primecosmetics.ch Open in urlscan Pro
162.55.234.14 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://primecosmetics.ch/
Submission: On June 28 via api (June 28th 2024, 5:06:08 am UTC) from CH — Scanned from CH

Summary HTTP 20 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 20 HTTP transactions. The main IP is 162.55.234.14, located in Mammelzen, Germany and belongs to HETZNER-AS, DE. The main domain is primecosmetics.ch.
TLS certificate: Issued by R3 on April 28th 2024. Valid for: 3 months.

This is the only time primecosmetics.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
15	162.55.234.14 162.55.234.14		24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:802::200a		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003		15169 (GOOGLE) (GOOGLE)
20	4

15 162.55.234.14 (Mammelzen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: rlx10.loginserver.ch

primecosmetics.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	primecosmetics.ch primecosmetics.ch	409 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83 ajax.googleapis.com — Cisco Umbrella Rank: 469	93 KB
2	gstatic.com fonts.gstatic.com	33 KB
20	3

	Domain	Requested by
15	primecosmetics.ch	primecosmetics.ch
2	fonts.gstatic.com	fonts.googleapis.com
2	ajax.googleapis.com	primecosmetics.ch
1	fonts.googleapis.com	primecosmetics.ch
20	4

This site contains no links.

Subject Issuer	Validity	Valid
primecosmetics.ch R3	`2024-04-28` - `2024-07-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://primecosmetics.ch/
Frame ID: EEA8DFF71BB704646733070FF4269E73
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Prime Cosmetics

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

20
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

536 kB
Transfer

876 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
primecosmetics.ch/ 5 KB
2 KB 132ms
50ms Document
text/html 162.55.234.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://primecosmetics.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.234.14 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rlx10.loginserver.ch
Software: nginx / PHP/8.0.30 PleskLin
Resource Hash: 66b1696ddad2dcb62b1bfe9bd805bc79cbeccbebcaedd6bf2ec13753fce56f07

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
referer: https://www.google.com/
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-length: 1783
content-type: text/html; charset=UTF-8
date: Fri, 28 Jun 2024 05:06:03 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.0.30 PleskLin

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 99ms
35ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans:400,700|Oswald

Requested by

Host: primecosmetics.ch
URL: https://primecosmetics.ch/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48e584a1ea0f7ea6bb0942a015de3649e395f8cb5611d09fc0d9ec15b75102d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jun 2024 05:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 05:06:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jun 2024 05:06:03 GMT

GET
H2 200 base.css
primecosmetics.ch/css/ 6 KB
2 KB 40ms
39ms Stylesheet
text/css 162.55.234.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://primecosmetics.ch/css/base.css
Requested by: Host: primecosmetics.ch
URL: https://primecosmetics.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.234.14 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rlx10.loginserver.ch
Software: nginx / PleskLin
Resource Hash: f838c61fcecb8739774607b9bbf27c2fe587ed1b0d97fba94448e7587d816093

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 05:06:03 GMT
content-encoding: br
last-modified: Mon, 23 Dec 2013 21:17:21 GMT
server: nginx
etag: W/"52b8a861-182d"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 skeleton.css
primecosmetics.ch/css/ 9 KB
2 KB 77ms
76ms Stylesheet
text/css 162.55.234.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://primecosmetics.ch/css/skeleton.css
Requested by: Host: primecosmetics.ch
URL: https://primecosmetics.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.234.14 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rlx10.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 97c2333559ef0e15e31201d0da06152b3533b6c0436c57872eec05b7313319bf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 05:06:03 GMT
content-encoding: br
last-modified: Mon, 23 Dec 2013 21:17:19 GMT
server: nginx
etag: W/"52b8a85f-235e"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 screen.css
primecosmetics.ch/css/ 56 KB
9 KB 46ms
45ms Stylesheet
text/css 162.55.234.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://primecosmetics.ch/css/screen.css
Requested by: Host: primecosmetics.ch
URL: https://primecosmetics.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.234.14 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rlx10.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 20116510f3b35578c744b5d0ceb9aaa455eef62bc2bd5ebd308510401e8abfc5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 05:06:03 GMT
content-encoding: br
last-modified: Tue, 24 Dec 2013 12:55:44 GMT
server: nginx
etag: W/"52b98450-debe"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 modernizr.custom.js Show response
primecosmetics.ch/js/ 8 KB
4 KB 75ms
75ms Script
application/javascript 162.55.234.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://primecosmetics.ch/js/modernizr.custom.js
Requested by: Host: primecosmetics.ch
URL: https://primecosmetics.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.234.14 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rlx10.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 86bad9c6d053fad76c54dfd5712e2000d77b968c6a44d295953222eecddeb179

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 05:06:03 GMT
content-encoding: br
last-modified: Mon, 23 Dec 2013 21:17:44 GMT
server: nginx
etag: W/"52b8a878-2059"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 preloader_dark.gif
primecosmetics.ch/images/icons/ 3 KB
3 KB 73ms
72ms Image
image/gif 162.55.234.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primecosmetics.ch/images/icons/preloader_dark.gif
Requested by: Host: primecosmetics.ch
URL: https://primecosmetics.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.234.14 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rlx10.loginserver.ch
Software: nginx / PleskLin
Resource Hash: babed8ddf22ed2e66590a4f75773661304242a4f4167d52e165652fee492933e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 05:06:03 GMT
last-modified: Mon, 23 Dec 2013 21:17:37 GMT
server: nginx
etag: "52b8a871-c88"
x-powered-by: PleskLin
content-type: image/gif
accept-ranges: bytes
content-length: 3208

GET
H2 200 logo_pc.jpg
primecosmetics.ch/images/ 2 KB
2 KB 38ms
38ms Image
image/jpeg 162.55.234.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primecosmetics.ch/images/logo_pc.jpg
Requested by: Host: primecosmetics.ch
URL: https://primecosmetics.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.234.14 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rlx10.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 67ab5fcd717918ccf42b8cc7512cb3c692bc2b81ea3729591349f6475c2a518f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 05:06:03 GMT
last-modified: Tue, 24 Dec 2013 10:36:23 GMT
server: nginx
etag: "52b963a7-7d1"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 2001

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 99ms
26ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: primecosmetics.ch
URL: https://primecosmetics.ch/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 06:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 06:29:29 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.2/ 223 KB
59 KB 95ms
56ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.2/jquery-ui.min.js

Requested by

Host: primecosmetics.ch
URL: https://primecosmetics.ch/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16089a42741acc5fd00ab17da92be9458e8f0029fd645f159e582a7ea0f52ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 21:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60637
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 21:13:06 GMT

GET
H2 200 jacked.min.js Show response
primecosmetics.ch/js/ 16 KB
6 KB 40ms
39ms Script
application/javascript 162.55.234.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://primecosmetics.ch/js/jacked.min.js
Requested by: Host: primecosmetics.ch
URL: https://primecosmetics.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.234.14 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rlx10.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 1ca6ac9b354c88d65068447d34b3fc98f0be7455c3562e1503a432a3981c13a2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 05:06:03 GMT
content-encoding: br
last-modified: Mon, 23 Dec 2013 21:17:46 GMT
server: nginx
etag: W/"52b8a87a-3f70"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery.easing.min.js Show response
primecosmetics.ch/js/ 7 KB
2 KB 43ms
43ms Script
application/javascript 162.55.234.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://primecosmetics.ch/js/jquery.easing.min.js
Requested by: Host: primecosmetics.ch
URL: https://primecosmetics.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.234.14 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rlx10.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 7e1315d9de485eb5251249e86483786d892d4b5336fc16a052b57921f22feef8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 05:06:03 GMT
content-encoding: br
last-modified: Mon, 23 Dec 2013 21:17:45 GMT
server: nginx
etag: W/"52b8a879-1b86"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery.vegas.js Show response
primecosmetics.ch/js/ 11 KB
2 KB 44ms
44ms Script
application/javascript 162.55.234.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://primecosmetics.ch/js/jquery.vegas.js
Requested by: Host: primecosmetics.ch
URL: https://primecosmetics.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.234.14 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rlx10.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 8042ab578029e6d6baf04378c3cf105b2d8e569a9603f2b3c74ae64a096d1312

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 05:06:03 GMT
content-encoding: br
last-modified: Mon, 23 Dec 2013 21:17:45 GMT
server: nginx
etag: W/"52b8a879-2c0f"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery.mixitup.min.js Show response
primecosmetics.ch/js/ 16 KB
4 KB 45ms
45ms Script
application/javascript 162.55.234.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://primecosmetics.ch/js/jquery.mixitup.min.js
Requested by: Host: primecosmetics.ch
URL: https://primecosmetics.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.234.14 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rlx10.loginserver.ch
Software: nginx / PleskLin
Resource Hash: de34d75ea0429e6eb45d32a3b1370a0fe00c97c33e6a156826520a4ca8473b9e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 05:06:03 GMT
content-encoding: br
last-modified: Mon, 23 Dec 2013 21:17:45 GMT
server: nginx
etag: W/"52b8a879-3e67"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 redink.js Show response
primecosmetics.ch/js/ 24 KB
5 KB 42ms
42ms Script
application/javascript 162.55.234.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://primecosmetics.ch/js/redink.js
Requested by: Host: primecosmetics.ch
URL: https://primecosmetics.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.234.14 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rlx10.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 07a71bac99bd5949638ea4ddf1e85a0a9d7bbbe4823f40f3e64a122d3ed1baad

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 05:06:03 GMT
content-encoding: br
last-modified: Wed, 20 Aug 2014 13:48:20 GMT
server: nginx
etag: W/"53f4a724-5eb6"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 fontawesome-webfont.woff
primecosmetics.ch/css/font/ 43 KB
43 KB 64ms
63ms Font
font/woff 162.55.234.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://primecosmetics.ch/css/font/fontawesome-webfont.woff
Requested by: Host: primecosmetics.ch
URL: https://primecosmetics.ch/css/screen.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.234.14 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rlx10.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Origin: https://primecosmetics.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 05:06:03 GMT
last-modified: Mon, 23 Dec 2013 21:17:20 GMT
server: nginx
etag: "52b8a860-aa34"
x-powered-by: PleskLin
content-type: font/woff
accept-ranges: bytes
content-length: 43572

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 12 KB
12 KB 124ms
50ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:400,700|Oswald

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Origin: https://primecosmetics.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 21:18:04 GMT
x-content-type-options: nosniff
age: 28079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12276
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:49:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 21:18:04 GMT

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ 21 KB
21 KB 100ms
26ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:400,700|Oswald

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Origin: https://primecosmetics.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:55:23 GMT
x-content-type-options: nosniff
age: 223840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21224
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:55:23 GMT

GET
H2 200 home_n1.jpg
primecosmetics.ch/images/ 322 KB
322 KB 38ms
38ms Image
image/jpeg 162.55.234.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primecosmetics.ch/images/home_n1.jpg
Requested by: Host: primecosmetics.ch
URL: https://primecosmetics.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.234.14 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rlx10.loginserver.ch
Software: nginx / PleskLin
Resource Hash: ffc935789ff2a079fbc61ae33ed12cc5d4b79fee4e9ef6e745928f2a029b30f9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 05:06:03 GMT
last-modified: Wed, 20 Aug 2014 13:44:57 GMT
server: nginx
etag: "53f4a659-50759"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 329561

GET
H2 200 favicon.ico
primecosmetics.ch/images/icons/ 1 KB
1 KB 38ms
38ms Other
image/vnd.microsoft.icon 162.55.234.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://primecosmetics.ch/images/icons/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.234.14 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rlx10.loginserver.ch
Software: nginx / PleskLin
Resource Hash: e703f39a69e7e8239e42cb4e11fa5fb3c108439976d8c29c5a7ae9035a4a6f87

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 05:06:03 GMT
last-modified: Mon, 23 Dec 2013 21:17:37 GMT
server: nginx
etag: "52b8a871-47e"
x-powered-by: PleskLin
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 1150

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| html5 object| Modernizr function| yepnope function| $ function| jQuery function| DP_jQuery_1719551163471 object| Jacked function| CJ function| CJcss function| CJpercentage function| CJspecial string| browser object| jQuery191015928484779050844

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			primecosmetics.ch/	1970-01-21 06:24:47	Name: redinkvisited Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
primecosmetics.ch
162.55.234.14
2a00:1450:4001:802::200a
2a00:1450:4001:812::2003
2a00:1450:4001:82a::200a
07a71bac99bd5949638ea4ddf1e85a0a9d7bbbe4823f40f3e64a122d3ed1baad
16089a42741acc5fd00ab17da92be9458e8f0029fd645f159e582a7ea0f52ec1
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
1ca6ac9b354c88d65068447d34b3fc98f0be7455c3562e1503a432a3981c13a2
20116510f3b35578c744b5d0ceb9aaa455eef62bc2bd5ebd308510401e8abfc5
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
48e584a1ea0f7ea6bb0942a015de3649e395f8cb5611d09fc0d9ec15b75102d7
66b1696ddad2dcb62b1bfe9bd805bc79cbeccbebcaedd6bf2ec13753fce56f07
67ab5fcd717918ccf42b8cc7512cb3c692bc2b81ea3729591349f6475c2a518f
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
7e1315d9de485eb5251249e86483786d892d4b5336fc16a052b57921f22feef8
8042ab578029e6d6baf04378c3cf105b2d8e569a9603f2b3c74ae64a096d1312
86bad9c6d053fad76c54dfd5712e2000d77b968c6a44d295953222eecddeb179
97c2333559ef0e15e31201d0da06152b3533b6c0436c57872eec05b7313319bf
babed8ddf22ed2e66590a4f75773661304242a4f4167d52e165652fee492933e
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
de34d75ea0429e6eb45d32a3b1370a0fe00c97c33e6a156826520a4ca8473b9e
e703f39a69e7e8239e42cb4e11fa5fb3c108439976d8c29c5a7ae9035a4a6f87
f838c61fcecb8739774607b9bbf27c2fe587ed1b0d97fba94448e7587d816093
ffc935789ff2a079fbc61ae33ed12cc5d4b79fee4e9ef6e745928f2a029b30f9