad03d47456574ee96d7abc21a77e5c61775551
f8bb51d850840e9de5b9b69b5672f5e8051a40ebe77fad81c20627c42b678b3d
fcff04f4bec2b3636f05ed894dc1f9a752c4cb587ee49857ec7a82abaf6ca016