www2.citybeauty.com Open in urlscan Pro
2606:4700:4400::ac40:91e7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rs-stripe.tradebriefs.com/stripe/redirect?cs_email=6263964fed64f&cs_stripeid=123886&cs_sendid=2022-04-23&cs_offset=0&cs_es...
Effective URL:
https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm...
Submission: On April 25 via api (April 25th 2022, 1:58:28 pm UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 14 domains to perform 41 HTTP transactions. The main IP is 2606:4700:4400::ac40:91e7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www2.citybeauty.com. The Cisco Umbrella rank of the primary domain is 239773.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2021. Valid for: a year.

This is the only time www2.citybeauty.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	13.84.54.237 13.84.54.237	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 23	2606:4700:440... 2606:4700:4400::ac40:91e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	52.92.146.88 52.92.146.88	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	143.204.98.104 143.204.98.104	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:7400:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	3.131.114.180 3.131.114.180	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
41	13

2 13.84.54.237 (San Antonio, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rs-stripe.tradebriefs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr.rev-stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:4400::ac40:91e7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www2.citybeauty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.92.146.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net

widget.wickedreports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:7400:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.131.114.180 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-114-180.us-east-2.compute.amazonaws.com

track.wickedreports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	citybeauty.com 1 redirects www2.citybeauty.com — Cisco Umbrella Rank: 239773	2 MB
3	wickedreports.com widget.wickedreports.com — Cisco Umbrella Rank: 38529 track.wickedreports.com — Cisco Umbrella Rank: 53788	9 KB
3	amazonaws.com s3-us-west-2.amazonaws.com	400 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	2 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 404	7 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6544	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 823	633 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 80	445 B
1	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 4425	375 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 58	81 KB
1	rev-stripe.com 1 redirects tr.rev-stripe.com — Cisco Umbrella Rank: 53164	583 B
1	tradebriefs.com 1 redirects rs-stripe.tradebriefs.com	473 B
41	14

	Domain	Requested by
23	www2.citybeauty.com	1 redirects www2.citybeauty.com
3	s3-us-west-2.amazonaws.com
3	fonts.googleapis.com	www2.citybeauty.com
2	s.yimg.com	www2.citybeauty.com
2	widget.wickedreports.com	www.googletagmanager.com widget.wickedreports.com
2	www.google-analytics.com	www.googletagmanager.com www2.citybeauty.com
1	www.google.de
1	www.google.com
1	sp.analytics.yahoo.com
1	stats.g.doubleclick.net	www2.citybeauty.com
1	track.wickedreports.com	www2.citybeauty.com
1	cdn.attn.tv	www.googletagmanager.com
1	www.googletagmanager.com	www2.citybeauty.com
1	tr.rev-stripe.com	1 redirects
1	rs-stripe.tradebriefs.com	1 redirects
41	15

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-27` - `2022-06-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
widget.wickedreports.com Amazon	`2021-08-14` - `2022-09-12`	a year	crt.sh
*.attn.tv Amazon	`2022-04-04` - `2023-05-02`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-04-25` - `2022-06-15`	2 months	crt.sh
track.wickedreports.com Amazon	`2022-04-14` - `2023-05-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96
Frame ID: F683BC68DDA6588DF7FF9F5711776FB0
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

City Beauty - Exclusive

Page URL History Show full URLs

http://rs-stripe.tradebriefs.com/stripe/redirect?cs_email=6263964fed64f&cs_stripeid=123886&cs_sendid=2022-04-... HTTP 301
http://tr.rev-stripe.com/stripe/redirect?cs_email=6263964fed64f&cs_stripeid=123886&cs_sendid=2022-04-... HTTP 303
https://www2.citybeauty.com/cid/7013w000002HFMXAA4?utm_content=823801&utm_term=3328&pi_adid=823801&pi_cl... HTTP 302
https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-ic... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

41
Requests

100 %
HTTPS

64 %
IPv6

14
Domains

15
Subdomains

13
IPs

5
Countries

2166 kB
Transfer

10354 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rs-stripe.tradebriefs.com/stripe/redirect?cs_email=6263964fed64f&cs_stripeid=123886&cs_sendid=2022-04-23&cs_offset=0&cs_esp=custom&articletb=tb_banner HTTP 301
http://tr.rev-stripe.com/stripe/redirect?cs_email=6263964fed64f&cs_stripeid=123886&cs_sendid=2022-04-23&cs_offset=0&cs_esp=custom&articletb=tb_banner HTTP 303
https://www2.citybeauty.com/cid/7013w000002HFMXAA4?utm_content=823801&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96 HTTP 302
https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request d_mb_icbb_adv_qqq Show response
www2.citybeauty.com/fst/
Redirect Chain

http://rs-stripe.tradebriefs.com/stripe/redirect?cs_email=6263964fed64f&cs_stripeid=123886&cs_sendid=2022-04-23&cs_offset=0&cs_esp=custom&articletb=tb_banner
http://tr.rev-stripe.com/stripe/redirect?cs_email=6263964fed64f&cs_stripeid=123886&cs_sendid=2022-04-23&cs_offset=0&cs_esp=custom&articletb=tb_banner
https://www2.citybeauty.com/cid/7013w000002HFMXAA4?utm_content=823801&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96
https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_sou...

30 KB
12 KB

142ms
141ms

Document
text/html

2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4c41d02ff79c59571367e3c5ea0f0e3f678bff8410de26a017acb89700fd9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, max-age = 0
cf-cache-status: DYNAMIC
cf-ray: 701797cd4deacc46-ZRH
content-encoding: br
content-type: text/html
date: Mon, 25 Apr 2022 13:58:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 701797cc4c42cc46-ZRH
content-length: 0
date: Mon, 25 Apr 2022 13:58:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 59ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@600;900&display=swap

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e523535a7e867cb7b6ed3d569aaadf85dca9e74ddc9199d440981ab366e6f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 13:58:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Apr 2022 13:58:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Apr 2022 13:58:21 GMT

GET
H3 200 process_env.js Show response
www2.citybeauty.com/ 1 KB
1 KB 153ms
153ms Script
application/javascript 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/process_env.js?ver=424202215

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf33c85daffe6901b5d20f6bd9c6e0a398fe614b7107be1ff0b51df358443716

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:21 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Apr 2022 13:50:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"448-18060fcb8d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: private, no-cache, max-age = 0
cf-ray: 701797ce58c7cc3e-ZRH

GET
H3 200 funnel_confs.js Show response
www2.citybeauty.com/ 3 MB
132 KB 158ms
158ms Script
application/javascript 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/funnel_confs.js?ver=424202215

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e687c34624f78886895b5b5ea5b9929dd0b68bd834c260019bc2126578e1b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:21 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 24 Apr 2022 15:01:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3166a5-1805c177081"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age = 31557600
cf-ray: 701797cf4a21cc3e-ZRH

GET
H3 200 main.css
www2.citybeauty.com/build/ 2 MB
169 KB 163ms
163ms Stylesheet
text/css 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/build/main.css?ver=424202215

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd503d41d75aeed0a31363e4c60104a0606821756a27dc8e8480e9d8b176e665

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:21 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=1718922
x-dns-prefetch-control: off
cf-bgj: minify
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Apr 2022 18:58:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1a3a8a-1804d7d83a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 701797d03b46cc3e-ZRH
expires: Mon, 25 Apr 2022 14:58:21 GMT

GET
H3 200 icon
fonts.googleapis.com/ 569 B
367 B 31ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6d177b64657bb3568560df466c6e81d5117b3115b7f2f9945d852f565d72cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 13:58:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Apr 2022 13:58:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Apr 2022 13:58:21 GMT

GET
H3 200 countries.js Show response
www2.citybeauty.com/ 2 KB
2 KB 157ms
157ms Script
application/javascript 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/countries.js?ver=424202215

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71662ef88813b7ee3f64a682216e31180da98e4523435b1c03250dfb011946d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:21 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=2447
x-dns-prefetch-control: off
cf-bgj: minify
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Apr 2022 12:50:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"98f-18060c5c90a"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 701797d12c73cc3e-ZRH
expires: Mon, 25 Apr 2022 14:58:21 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
464 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand:400,700&display=swap

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/main.css?ver=424202215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

619ae7019cfd0db4ba7554a24136a5172ff8e515d4c56ffb7139336bdc2966d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 13:46:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Apr 2022 13:58:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Apr 2022 13:58:21 GMT

GET
H3 200 request-ip Show response
www2.citybeauty.com/ 67 B
524 B 133ms
133ms Script
application/javascript 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/request-ip

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f998b42fa88474450ea15f63d48d9696e22f1687f3b9df348808f0de287ce7d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:21 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"43-4igowTU0mkI46599n7xDJaE49jk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-cache, max-age = 0
cf-ray: 701797d22d8fcc3e-ZRH

GET
H3 200 getsession Show response
www2.citybeauty.com/proxy/utils/ 0
449 B 147ms
147ms XHR
application/octet-stream 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/proxy/utils/getsession

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96
x-brand: City Beauty
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:21 GMT
via: 1.1 spaces-router (1ee3716bf5eb), 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/octet-stream
vary: Origin
access-control-allow-credentials: true
cf-ray: 701797d22d92cc3e-ZRH
access-control-expose-headers: X-Brand

GET
H3 200 polyfills.js Show response
www2.citybeauty.com/build/ 95 KB
34 KB 158ms
158ms Script
application/javascript 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/build/polyfills.js?ver=424202215

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80b3dd379b1fd6b5972f04048efc7270d73680f0620d9a9dd0aed6dca2b539d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:21 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=97180
x-dns-prefetch-control: off
cf-bgj: minify
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Apr 2022 18:57:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"17b9c-1804d7cd7c8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 701797d22d94cc3e-ZRH
expires: Mon, 25 Apr 2022 14:58:21 GMT

GET
H3 200 bundle.js Show response
www2.citybeauty.com/build/ 4 MB
1022 KB 181ms
181ms Script
application/javascript 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/build/bundle.js?ver=424202215

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda2f3f479b27d16cbe7cacdc2ca49c311d9161cc2ad9a57b86d086214e77fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:21 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=3896412
x-dns-prefetch-control: off
cf-bgj: minify
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Apr 2022 18:59:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3b745c-1804d7e1430"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 701797d22d97cc3e-ZRH
expires: Mon, 25 Apr 2022 14:58:21 GMT

POST
H3 200 setaffparameters Show response
www2.citybeauty.com/proxy/affiliate/ 20 B
583 B 177ms
176ms XHR
application/json 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/proxy/affiliate/setaffparameters

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/polyfills.js?ver=424202215

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96
X-Brand: City Beauty
accept-language: de-DE,de;q=0.9
XSRF-TOKEN: vUvyTDhK-o9cWUsq1ExYnjd5_W9mxFhzym50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Apr 2022 13:58:22 GMT
via: 1.1 spaces-router (1ee3716bf5eb), 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.citybeauty.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cf-ray: 701797d61ad7cc3e-ZRH
access-control-expose-headers: X-Brand

POST
H3 200 save Show response
www2.citybeauty.com/proxy/funnel/stats/ 16 B
578 B 159ms
159ms XHR
application/json 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/proxy/funnel/stats/save

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/polyfills.js?ver=424202215

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96&sessionid=725026679316
X-Brand: City Beauty
accept-language: de-DE,de;q=0.9
XSRF-TOKEN: vUvyTDhK-o9cWUsq1ExYnjd5_W9mxFhzym50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Apr 2022 13:58:22 GMT
via: 1.1 spaces-router (1ee3716bf5eb), 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"10-MxB4y4MLcx6QDsp8b8vgp7iFMFo"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.citybeauty.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cf-ray: 701797d61ad9cc3e-ZRH
access-control-expose-headers: X-Brand

POST
H3 200 save Show response
www2.citybeauty.com/proxy/funnel/stats/ 16 B
579 B 159ms
159ms XHR
application/json 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/proxy/funnel/stats/save

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/polyfills.js?ver=424202215

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96&sessionid=725026679316
X-Brand: City Beauty
accept-language: de-DE,de;q=0.9
XSRF-TOKEN: vUvyTDhK-o9cWUsq1ExYnjd5_W9mxFhzym50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Apr 2022 13:58:22 GMT
via: 1.1 spaces-router (1ee3716bf5eb), 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"10-MxB4y4MLcx6QDsp8b8vgp7iFMFo"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.citybeauty.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cf-ray: 701797d61adacc3e-ZRH
access-control-expose-headers: X-Brand

POST
H3 200 save Show response
www2.citybeauty.com/proxy/funnel/stats/ 16 B
580 B 191ms
190ms XHR
application/json 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/proxy/funnel/stats/save

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/polyfills.js?ver=424202215

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.citybeauty.com/fst/d_mb_icbb_adv_qqq?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96&sessionid=725026679316
X-Brand: City Beauty
accept-language: de-DE,de;q=0.9
XSRF-TOKEN: vUvyTDhK-o9cWUsq1ExYnjd5_W9mxFhzym50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Apr 2022 13:58:22 GMT
via: 1.1 spaces-router (1ee3716bf5eb), 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"10-MxB4y4MLcx6QDsp8b8vgp7iFMFo"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.citybeauty.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cf-ray: 701797d62adfcc3e-ZRH
access-control-expose-headers: X-Brand

GET
H3 200 src_components_components_module_ts.js Show response
www2.citybeauty.com/build/ 173 KB
29 KB 40ms
39ms Script
application/javascript 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/build/src_components_components_module_ts.js?v=f5d482c9ab84578fad4a

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/bundle.js?ver=424202215

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5133102eda4ac0ef9987f9c89369dc6c085495199f4f693039f99e6b1c934110

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/icbb-a210122_ap?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96&sessionid=725026679316&uid=mb_icbb_adv_082721&dsid=a0v3w00000Lp2u4AAB&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:22 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4013
cf-polished: origSize=177332
x-dns-prefetch-control: off
cf-bgj: minify
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Apr 2022 18:58:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2b4b4-1804d7db288"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 701797d68b59cc3e-ZRH
expires: Mon, 25 Apr 2022 14:58:22 GMT

GET
H3 200 src_pages_funnel-settings-base_landing-base-fs-base_ts.js Show response
www2.citybeauty.com/build/ 7 KB
3 KB 42ms
41ms Script
application/javascript 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/build/src_pages_funnel-settings-base_landing-base-fs-base_ts.js?v=3e67f3ae55ab1c3b3b52

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/bundle.js?ver=424202215

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58d6abdcb53e3eedeaba48d80aa59b99d1dfc483b1d65218631f0e816fb8dfb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/icbb-a210122_ap?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96&sessionid=725026679316&uid=mb_icbb_adv_082721&dsid=a0v3w00000Lp2u4AAB&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:22 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4013
cf-polished: origSize=11770
x-dns-prefetch-control: off
cf-bgj: minify
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Apr 2022 18:58:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2dfa-1804d7d58b0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 701797d68b5dcc3e-ZRH
expires: Mon, 25 Apr 2022 14:58:22 GMT

GET
H3 200 src_pages__brand-pages-base_base-controllers_advertorial_advertorial-common_ts.js Show response
www2.citybeauty.com/build/ 8 KB
3 KB 40ms
40ms Script
application/javascript 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/build/src_pages__brand-pages-base_base-controllers_advertorial_advertorial-common_ts.js?v=f72e58dc13ac28d02120

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/bundle.js?ver=424202215

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b06e7df8630d3e1f6e01489029a02ad528538d8c08098f26acb8fe8fa634fdb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/icbb-a210122_ap?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96&sessionid=725026679316&uid=mb_icbb_adv_082721&dsid=a0v3w00000Lp2u4AAB&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:22 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4013
cf-polished: origSize=11775
x-dns-prefetch-control: off
cf-bgj: minify
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Apr 2022 18:58:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2dff-1804d7d58b0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 701797d68b5ecc3e-ZRH
expires: Mon, 25 Apr 2022 14:58:22 GMT

GET
H3 200 src_pages_advertorials_icbb-advertorial210122_icbb-advertorial210122_module_ts.js Show response
www2.citybeauty.com/build/ 19 KB
6 KB 40ms
40ms Script
application/javascript 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/build/src_pages_advertorials_icbb-advertorial210122_icbb-advertorial210122_module_ts.js?v=3ddba74ae73229bc15f7

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/bundle.js?ver=424202215

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbf7d1fcb16a4f769c17563cc3215caf4c066e0a51533e397aff8a2f5693206a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/icbb-a210122_ap?business_unit=a00f400000jv55caat&utm_campaign=cb-mb-icbb-jeeng-adv-qqq&utm_campaign_id=7013w000002HFMXAA4&utm_content=823801&utm_medium=cpc&utm_source=jeeng&utm_term=3328&pi_adid=823801&pi_clickid=37001f1781324675bb5df805f6fbcc96&sessionid=725026679316&uid=mb_icbb_adv_082721&dsid=a0v3w00000Lp2u4AAB&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:22 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4013
cf-polished: origSize=26479
x-dns-prefetch-control: off
cf-bgj: minify
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Apr 2022 18:58:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"676f-1804d7d54c8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 701797d68b5fcc3e-ZRH
expires: Mon, 25 Apr 2022 14:58:22 GMT

GET
H/1.1 200
OK inviscrepe.gif
s3-us-west-2.amazonaws.com/cdn.citybeauty.com/images/icbb/advertorial/ 316 KB
317 KB 643ms
168ms Image
image/gif 52.92.146.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/cdn.citybeauty.com/images/icbb/advertorial/inviscrepe.gif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.146.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: a2e1534eb8ea8d3dc9802406e2eee51b8de6b24b65deda219d3a951425fb6f62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 13:58:24 GMT
Last-Modified: Wed, 16 Sep 2020 18:28:39 GMT
Server: AmazonS3
x-amz-request-id: CV8ZWH7VNR5Z89A8
ETag: "90d94cc5f963e0d838b54a9a78a8a0ec"
Content-Type: image/gif
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 323893
x-amz-id-2: SUObPHLHC1fUprjgpAqLwHu5EMynCEjPzjTkcwOIiWjWLoaaZNdql2421ZSlYKCA1l6va/Xct7E=

GET
H/1.1 200
OK thumbnail.jpg
s3-us-west-2.amazonaws.com/cdn.citybeauty.com/images/icbb/advertorial/ 34 KB
35 KB 649ms
171ms Image
image/jpeg 52.92.146.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/cdn.citybeauty.com/images/icbb/advertorial/thumbnail.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.146.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: c0bf1d396135e4c4de0ca14efd08dfa9ba566c2c69f06a9fb6b06415d9be0206

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 13:58:24 GMT
Last-Modified: Wed, 16 Sep 2020 20:04:59 GMT
Server: AmazonS3
x-amz-request-id: CV8ZEE8T00ZTJWE1
ETag: "b15c41a9b032eb03f1a96124460b1098"
Content-Type: image/jpeg
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 35276
x-amz-id-2: F65TJ5OA7PIC8SBaomf3NB1aUNMWUEYGqTNXwtbyaZ+FOtaKHMsL/VWSu6/HRdWXExHZTspEH6w=

GET
H/1.1 200
OK icbb-adv-background.jpg
s3-us-west-2.amazonaws.com/cdn.citybeauty.com/images/icbb/advertorial/ 48 KB
49 KB 659ms
174ms Image
image/jpeg 52.92.146.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/cdn.citybeauty.com/images/icbb/advertorial/icbb-adv-background.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.146.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 49408bdb34213173f6d705d94e023ef3ad2696d8d0fe58a45a1674318247bef4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 13:58:24 GMT
Last-Modified: Wed, 16 Sep 2020 18:25:11 GMT
Server: AmazonS3
x-amz-request-id: CV8YQK0HKS16ME48
ETag: "b199fe9f257faafbbf896626d4a6bdec"
Content-Type: image/jpeg
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 49569
x-amz-id-2: WbSXg7cgruF7ZOXotLEW6VkyfkOBxOQnQN+cM9ve1Ce4UssGXvu4pPpa50TU568JtO9P66b499I=

GET
H3 200 Montserrat-Regular.ttf
www2.citybeauty.com/assets/fonts/Montserrat/ 22 KB
14 KB 39ms
39ms Font
font/ttf 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/assets/fonts/Montserrat/Montserrat-Regular.ttf

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/main.css?ver=424202215

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194d3e9622ea4ce3cf97797a19863f18c9f49ebdd36699160c397b0df2df8ed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.citybeauty.com/build/main.css?ver=424202215
Origin: https://www2.citybeauty.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:23 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 421
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Apr 2022 18:57:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5750-1804d7cd7c8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 701797d9dec3cc3e-ZRH
expires: Mon, 25 Apr 2022 14:58:23 GMT

GET
H3 200 Unna-Bold.otf
www2.citybeauty.com/assets/fonts/Unna/ 79 KB
52 KB 44ms
43ms Font
font/otf 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/assets/fonts/Unna/Unna-Bold.otf

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/main.css?ver=424202215

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

472ab91ebdbe7ca9df7e077ba23a631b0ccc52d0fc82af5d5e712f929c0983d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.citybeauty.com/build/main.css?ver=424202215
Origin: https://www2.citybeauty.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:23 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 421
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Apr 2022 18:57:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"13bd8-1804d7cd7c8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: font/otf
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 701797d9dec5cc3e-ZRH
expires: Mon, 25 Apr 2022 14:58:23 GMT

GET
H3 200 WorkSans-Bold.otf
www2.citybeauty.com/assets/fonts/Work-sans/ 97 KB
59 KB 34ms
33ms Font
font/otf 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/assets/fonts/Work-sans/WorkSans-Bold.otf

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/main.css?ver=424202215

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7398e5da39d4da2dccc1f7f8329cdb9dfa30510e7d30fc7d99caf89147954d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.citybeauty.com/build/main.css?ver=424202215
Origin: https://www2.citybeauty.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:23 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 421
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Apr 2022 18:57:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1848c-1804d7cd7c8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: font/otf
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 701797d9dec6cc3e-ZRH
expires: Mon, 25 Apr 2022 14:58:23 GMT

GET
H3 200 WorkSans-Regular.otf
www2.citybeauty.com/assets/fonts/Work-sans/ 87 KB
52 KB 55ms
54ms Font
font/otf 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/assets/fonts/Work-sans/WorkSans-Regular.otf

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/main.css?ver=424202215

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e7a6687a582a0422c79625e704e4208ea2aba04d3ee6666ac7165533afc4908

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.citybeauty.com/build/main.css?ver=424202215
Origin: https://www2.citybeauty.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:23 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 421
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Apr 2022 18:57:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"15ae8-1804d7cd7c8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: font/otf
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 701797d9dec7cc3e-ZRH
expires: Mon, 25 Apr 2022 14:58:23 GMT

GET
H3 200 Unna-Light.otf
www2.citybeauty.com/assets/fonts/Unna/ 81 KB
53 KB 39ms
39ms Font
font/otf 2606:4700:4400::ac40:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.citybeauty.com/assets/fonts/Unna/Unna-Light.otf

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/main.css?ver=424202215

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:91e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c31e946637467e649b6816484031907f9509b12490060412aed79ab078c41b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.citybeauty.com/build/main.css?ver=424202215
Origin: https://www2.citybeauty.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:23 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 421
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Apr 2022 18:57:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"144d0-1804d7cd7c8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: font/otf
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 701797d9eed5cc3e-ZRH
expires: Mon, 25 Apr 2022 14:58:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 515 KB
81 KB 64ms
42ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MG7KQG6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a6590d72852f45733be7a460ba24affcbf681fef8bc05d107f587c1c3c36e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:58:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82538
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Apr 2022 13:58:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MG7KQG6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6072
date: Mon, 25 Apr 2022 12:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 25 Apr 2022 14:17:11 GMT

GET
H2 200 wr-006fe2bfd590f93db5ffa38ec7f625f9.js Show response
widget.wickedreports.com/v2/4157/ 439 B
760 B 40ms
8ms Script
text/javascript 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/v2/4157/wr-006fe2bfd590f93db5ffa38ec7f625f9.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MG7KQG6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46adb59d8384cab231453586655deb1f800f7df8dbfd5620e35b544e5e707a51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 04:51:04 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 00:25:22 GMT
server: AmazonS3
age: 32840
etag: "ce7399c2d070c0a2c3d18b7b7b790e31"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 439
x-amz-cf-id: 0kTJVXJzV9RzEhV-Ruyj4RcEEWTrm1UyEzxwoLltSM6RZ-WRQA8miQ==

GET
H2 200 dtag.js Show response
cdn.attn.tv/citybeauty/ 0
375 B 39ms
12ms Script
text/javascript 2600:9000:2156:7400:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/citybeauty/dtag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MG7KQG6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7400:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
age: 49816
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/javascript
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
date: Mon, 25 Apr 2022 00:14:32 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: DFVeoyJBdxhJC4WhQCl0CF8w9sbQC8K5qYUFHzIJh8Ra6cAFfGRdoQ==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 42ms
14ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 25 Apr 2022 13:33:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1481
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5748
x-amz-id-2: XaMgOMZTmhS/Aydac7uFn5HJQUmlK5uCX1V9wq5qWuWJ1Lh8yRvpO/qcsvXuH7ygZvurSLYiOMs=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: GCJ8TETE78H9RD74
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges: bytes
content-type: application/javascript

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 31ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1680152007&t=pageview&_s=1&dl=https%3A%2F%2Fwww2.citybeauty.com%2Ficbb-a210122_ap%3Fbusiness_unit%3Da00f400000jv55caat%26utm_campaign%3Dcb-mb-icbb-jeeng-adv-qqq%26utm_campaign_id%3D7013w000002HFMXAA4%26utm_content%3D823801%26utm_medium%3Dcpc%26utm_source%3Djeeng%26utm_term%3D3328%26pi_adid%3D823801%26pi_clickid%3D37001f1781324675bb5df805f6fbcc96%26sessionid%3D725026679316%26uid%3Dmb_icbb_adv_082721%26dsid%3Da0v3w00000Lp2u4AAB%26step%3D1&ul=en-us&de=UTF-8&dt=City%20Beauty%20-%20Exclusive&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=241390494&gjid=1272186691&cid=571516356.1650895103&tid=UA-104630263-5&_gid=635002543.1650895103&_r=1&gtm=2wg4k0MG7KQG6&z=1667925021

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/polyfills.js?ver=424202215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.citybeauty.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 13:58:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www2.citybeauty.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.js Show response
widget.wickedreports.com/ 24 KB
8 KB 9ms
8ms Script
application/javascript 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/widget.js
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/v2/4157/wr-006fe2bfd590f93db5ffa38ec7f625f9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4cff4ce9a7027239bae8cbabd6c9abb3462f8b4d1be92568658d27d53b553b01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 11:45:43 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 11:45:32 GMT
server: AmazonS3
age: 7961
etag: W/"bf3a96f4ef4844d76afdc17eab8f78bd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ZSUgoqWvZngBq0xXbqE1UPBnbr3yimWXNkRqjSu6MiZC2BAkaQzVtQ==

GET
H2 200 10177080.json Show response
s.yimg.com/wi/config/ 2 B
449 B 41ms
15ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10177080.json

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/polyfills.js?ver=424202215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:11:52 GMT
x-content-type-options: nosniff
age: 2791
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: Z8R4KZNZJH09E8FA
x-amz-id-2: m2W8xaqEtXAVBzGFKIVN2BN0MECkPxj8OQ1+1ccx6/5B3oYCxkM0QW3M1BxaUcjl2oCaq3NbL4s=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 200 index.php Show response
track.wickedreports.com/ 118 B
342 B 353ms
128ms XHR
text/html 3.131.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.wickedreports.com/index.php?WickedClientID=4157&WickedEmail=&WickedTrackingDate=1650895103322&WickedURL=https%3A%2F%2Fwww2.citybeauty.com%2Ficbb-a210122_ap%3Fbusiness_unit%3Da00f400000jv55caat%26utm_campaign%3Dcb-mb-icbb-jeeng-adv-qqq%26utm_campaign_id%3D7013w000002HFMXAA4%26utm_content%3D823801%26utm_medium%3Dcpc%26utm_source%3Djeeng%26utm_term%3D3328%26pi_adid%3D823801%26pi_clickid%3D37001f1781324675bb5df805f6fbcc96%26sessionid%3D725026679316%26uid%3Dmb_icbb_adv_082721%26dsid%3Da0v3w00000Lp2u4AAB%26step%3D1&WickedReferrerURL=
Requested by: Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/polyfills.js?ver=424202215
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.131.114.180 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-131-114-180.us-east-2.compute.amazonaws.com
Software: nginx / PHP/7.3.27
Resource Hash: c5c97f2d467f8b0aef78de4c533736ee841cd761af3a44d8f8e15b9c30695ab8

Request headers

Referer: https://www2.citybeauty.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Apr 2022 13:58:23 GMT
server: nginx
x-powered-by: PHP/7.3.27
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 58ms
18ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-104630263-5&cid=571516356.1650895103&jid=241390494&gjid=1272186691&_gid=635002543.1650895103&_u=YGBACEAABAAAAC~&z=3328651

Requested by

Host: www2.citybeauty.com
URL: https://www2.citybeauty.com/build/polyfills.js?ver=424202215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.citybeauty.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 25 Apr 2022 13:58:23 GMT
content-type: text/plain
access-control-allow-origin: https://www2.citybeauty.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 100ms
34ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2025%20Apr%202022%2013%3A58%3A23%20GMT&n=0&b=City%20Beauty%20-%20Exclusive&.yp=10177080&f=https%3A%2F%2Fwww2.citybeauty.com%2Ficbb-a210122_ap%3Fbusiness_unit%3Da00f400000jv55caat%26utm_campaign%3Dcb-mb-icbb-jeeng-adv-qqq%26utm_campaign_id%3D7013w000002HFMXAA4%26utm_content%3D823801%26utm_medium%3Dcpc%26utm_source%3Djeeng%26utm_term%3D3328%26pi_adid%3D823801%26pi_clickid%3D37001f1781324675bb5df805f6fbcc96%26sessionid%3D725026679316%26uid%3Dmb_icbb_adv_082721%26dsid%3Da0v3w00000Lp2u4AAB%26step%3D1&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 13:58:23 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 25 Apr 2022 13:58:23 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 56ms
33ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-104630263-5&cid=571516356.1650895103&jid=241390494&_u=YGBACEAABAAAAC~&z=1183119130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 13:58:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 55ms
32ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-104630263-5&cid=571516356.1650895103&jid=241390494&_u=YGBACEAABAAAAC~&z=1183119130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.citybeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 13:58:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rev-stripe.com/	1970-01-20 02:36:21	Name: eid3841 Value: 37001f1781324675bb5df805f6fbcc96
www2.citybeauty.com/	1969-12-31 23:59:59	Name: _csrf Value: bOKwvDQngkm4nYpNr8_vJq_E
www2.citybeauty.com/	1969-12-31 23:59:59	Name: 7013w000002HFMXAA4 Value: Mon%2C%2025%20Apr%202022%2013%3A58%3A20%20GMT
www2.citybeauty.com/	1970-01-20 11:20:31	Name: alternaiGuestId Value: 7da34efd-6080-4a09-b6f6-ad67d1a2783a,www2.citybeauty.com,,blob:https:
www2.citybeauty.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: vUvyTDhK-o9cWUsq1ExYnjd5_W9mxFhzym50
www2.citybeauty.com/	1970-01-20 02:44:59	Name: GAID Value: e64bdd4b-3c0d-c963-e974-ccbfab1447f9
www2.citybeauty.com/	1970-01-20 02:54:55	Name: connect.sid Value: s%3Ar6ljt1KMQzLnlDIQ7KJyjUVmq5XtHxVW.fYQvlDH2DEGGBdRoBQUIQV0mBUBCcyLY3Sn1%2FwvSU6g
.citybeauty.com/	1970-01-20 04:44:31	Name: _gcl_au Value: 1.1.1420088476.1650895103
.citybeauty.com/	1970-01-20 20:06:07	Name: _ga Value: GA1.2.571516356.1650895103
.citybeauty.com/	1970-01-20 02:36:21	Name: _gid Value: GA1.2.635002543.1650895103
.citybeauty.com/	1970-01-20 02:34:55	Name: _gat_UA-104630263-5 Value: 1
.citybeauty.com/	1970-01-20 02:36:21	Name: wickedfu Value: %7B%22url%22%3A%22https%3A%2F%2Fwww2.citybeauty.com%2Ficbb-a210122_ap%3Fbusiness_unit%3Da00f400000jv55caat%26utm_campaign%3Dcb-mb-icbb-jeeng-adv-qqq%26utm_campaign_id%3D7013w000002HFMXAA4%26utm_content%3D823801%26utm_medium%3Dcpc%26utm_source%3Djeeng%26utm_term%3D3328%26pi_adid%3D823801%26pi_clickid%3D37001f1781324675bb5df805f6fbcc96%26sessionid%3D725026679316%26uid%3Dmb_icbb_adv_082721%26dsid%3Da0v3w00000Lp2u4AAB%26step%3D1%22%2C%22time%22%3A1650895103321%2C%22c%22%3A4157%7D
.yahoo.com/	1970-01-20 11:20:52	Name: A3 Value: d=AQABBP-oZmICENEAs-TGlKwkKoVcWAhVjq8FEgEBAQH6Z2JwYgAAAAAA_eMAAA&S=AQAAAulhE4e_8RrNqGUwPvWfsOQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.attn.tv
fonts.googleapis.com
rs-stripe.tradebriefs.com
s.yimg.com
s3-us-west-2.amazonaws.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
tr.rev-stripe.com
track.wickedreports.com
widget.wickedreports.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www2.citybeauty.com
13.84.54.237
143.204.98.104
212.82.100.181
2600:9000:2156:7400:1c:9484:cec0:93a1
2606:4700:4400::ac40:91e7
2a00:1288:80:807::1
2a00:1450:4001:802::2004
2a00:1450:4001:810::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
3.131.114.180
52.92.146.88
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
194d3e9622ea4ce3cf97797a19863f18c9f49ebdd36699160c397b0df2df8ed8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46adb59d8384cab231453586655deb1f800f7df8dbfd5620e35b544e5e707a51
472ab91ebdbe7ca9df7e077ba23a631b0ccc52d0fc82af5d5e712f929c0983d0
49408bdb34213173f6d705d94e023ef3ad2696d8d0fe58a45a1674318247bef4
4c31e946637467e649b6816484031907f9509b12490060412aed79ab078c41b0
4cff4ce9a7027239bae8cbabd6c9abb3462f8b4d1be92568658d27d53b553b01
5133102eda4ac0ef9987f9c89369dc6c085495199f4f693039f99e6b1c934110
58d6abdcb53e3eedeaba48d80aa59b99d1dfc483b1d65218631f0e816fb8dfb5
5e687c34624f78886895b5b5ea5b9929dd0b68bd834c260019bc2126578e1b46
619ae7019cfd0db4ba7554a24136a5172ff8e515d4c56ffb7139336bdc2966d1
6e523535a7e867cb7b6ed3d569aaadf85dca9e74ddc9199d440981ab366e6f5e
71662ef88813b7ee3f64a682216e31180da98e4523435b1c03250dfb011946d4
80b3dd379b1fd6b5972f04048efc7270d73680f0620d9a9dd0aed6dca2b539d0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a6590d72852f45733be7a460ba24affcbf681fef8bc05d107f587c1c3c36e0c
8e7a6687a582a0422c79625e704e4208ea2aba04d3ee6666ac7165533afc4908
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e1534eb8ea8d3dc9802406e2eee51b8de6b24b65deda219d3a951425fb6f62
a4c41d02ff79c59571367e3c5ea0f0e3f678bff8410de26a017acb89700fd9aa
b06e7df8630d3e1f6e01489029a02ad528538d8c08098f26acb8fe8fa634fdb2
bf33c85daffe6901b5d20f6bd9c6e0a398fe614b7107be1ff0b51df358443716
c0bf1d396135e4c4de0ca14efd08dfa9ba566c2c69f06a9fb6b06415d9be0206
c5c97f2d467f8b0aef78de4c533736ee841cd761af3a44d8f8e15b9c30695ab8
c6d177b64657bb3568560df466c6e81d5117b3115b7f2f9945d852f565d72cde
dbf7d1fcb16a4f769c17563cc3215caf4c066e0a51533e397aff8a2f5693206a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eda2f3f479b27d16cbe7cacdc2ca49c311d9161cc2ad9a57b86d086214e77fd3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7398e5da39d4da2dccc1f7f8329cdb9dfa30510e7d30fc7d99caf89147954d0
f998b42fa88474450ea15f63d48d9696e22f1687f3b9df348808f0de287ce7d9
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
fd503d41d75aeed0a31363e4c60104a0606821756a27dc8e8480e9d8b176e665

www2.citybeauty.com Open in urlscan Pro 2606:4700:4400::ac40:91e7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

64 %IPv6

14 Domains

15 Subdomains

13 IPs

5 Countries

2166 kBTransfer

10354 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www2.citybeauty.com Open in urlscan Pro
2606:4700:4400::ac40:91e7 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

64 %
IPv6

14
Domains

15
Subdomains

13
IPs

5
Countries

2166 kB
Transfer

10354 kB
Size

13
Cookies

41 HTTP transactions
0 data transactions