www.badangelcosmetics.com Open in urlscan Pro
209.17.116.160  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.badangelcosmetics.com/	98 KB 16 KB	1817ms 151ms	Document text/html	209.17.116.160 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://www.badangelcosmetics.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS Software openresty/1.25.3.1 / Resource Hash 638034debc645d8b4ccbc672e106476d6b200417d4bb0d5671ae4a5ec49d1fd2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection "1; mode=block" Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html date Sun, 05 May 2024 09:54:23 GMT etag W/"1861b-61784dd16e85c" last-modified Fri, 03 May 2024 04:07:52 GMT referrer-policy no-referrer-when-downgrade server openresty/1.25.3.1 strict-transport-security max-age=31536000 vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-webcom-cache-status BYPASS x-xss-protection "1; mode=block"
GET H2	200	publish.css static-gcs.edit.site/bundle/publish/0.43.5/	405 KB 59 KB	289ms 214ms	Stylesheet text/css	2606:4700:10::6816:29ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static-gcs.edit.site/bundle/publish/0.43.5/publish.css Requested by Host: www.badangelcosmetics.com URL: https://www.badangelcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:29ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce0f19843667b6385810cf7bf153ca9a38e319ad00b9de9bd4e9b7e3b11535dc Security Headers Name Value Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:23 GMT strict-transport-security max-age=2592000; preload x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding br cf-polished origSize=415593 x-guploader-uploadid ABPtcPpuBqEzVHX-KztERhR-wEsd9BPw2zt8wE_wVTGvLOtkmweerkOB6X02DsGFNUavvzG__SbmjCaLhg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 24 Apr 2024 08:55:33 GMT server cloudflare etag W/"f85d289a8a4ce5a210e8355590c823fa" access-control-max-age 1728000 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type text/css access-control-allow-origin * x-goog-generation 1713948933905600 access-control-expose-headers Content-Length Content-Range cache-control public, max-age=7200, s-maxage=450 access-control-allow-credentials true x-goog-stored-content-length 415593 vary Accept-Encoding x-goog-hash crc32c=HZehEA==, md5=+F0omopM5aIQ6DVVkMgj+g== cf-ray 87efd9510e515d44-FRA access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization expires Sun, 05 May 2024 10:54:23 GMT
GET H2	200	b30221e5-91bb-4247-8782-5accf5c0fbd2.css www.badangelcosmetics.com/styles/	20 KB 4 KB	154ms 153ms	Stylesheet text/css	209.17.116.160 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://www.badangelcosmetics.com/styles/b30221e5-91bb-4247-8782-5accf5c0fbd2.css?v=1714709267000 Requested by Host: www.badangelcosmetics.com URL: https://www.badangelcosmetics.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS Software openresty/1.25.3.1 / Resource Hash da6f8a97bb3c3cdeac606d6f69a1750619d53abf1075d5679fc3a1dc6f325a44 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection "1; mode=block" Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:23 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy no-referrer-when-downgrade last-modified Fri, 03 May 2024 04:07:52 GMT server openresty/1.25.3.1 x-webcom-cache-status BYPASS content-encoding gzip etag W/"51b2-61784dd16f804" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css x-xss-protection "1; mode=block"
GET H2	200	ecommerce.css static-gcs.edit.site/bundle/publish/0.43.5/	275 KB 83 KB	288ms 213ms	Stylesheet text/css	2606:4700:10::6816:29ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static-gcs.edit.site/bundle/publish/0.43.5/ecommerce.css Requested by Host: www.badangelcosmetics.com URL: https://www.badangelcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:29ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8216b92ea1cbe95eda5fa7fb71614894fb1609bd5b7c6ee345fce312033f1a01 Security Headers Name Value Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:23 GMT strict-transport-security max-age=2592000; preload x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding br cf-polished origSize=282636 x-guploader-uploadid ABPtcPomxFN6XEvHcU5aXTJE4r42coJrSoJVDM1TUQfBqCiiX6OiEREPpwsaCbqLSpI_m4IUxIXMIxbBPQ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 24 Apr 2024 08:55:33 GMT server cloudflare etag W/"cf04914b991de25adad34b1ae12c2f08" access-control-max-age 1728000 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type text/css access-control-allow-origin * x-goog-generation 1713948933901142 access-control-expose-headers Content-Length Content-Range cache-control public, max-age=7200, s-maxage=450 access-control-allow-credentials true x-goog-stored-content-length 282636 vary Accept-Encoding x-goog-hash crc32c=2LzJcQ==, md5=zwSRS5kd4lra00sa4SwvCA== cf-ray 87efd9510e4f5d44-FRA access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization expires Sun, 05 May 2024 10:54:23 GMT
GET H2	200	vendors.js Show response static-gcs.edit.site/bundle/publish/0.43.5/	468 KB 135 KB	199ms 148ms	Script application/javascript	2606:4700:10::6816:29ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static-gcs.edit.site/bundle/publish/0.43.5/vendors.js Requested by Host: www.badangelcosmetics.com URL: https://www.badangelcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:29ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 992ace6b89f07efe6997b856c24e1517caff46c75dbafd4b5c0ea1d9ef2fe70d Security Headers Name Value Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:23 GMT strict-transport-security max-age=2592000; preload x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding br cf-polished origSize=479267 x-guploader-uploadid ABPtcPooovznsj46l6ZtXdK_mFT5rim2hug1YZrc0UUJQuWR7TfNHcGSlXVfCKfj3bru-b_48Bfl5OdHwA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 24 Apr 2024 08:55:33 GMT server cloudflare etag W/"8b8d9cf1ca5e9e927d230ebdd5793ca8" access-control-max-age 1728000 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type application/javascript access-control-allow-origin * x-goog-generation 1713948933912729 access-control-expose-headers Content-Length Content-Range cache-control public, max-age=7200, s-maxage=450 access-control-allow-credentials true x-goog-stored-content-length 479267 vary Accept-Encoding x-goog-hash crc32c=xcr70Q==, md5=i42c8cpenpJ9Iw691Xk8qA== cf-ray 87efd9510e575d44-FRA access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization expires Sun, 05 May 2024 10:54:23 GMT
GET H2	200	bundle.js Show response static-gcs.edit.site/bundle/publish/0.43.5/	499 KB 127 KB	265ms 213ms	Script application/javascript	2606:4700:10::6816:29ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static-gcs.edit.site/bundle/publish/0.43.5/bundle.js Requested by Host: www.badangelcosmetics.com URL: https://www.badangelcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:29ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad2d089c6487dfba606a93e0077df954b1cb7de72da36ee6388c345cd50af0d2 Security Headers Name Value Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:23 GMT strict-transport-security max-age=2592000; preload x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding br cf-polished origSize=510974 x-guploader-uploadid ABPtcPodRyPMrnHOmj4VrR-DtBnj-dEEigTlT9POEkzL3p-_zI6ORktBtfqL8t30uiYLa8j3w-pzCyRIQg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 24 Apr 2024 08:55:33 GMT server cloudflare etag W/"149d02eeeaa9d5e0f36a9895556072e2" access-control-max-age 1728000 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type application/javascript access-control-allow-origin * x-goog-generation 1713948933846718 access-control-expose-headers Content-Length Content-Range cache-control public, max-age=7200, s-maxage=450 access-control-allow-credentials true x-goog-stored-content-length 510974 vary Accept-Encoding x-goog-hash crc32c=iVCf6A==, md5=FJ0C7uqp1eDzapiVVWBy4g== cf-ray 87efd9510e545d44-FRA access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization expires Sun, 05 May 2024 10:54:23 GMT
GET H2	200	catamaran-normal-700.woff2 www.badangelcosmetics.com/__fonts/	8 KB 9 KB	182ms 164ms	Font font/woff2	209.17.116.160 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://www.badangelcosmetics.com/__fonts/catamaran-normal-700.woff2 Requested by Host: www.badangelcosmetics.com URL: https://www.badangelcosmetics.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS Software openresty/1.25.3.1 / Resource Hash acf40ded12b0dd3ebdb64990f0a0db37c94603c20430e98802c45a21e2ff28fa Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection "1; mode=block" Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Origin https://www.badangelcosmetics.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:23 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy no-referrer-when-downgrade last-modified Fri, 03 May 2024 04:07:53 GMT server openresty/1.25.3.1 x-webcom-cache-status BYPASS etag "21bc-61784dd2910d8" x-frame-options SAMEORIGIN content-type font/woff2 accept-ranges bytes content-length 8636 x-xss-protection "1; mode=block"
GET H2	200	luckiest-guy-normal-400.woff2 www.badangelcosmetics.com/__fonts/	17 KB 17 KB	294ms 276ms	Font font/woff2	209.17.116.160 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://www.badangelcosmetics.com/__fonts/luckiest-guy-normal-400.woff2 Requested by Host: www.badangelcosmetics.com URL: https://www.badangelcosmetics.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS Software openresty/1.25.3.1 / Resource Hash 3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection "1; mode=block" Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Origin https://www.badangelcosmetics.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:23 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy no-referrer-when-downgrade last-modified Fri, 03 May 2024 04:07:53 GMT server openresty/1.25.3.1 x-webcom-cache-status BYPASS etag "43d0-61784dd2b2bf9" x-frame-options SAMEORIGIN content-type font/woff2 accept-ranges bytes content-length 17360 x-xss-protection "1; mode=block"
GET H2	200	catamaran-normal-600.woff2 www.badangelcosmetics.com/__fonts/	8 KB 9 KB	181ms 163ms	Font font/woff2	209.17.116.160 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://www.badangelcosmetics.com/__fonts/catamaran-normal-600.woff2 Requested by Host: www.badangelcosmetics.com URL: https://www.badangelcosmetics.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS Software openresty/1.25.3.1 / Resource Hash 1ce72cffac3e2ff2937576f12eff975042b99a160b050f2aaa56668b50f884d0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection "1; mode=block" Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Origin https://www.badangelcosmetics.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:23 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy no-referrer-when-downgrade last-modified Fri, 03 May 2024 04:07:53 GMT server openresty/1.25.3.1 x-webcom-cache-status BYPASS etag "2188-61784dd28fd63" x-frame-options SAMEORIGIN content-type font/woff2 accept-ranges bytes content-length 8584 x-xss-protection "1; mode=block"
GET H2	200	catamaran-normal-400.woff2 www.badangelcosmetics.com/__fonts/	8 KB 9 KB	164ms 146ms	Font font/woff2	209.17.116.160 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://www.badangelcosmetics.com/__fonts/catamaran-normal-400.woff2 Requested by Host: www.badangelcosmetics.com URL: https://www.badangelcosmetics.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS Software openresty/1.25.3.1 / Resource Hash 1917d8c1410bf6aff5e45daa01d9ea0a1854cd2b0271e432d73045fa77d932a7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection "1; mode=block" Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Origin https://www.badangelcosmetics.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:23 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy no-referrer-when-downgrade last-modified Fri, 03 May 2024 04:07:53 GMT server openresty/1.25.3.1 x-webcom-cache-status BYPASS etag "2164-61784dd2a0af7" x-frame-options SAMEORIGIN content-type font/woff2 accept-ranges bytes content-length 8548 x-xss-protection "1; mode=block"
GET H3	200	5951.json Show response static-cdn.edit.site/resellers-settings/	1 KB 1 KB	192ms 146ms	Fetch application/json	172.67.13.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static-cdn.edit.site/resellers-settings/5951.json?timestamp=1714902863841 Requested by Host: static-gcs.edit.site URL: https://static-gcs.edit.site/bundle/publish/0.43.5/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.13.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f17f0c74826c88bfe227b4febef29196fbaa6fad5a0ad6e033392ba8203bb87a Security Headers Name Value Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:24 GMT strict-transport-security max-age=2592000; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br age 0 x-guploader-uploadid ABPtcPrA9PkvqlJwnkejGSPktksBUGCV0TNC8KTaydBhd-A0-Gtom2b_IGO9eYPK8BuieCksFWw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Fri, 12 Apr 2024 10:38:13 GMT server cloudflare etag W/"7c8d8037553acea954312ce99291010a" x-goog-hash crc32c=ECiFGg==, md5=fI2AN1U6zqlUMSzpkpEBCg== x-goog-generation 1712918293522405 access-control-allow-origin * content-type application/json cache-control no-cache, no-store, must-revalidate x-goog-stored-content-length 1180 access-control-expose-headers Content-Length,Content-Type,Date,Server,Transfer-Encoding,X-GUploader-UploadID,X-Google-Trace cf-ray 87efd9535e5e9b39-FRA
GET H2	200	9127c5b479af4e07a0881a53d097c70e storage.googleapis.com/production-domaincom-7/177/1800177/CgcFltjL/	80 KB 80 KB	849ms 786ms	Image image/png	2a00:1450:4001:830::201b GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/production-domaincom-7/177/1800177/CgcFltjL/9127c5b479af4e07a0881a53d097c70e Requested by Host: www.badangelcosmetics.com URL: https://www.badangelcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 45d124ad47fcbea86d823d9dbaac0a198a85596c23a4de9ffb431fb7343fbb62 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:24 GMT x-goog-meta-x-builder-filename Capture-removebg-preview.png x-guploader-uploadid ABPtcPpmlSZXSe4NyRWS0l3NzXto8FxrFyllvjxX-1WB61xVtDXQFs8s7MwgahEfuY2p7NF1TPUzR3KCTw x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 81578 last-modified Thu, 02 May 2024 19:11:01 GMT server UploadServer etag "1a40defef1c30c4bc358f0283368dde5" x-goog-generation 1714677061732457 content-type image/png access-control-allow-origin * x-goog-hash crc32c=ktNDig==, md5=GkDe/vHDDEvDWPAoM2jd5Q== access-control-expose-headers Content-Type, Content-Length, x-goog-meta-x-builder-filename, x-goog-resumable cache-control public, max-age=3600 x-goog-stored-content-length 81578 accept-ranges bytes expires Sun, 05 May 2024 10:54:24 GMT
GET H3	200	global.svg Show response static-gcs.edit.site/bundle/publish/0.43.5/svg/	66 KB 24 KB	176ms 131ms	Fetch image/svg+xml	172.67.13.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static-gcs.edit.site/bundle/publish/0.43.5/svg/global.svg Requested by Host: static-gcs.edit.site URL: https://static-gcs.edit.site/bundle/publish/0.43.5/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.13.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60017e44c57dca7aff279c3f11efe53dd165b3f992dc5ca04f2338a109963a1d Security Headers Name Value Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:24 GMT strict-transport-security max-age=2592000; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br x-guploader-uploadid ABPtcPpyT14de92TyVuATe8Sl0lHoSBYMa4Cinvy5qvIs7ro5UAP3pHkF9RvAVcVG1FuRrF-9gkxeGWt3Q x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 08:55:34 GMT server cloudflare etag W/"56129ecca7979fceaf8fb89381c2aa3d" access-control-max-age 1728000 x-goog-generation 1713948934372105 content-type image/svg+xml access-control-allow-origin * x-goog-hash crc32c=FjEYWw==, md5=VhKezKeXn86vj7iTgcKqPQ== access-control-expose-headers Content-Length Content-Range cache-control public, max-age=7200, s-maxage=450 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-goog-stored-content-length 67588 access-control-allow-credentials true cf-ray 87efd9538df8bbaf-FRA access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization vary Accept-Encoding expires Sun, 05 May 2024 10:54:23 GMT
GET H3	200	templates.svg Show response static-gcs.edit.site/bundle/publish/0.43.5/svg/	521 KB 189 KB	231ms 187ms	Fetch image/svg+xml	172.67.13.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static-gcs.edit.site/bundle/publish/0.43.5/svg/templates.svg Requested by Host: static-gcs.edit.site URL: https://static-gcs.edit.site/bundle/publish/0.43.5/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.13.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 868cc09072ef1a890e0a747ad987d538a1fc313d4fe913e04ade1ef8341f5dc0 Security Headers Name Value Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:24 GMT strict-transport-security max-age=2592000; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br x-guploader-uploadid ABPtcPp4zWgpptHBn6sRYEVq_DwcZgBHEfNr7_fvl1C2WVic9JF7W8_J01a8Ef_6sBXLRWeqnNGDvpi0dw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 08:55:34 GMT server cloudflare etag W/"e151279f85f6e622c83951ff76ddc631" access-control-max-age 1728000 x-goog-generation 1713948934443785 content-type image/svg+xml access-control-allow-origin * x-goog-hash crc32c=B73HLw==, md5=4VEnn4X25iLIOVH/dt3GMQ== access-control-expose-headers Content-Length Content-Range cache-control public, max-age=7200, s-maxage=450 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-goog-stored-content-length 533194 access-control-allow-credentials true cf-ray 87efd9538dfcbbaf-FRA access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization vary Accept-Encoding expires Sun, 05 May 2024 10:54:23 GMT
GET H3	200	publish.svg Show response static-gcs.edit.site/bundle/publish/0.43.5/svg/	22 KB 8 KB	160ms 115ms	Fetch image/svg+xml	172.67.13.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static-gcs.edit.site/bundle/publish/0.43.5/svg/publish.svg Requested by Host: static-gcs.edit.site URL: https://static-gcs.edit.site/bundle/publish/0.43.5/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.13.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5085396d0d1d26ddbfb420f47958cb5d37e11d0558fb01dd10c50ddd265cf81e Security Headers Name Value Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:24 GMT strict-transport-security max-age=2592000; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br x-guploader-uploadid ABPtcPoBk6VY4IuMFCC9YcEOAZ24sd_jiJh9XjsCchoEHKsuBU_se5L72V2CW2YdFKXw-vc6fIiWuNIlwQ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 08:55:34 GMT server cloudflare etag W/"0d3ecd7db922660f450f6a59853a3745" access-control-max-age 1728000 x-goog-generation 1713948934360473 content-type image/svg+xml access-control-allow-origin * x-goog-hash crc32c=sP/mYQ==, md5=DT7NfbkiZg9FD2pZhTo3RQ== access-control-expose-headers Content-Length Content-Range cache-control public, max-age=7200, s-maxage=450 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-goog-stored-content-length 22207 access-control-allow-credentials true cf-ray 87efd9538dfebbaf-FRA access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization vary Accept-Encoding expires Sun, 05 May 2024 10:54:23 GMT
GET H3	200	icons.svg Show response rest.edit.site/image-api-service/projects/b30221e5-91bb-4247-8782-5accf5c0fbd2/	32 KB 13 KB	278ms 235ms	Fetch text/html	172.67.13.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rest.edit.site/image-api-service/projects/b30221e5-91bb-4247-8782-5accf5c0fbd2/icons.svg Requested by Host: static-gcs.edit.site URL: https://static-gcs.edit.site/bundle/publish/0.43.5/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.13.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f624f1cf216eb12b6d2fc4f87768be60150a5761c1d02a5e04ee2e2bb7b5dc8f Security Headers Name Value Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:24 GMT strict-transport-security max-age=2592000; preload x-content-type-options nosniff cf-cache-status MISS last-modified Sun, 05 May 2024 09:54:24 GMT server cloudflare content-encoding br vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 cf-ray 87efd9538e829b39-FRA alt-svc h3=":443"; ma=86400
GET H3	200	geoip Show response rest.edit.site/geoip-service/	306 B 557 B	116ms 87ms	Fetch application/json	172.67.13.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rest.edit.site/geoip-service/geoip?sid=sx1o09wq-r1y07865-6y1ljdvl Requested by Host: static-gcs.edit.site URL: https://static-gcs.edit.site/bundle/publish/0.43.5/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.13.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34e7f89ee9270e032f891a49a82335674b95f1e49ba03de8cf6716e56ee6c10a Security Headers Name Value Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:23 GMT strict-transport-security max-age=2592000; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 last-modified Sun, 05 May 2024 09:54:23 GMT server cloudflare access-control-max-age 1728000 access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache access-control-allow-credentials true vary Accept-Encoding cf-ray 87efd9538e819b39-FRA access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
GET H3	200	process rest.edit.site/image-resize/api/	427 KB 427 KB	3416ms 3386ms	Image application/octet-stream	172.67.13.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rest.edit.site/image-resize/api/process?url=https://images.unsplash.com/photo-1520052205864-92d242b3a76b&height=1902.224 Requested by Host: www.badangelcosmetics.com URL: https://www.badangelcosmetics.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.13.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b461bce7e1895fbc4789db15c8e763f534206bca4cf19340b4bff150fc477cd Security Headers Name Value Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:27 GMT strict-transport-security max-age=2592000; preload x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 04 May 2024 01:27:17 GMT server cloudflare vary Accept-Encoding content-type application/octet-stream access-control-allow-origin * access-control-expose-headers Content-Disposition cache-control no-cache, private content-disposition inline; filename=7d2235c5-2485-4093-8d08-3ae446ad955f-resized-photo-1520052205864- cf-ray 87efd9539e651992-FRA alt-svc h3=":443"; ma=86400
GET H3	200	process rest.edit.site/image-resize/api/	37 KB 38 KB	1911ms 1881ms	Image application/octet-stream	172.67.13.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rest.edit.site/image-resize/api/process?url=https://storage.googleapis.com/production-domaincom-7/177/1800177/CgcFltjL/70967314eeeb464d82bd9bb9bf7a7607&height=751.199 Requested by Host: www.badangelcosmetics.com URL: https://www.badangelcosmetics.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.13.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4613b9e47a6303c8b8c94dd3b1b7d826f5c42772293c3a54c010152697033ea Security Headers Name Value Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:25 GMT strict-transport-security max-age=2592000; preload x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 04 May 2024 01:27:16 GMT server cloudflare vary Accept-Encoding content-type application/octet-stream access-control-allow-origin * access-control-expose-headers Content-Disposition cache-control no-cache, private content-disposition inline; filename=15b5ff2b-c662-4a78-b644-9dd76781cd19-resized-70967314eeeb464d82bd cf-ray 87efd9539e611992-FRA alt-svc h3=":443"; ma=86400
GET H3	200	process rest.edit.site/image-resize/api/	176 KB 177 KB	1459ms 1430ms	Image application/octet-stream	172.67.13.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rest.edit.site/image-resize/api/process?url=https://storage.googleapis.com/production-domaincom-7/177/1800177/CgcFltjL/757c4799843f4bdaa4a921a3220418be&height=358.8 Requested by Host: www.badangelcosmetics.com URL: https://www.badangelcosmetics.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.13.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1257a9a0ce8639e2c4b7170cb8846c0b72d901917ab940ea668ecccd29f31a68 Security Headers Name Value Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:25 GMT strict-transport-security max-age=2592000; preload x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 04 May 2024 01:27:16 GMT server cloudflare vary Accept-Encoding content-type application/octet-stream access-control-allow-origin * access-control-expose-headers Content-Disposition cache-control no-cache, private content-disposition inline; filename=e2bb9a53-cfa8-41c0-8f38-fc075302c879-resized-757c4799843f4bdaa4a9 cf-ray 87efd9539e5c1992-FRA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	582 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c886f065f05dc951e34fbed7859196a5c2156882f778ec98b3570b5f2b612730 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	checkout-mfe-loader.js Show response mfe.newfold-addons.io/checkout/	10 KB 4 KB	130ms 57ms	Script application/javascript	2606:4700:4400::6812:2151 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mfe.newfold-addons.io/checkout/checkout-mfe-loader.js Requested by Host: static-gcs.edit.site URL: https://static-gcs.edit.site/bundle/publish/0.43.5/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2151 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 98f77c5ff632ce837e28d7dd165d14b18f7952b15a475aba45362fbd4ff25c43 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Sun, 05 May 2024 09:54:24 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 26 Mar 2024 18:00:00 GMT server cloudflare content-md5 sPqJ13cUH4V6GG5p3OMp9A== age 4469 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id a4bfc126-f01e-000d-6fba-7f861a000000 x-ms-version 2009-09-19 cf-ray 87efd954beb965cd-FRA
GET H2	200	catamaran-normal-500.woff2 www.badangelcosmetics.com/__fonts/	8 KB 8 KB	144ms 144ms	Font font/woff2	209.17.116.160 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://www.badangelcosmetics.com/__fonts/catamaran-normal-500.woff2 Requested by Host: www.badangelcosmetics.com URL: https://www.badangelcosmetics.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS Software openresty/1.25.3.1 / Resource Hash 9d89f618fc2f7b915927988ae44c8afc87b000be6eab2c95969bd6556590824e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection "1; mode=block" Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Origin https://www.badangelcosmetics.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:24 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy no-referrer-when-downgrade last-modified Fri, 03 May 2024 04:07:53 GMT server openresty/1.25.3.1 x-webcom-cache-status BYPASS etag "2078-61784dd2a1a76" x-frame-options SAMEORIGIN content-type font/woff2 accept-ranges bytes content-length 8312 x-xss-protection "1; mode=block"
GET H2	200	cart-functions.js Show response mfe.newfold-addons.io/checkout/	3 KB 842 B	48ms 48ms	Script application/javascript	2606:4700:4400::6812:2151 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mfe.newfold-addons.io/checkout/cart-functions.js Requested by Host: static-gcs.edit.site URL: https://static-gcs.edit.site/bundle/publish/0.43.5/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2151 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a827279f9ab797fb6f572ee2971ceb1f5024be37c884340cbe59843bf091f3ae Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Sun, 05 May 2024 09:54:24 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 26 Mar 2024 18:00:00 GMT server cloudflare content-md5 U1mH2vjuHE6rgAeZniijww== age 4468 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 5fd73bda-801e-002b-66ba-7f1dae000000 x-ms-version 2009-09-19 cf-ray 87efd9552f4e65cd-FRA
GET H2	200	currency Show response app-gateway.builder-svcs.domain.com/storedash/checkout/v3.0/settings/	166 B 903 B	732ms 657ms	Fetch application/json	2606:4700:4400::ac40:9be1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app-gateway.builder-svcs.domain.com/storedash/checkout/v3.0/settings/currency?instanceId=4c402c03-8a25-497b-a288-41aee8d6cc73 Requested by Host: static-gcs.edit.site URL: https://static-gcs.edit.site/bundle/publish/0.43.5/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9be1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce67c3d180181345d3746a103fccde45d2b0924a933bc12c0324c8bebc5f948b Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:24 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare strict-transport-security max-age=2592000 x-builder-tracking-id 7010c439-ce69-0db1-5add-7d82d3014d9e, 7010c439-ce69-0db1-5add-7d82d3014d9e vary Accept-Encoding, Origin content-type application/json; charset=utf-8 access-control-allow-origin https://www.badangelcosmetics.com access-control-expose-headers X-XSRF-TOKEN,X-CSRF-TOKEN,CSRF-TOKEN,X-Pagination-Count,X-Pagination-Page,X-Pagination-Limit,Set-Cookie access-control-allow-credentials true x-nf-tracking-id 0HN35TJJIR8PU:00000001 cf-ray 87efd955efce5d3d-FRA x-builder-tracking-span-id 6655872c3abf4b84b7a5cea750d3c9c2
GET H2	200	favicon-32x32.png www.badangelcosmetics.com/favicons/b30221e5-91bb-4247-8782-5accf5c0fbd2/	1 KB 2 KB	147ms 146ms	Other image/png	209.17.116.160 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://www.badangelcosmetics.com/favicons/b30221e5-91bb-4247-8782-5accf5c0fbd2/favicon-32x32.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS Software openresty/1.25.3.1 / Resource Hash cc6b935e45ffc8bd08a6786ea87dac3f415fd32c9da1cb90b0e2f224d31cf015 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection "1; mode=block" Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.badangelcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 05 May 2024 09:54:27 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy no-referrer-when-downgrade last-modified Fri, 03 May 2024 09:28:29 GMT server openresty/1.25.3.1 x-webcom-cache-status BYPASS etag "4e8-6178957b0d336" x-frame-options SAMEORIGIN content-type image/png accept-ranges bytes content-length 1256 x-xss-protection "1; mode=block"

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __PRELOADED_STATE__ object| webpackChunkpage_render_service function| __VERSION__ function| onloadRecaptchaCallback object| regeneratorRuntime object| StandaloneCheckoutLoader

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.badangelcosmetics.com/	1969-12-31 23:59:59	Name: country Value: DE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-gateway.builder-svcs.domain.com
mfe.newfold-addons.io
rest.edit.site
static-cdn.edit.site
static-gcs.edit.site
storage.googleapis.com
www.badangelcosmetics.com
172.67.13.192
209.17.116.160
2606:4700:10::6816:29ad
2606:4700:4400::6812:2151
2606:4700:4400::ac40:9be1
2a00:1450:4001:830::201b
1257a9a0ce8639e2c4b7170cb8846c0b72d901917ab940ea668ecccd29f31a68
1917d8c1410bf6aff5e45daa01d9ea0a1854cd2b0271e432d73045fa77d932a7
1ce72cffac3e2ff2937576f12eff975042b99a160b050f2aaa56668b50f884d0
34e7f89ee9270e032f891a49a82335674b95f1e49ba03de8cf6716e56ee6c10a
3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a
45d124ad47fcbea86d823d9dbaac0a198a85596c23a4de9ffb431fb7343fbb62
5085396d0d1d26ddbfb420f47958cb5d37e11d0558fb01dd10c50ddd265cf81e
5b461bce7e1895fbc4789db15c8e763f534206bca4cf19340b4bff150fc477cd
60017e44c57dca7aff279c3f11efe53dd165b3f992dc5ca04f2338a109963a1d
638034debc645d8b4ccbc672e106476d6b200417d4bb0d5671ae4a5ec49d1fd2
8216b92ea1cbe95eda5fa7fb71614894fb1609bd5b7c6ee345fce312033f1a01
868cc09072ef1a890e0a747ad987d538a1fc313d4fe913e04ade1ef8341f5dc0
98f77c5ff632ce837e28d7dd165d14b18f7952b15a475aba45362fbd4ff25c43
992ace6b89f07efe6997b856c24e1517caff46c75dbafd4b5c0ea1d9ef2fe70d
9d89f618fc2f7b915927988ae44c8afc87b000be6eab2c95969bd6556590824e
a827279f9ab797fb6f572ee2971ceb1f5024be37c884340cbe59843bf091f3ae
acf40ded12b0dd3ebdb64990f0a0db37c94603c20430e98802c45a21e2ff28fa
ad2d089c6487dfba606a93e0077df954b1cb7de72da36ee6388c345cd50af0d2
b4613b9e47a6303c8b8c94dd3b1b7d826f5c42772293c3a54c010152697033ea
c886f065f05dc951e34fbed7859196a5c2156882f778ec98b3570b5f2b612730
cc6b935e45ffc8bd08a6786ea87dac3f415fd32c9da1cb90b0e2f224d31cf015
ce0f19843667b6385810cf7bf153ca9a38e319ad00b9de9bd4e9b7e3b11535dc
ce67c3d180181345d3746a103fccde45d2b0924a933bc12c0324c8bebc5f948b
da6f8a97bb3c3cdeac606d6f69a1750619d53abf1075d5679fc3a1dc6f325a44
f17f0c74826c88bfe227b4febef29196fbaa6fad5a0ad6e033392ba8203bb87a
f624f1cf216eb12b6d2fc4f87768be60150a5761c1d02a5e04ee2e2bb7b5dc8f