www.ath.beauty Open in urlscan Pro
162.55.242.139 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ath.beauty/
Submission: On June 28 via api (June 28th 2024, 2:00:46 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 15 HTTP transactions. The main IP is 162.55.242.139, located in Mammelzen, Germany and belongs to HETZNER-AS, DE. The main domain is www.ath.beauty.
TLS certificate: Issued by R11 on June 7th 2024. Valid for: 3 months.

This is the only time www.ath.beauty was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	162.55.242.139 162.55.242.139	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2400:52e0:1e0... 2400:52e0:1e00::1079:1	60068 (CDN77 _) (CDN77 _)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
15	5

10 162.55.242.139 (Mammelzen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mars.fireserver.org

www.ath.beauty	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1079:1 (Germany) 1 redirects

ASN60068 (CDN77 _, GB)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	ath.beauty www.ath.beauty	1 MB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	25 KB
1	gstatic.com fonts.gstatic.com	50 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	33 KB
1	rawgit.com 1 redirects cdn.rawgit.com — Cisco Umbrella Rank: 16038	724 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	894 B
15	6

	Domain	Requested by
10	www.ath.beauty	www.ath.beauty
2	cdn.jsdelivr.net	www.ath.beauty
1	fonts.gstatic.com	fonts.googleapis.com
1	cdnjs.cloudflare.com	www.ath.beauty
1	cdn.rawgit.com	1 redirects
1	fonts.googleapis.com	www.ath.beauty
15	6

This site contains no links.

Subject Issuer	Validity	Valid
*.ath.beauty R11	`2024-06-07` - `2024-09-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.ath.beauty/
Frame ID: 8E478303DFD406648F916ED6DDD28B5A
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Happy Birthday Amy :)

Detected technologies

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

15
Requests

93 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

1247 kB
Transfer

1504 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://cdn.rawgit.com/bungfrangki/efeksalju/2a7805c7/efek-salju.js HTTP 301
https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju.js

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ath.beauty/ 7 KB
2 KB 340ms
40ms Document
text/html 162.55.242.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ath.beauty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.242.139 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mars.fireserver.org
Software: /
Resource Hash: ca1b7b9949802e03b604f7f38eb2e6991218b957b0bedd3f036c86c74234de7a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 2058
content-type: text/html
date: Fri, 28 Jun 2024 14:00:41 GMT
last-modified: Thu, 07 Dec 2023 14:38:27 GMT
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 2 KB
894 B 140ms
49ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:300,400

Requested by

Host: www.ath.beauty
URL: https://www.ath.beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

358ac683e58cf75f78f6034d6f593a46b1bd0978d38b7927f496627d517cdbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.ath.beauty/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jun 2024 14:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 14:00:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jun 2024 14:00:42 GMT

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 75 KB
20 KB 147ms
52ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: www.ath.beauty
URL: https://www.ath.beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b066de0f1a7b99dcca419faf9ebf518eff1f7e7d2759118d4c2752753f95e18e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.ath.beauty/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 14:00:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8834
x-jsd-version: 11.12.1
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19512
x-served-by: cache-fra-eddf8230029-FRA, cache-lga21935-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"12ced-PEhORHsXV0o2gWzEKFNPIfzoD6A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iz39295H3aVffWShSMG2usGNXQ6MloN11mktH%2FaBIZfcug4Ys9pc3oGQub1M0jSRTPZLol%2Bt4e7Pbzx%2BkLs92WJ1bBbw%2BMY%2BIjZLaLD087THDdoQWqMkKH6Zaeo9IMHVtqvgG36hrE41q8DI1GE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89ae345f4bf537f2-FRA

GET
H2 200 main.css
www.ath.beauty/styles/ 5 KB
1 KB 43ms
40ms Stylesheet
text/css 162.55.242.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ath.beauty/styles/main.css
Requested by: Host: www.ath.beauty
URL: https://www.ath.beauty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.242.139 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mars.fireserver.org
Software: /
Resource Hash: f1358141d49ea1bb81c3f112cbff08893610a5f585caaf82606d566bde73b61b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.ath.beauty/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 14:00:41 GMT
content-encoding: br
last-modified: Thu, 07 Dec 2023 09:02:45 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1227
expires: Fri, 05 Jul 2024 14:00:41 GMT

GET
H2

200

efek-salju.js Show response
cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/
Redirect Chain

https://cdn.rawgit.com/bungfrangki/efeksalju/2a7805c7/efek-salju.js
https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju.js

16 KB
5 KB

55ms
53ms

Script
application/javascript

2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju.js

Requested by

Host: www.ath.beauty
URL: https://www.ath.beauty/

Protocol

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5ed77faf29839c9d46e57e4b4a39b84edc143818579a7e0db1f61f9c58f084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.ath.beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 28 Jun 2024 14:00:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3546
x-jsd-version: 2a7805c7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5043
x-served-by: cache-fra-etou8220143-FRA, cache-lga21937-LGA
x-jsd-version-type: branch
server: cloudflare
etag: W/"3e74-+UH++c/vmoJn5o/iit08ZPyZab0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2ByHqIYOMlALxyp8XjJemGR7hk%2F7%2FAJS3wDk%2FCvf6jjHJU%2BuQHG%2BgGDU2vNGXCI8JVIZAS722buZYeOfUKAHEmFhhhvY%2FWWOv09ug5TLgGsY8RRqyxcWvm1r9ulwJ6xUUZUaBGY2CCe22qmh1YSM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89ae34604d7237f2-FRA

Redirect headers

date: Fri, 28 Jun 2024 14:00:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 1079
age: 36467
x-cache: MISS, HIT
cdn-cachedat: 06/28/2024 14:00:42
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 106
x-served-by: cache-fra-etou8220065-FRA, cache-chi-kigq8000162-CHI
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 301
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju.js
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers: *
cache-control: public, max-age=2592000
cdn-cache: EXPIRED
cdn-requestid: 286bd6306471ecd1f059972da9b39563
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 IMG_2403.jpg
www.ath.beauty/img/ 800 KB
800 KB 43ms
42ms Image
image/jpeg 162.55.242.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ath.beauty/img/IMG_2403.jpg
Requested by: Host: www.ath.beauty
URL: https://www.ath.beauty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.242.139 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mars.fireserver.org
Software: /
Resource Hash: d24988727f39d9e85431e77b9f55072dd69f801d1cce10cb17080923960e7931

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.ath.beauty/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/jpeg
date: Fri, 28 Jun 2024 14:00:41 GMT
cache-control: public, max-age=604800
last-modified: Thu, 07 Dec 2023 07:39:04 GMT
accept-ranges: bytes
content-length: 819052
expires: Fri, 05 Jul 2024 14:00:41 GMT

GET
H2 200 ballon2.svg
www.ath.beauty/img/ 1 KB
642 B 43ms
42ms Image
image/svg+xml 162.55.242.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ath.beauty/img/ballon2.svg
Requested by: Host: www.ath.beauty
URL: https://www.ath.beauty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.242.139 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mars.fireserver.org
Software: /
Resource Hash: 2e103171b6fc95c184ea8b90db1fdcf0f6427bab36ecc0934948426d3f793e8b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.ath.beauty/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 14:00:41 GMT
content-encoding: br
last-modified: Wed, 31 Aug 2022 00:28:53 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 575
expires: Fri, 05 Jul 2024 14:00:41 GMT

GET
H2 200 ballon1.svg
www.ath.beauty/img/ 1 KB
582 B 117ms
117ms Image
image/svg+xml 162.55.242.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ath.beauty/img/ballon1.svg
Requested by: Host: www.ath.beauty
URL: https://www.ath.beauty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.242.139 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mars.fireserver.org
Software: /
Resource Hash: a97e80831b92cc542ca6eba7ae373af206ee4f108fde5681fbbec74a166efcfb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.ath.beauty/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 14:00:41 GMT
content-encoding: br
last-modified: Wed, 31 Aug 2022 00:28:53 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 550
expires: Fri, 05 Jul 2024 14:00:41 GMT

GET
H3 200 ballon3.svg
www.ath.beauty/img/ 1 KB
795 B 42ms
41ms Image
image/svg+xml 162.55.242.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ath.beauty/img/ballon3.svg
Requested by: Host: www.ath.beauty
URL: https://www.ath.beauty/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.55.242.139 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mars.fireserver.org
Software: /
Resource Hash: 34ab1f95fdf0a047fdbf296b8e79df26cce4cf0a1e60309c7f1524d1fb667018

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.ath.beauty/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 14:00:41 GMT
content-encoding: br
last-modified: Wed, 31 Aug 2022 00:28:53 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 519
expires: Fri, 05 Jul 2024 14:00:41 GMT

GET
H3 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.3/ 112 KB
33 KB 217ms
167ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.3/TweenMax.min.js

Requested by

Host: www.ath.beauty
URL: https://www.ath.beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb58e1784321d9201089afb299ee54bc723bf32145f50816f1a1f96060fc3150

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.ath.beauty/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 14:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1161011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33383
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c0ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IqZway1%2BbQ%2FvsjkoixxXolLME21%2FUK1t87cr8m76Sc9L8h5nT8JE%2B%2FmEh3Am8DJ87phUjxJ7Kyf9CLvlwW%2FpdsfGiUD0tCtpBCXw5Jazd27kWUARnyKyo8BZM9DEkiJdH5b2cyA%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89ae34610ec71e33-FRA
expires: Wed, 18 Jun 2025 14:00:42 GMT

GET
H3 200 main.js Show response
www.ath.beauty/script/ 6 KB
2 KB 41ms
41ms Script
application/javascript 162.55.242.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ath.beauty/script/main.js
Requested by: Host: www.ath.beauty
URL: https://www.ath.beauty/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.55.242.139 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mars.fireserver.org
Software: /
Resource Hash: 4704b058fb9beeaf28cf12280b4746dc23b2f5610348a05810a8ad0737513130

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.ath.beauty/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 14:00:41 GMT
content-encoding: br
last-modified: Thu, 07 Dec 2023 07:15:19 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1583
expires: Fri, 05 Jul 2024 14:00:41 GMT

GET
H3 200 bg.png
www.ath.beauty/img/ 321 KB
321 KB 41ms
41ms Image
image/png 162.55.242.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ath.beauty/img/bg.png
Requested by: Host: www.ath.beauty
URL: https://www.ath.beauty/styles/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.55.242.139 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mars.fireserver.org
Software: /
Resource Hash: 9135f4912986afa5617a90326587b4065c015a57fe99f82ccd9f029395e70a55

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.ath.beauty/styles/main.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/png
date: Fri, 28 Jun 2024 14:00:41 GMT
cache-control: public, max-age=604800
last-modified: Wed, 31 Aug 2022 00:28:53 GMT
accept-ranges: bytes
content-length: 328203
expires: Fri, 05 Jul 2024 14:00:41 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 49 KB
50 KB 130ms
41ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.ath.beauty
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 15:06:08 GMT
x-content-type-options: nosniff
age: 255274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50668
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:13:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 15:06:08 GMT

GET
H3 206 Minsu.mp3
www.ath.beauty/music/ 98 KB
0 45ms
44ms Media
audio/mpeg 162.55.242.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ath.beauty/music/Minsu.mp3
Requested by: Host: www.ath.beauty
URL: https://www.ath.beauty/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.55.242.139 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mars.fireserver.org
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.ath.beauty/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Content-Range: bytes 0-4397228/4397229
date: Fri, 28 Jun 2024 14:00:41 GMT
last-modified: Thu, 07 Dec 2023 06:45:58 GMT
Content-Length: 4397229
content-type: audio/mpeg

GET
H3 200 favicon.png
www.ath.beauty/img/ 10 KB
10 KB 41ms
40ms Other
image/png 162.55.242.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ath.beauty/img/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.55.242.139 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mars.fireserver.org
Software: /
Resource Hash: ad8d2969a6c7c35944dea1c868c5631c5500a5c540b5f7de55542e311827337c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.ath.beauty/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/png
date: Fri, 28 Jun 2024 14:00:41 GMT
cache-control: public, max-age=604800
last-modified: Wed, 31 Aug 2022 00:28:53 GMT
accept-ranges: bytes
content-length: 10240
expires: Fri, 05 Jul 2024 14:00:41 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.rawgit.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
www.ath.beauty
104.17.24.14
162.55.242.139
2400:52e0:1e00::1079:1
2606:4700::6812:ba1f
2a00:1450:4001:80e::2003
2a00:1450:4001:829::200a
2e103171b6fc95c184ea8b90db1fdcf0f6427bab36ecc0934948426d3f793e8b
2f5ed77faf29839c9d46e57e4b4a39b84edc143818579a7e0db1f61f9c58f084
34ab1f95fdf0a047fdbf296b8e79df26cce4cf0a1e60309c7f1524d1fb667018
358ac683e58cf75f78f6034d6f593a46b1bd0978d38b7927f496627d517cdbf5
4704b058fb9beeaf28cf12280b4746dc23b2f5610348a05810a8ad0737513130
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
9135f4912986afa5617a90326587b4065c015a57fe99f82ccd9f029395e70a55
a97e80831b92cc542ca6eba7ae373af206ee4f108fde5681fbbec74a166efcfb
ad8d2969a6c7c35944dea1c868c5631c5500a5c540b5f7de55542e311827337c
b066de0f1a7b99dcca419faf9ebf518eff1f7e7d2759118d4c2752753f95e18e
bb58e1784321d9201089afb299ee54bc723bf32145f50816f1a1f96060fc3150
ca1b7b9949802e03b604f7f38eb2e6991218b957b0bedd3f036c86c74234de7a
d24988727f39d9e85431e77b9f55072dd69f801d1cce10cb17080923960e7931
f1358141d49ea1bb81c3f112cbff08893610a5f585caaf82606d566bde73b61b

www.ath.beauty Open in urlscan Pro 162.55.242.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

1247 kBTransfer

1504 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

0 Cookies

Indicators

www.ath.beauty Open in urlscan Pro
162.55.242.139 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

1247 kB
Transfer

1504 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions