urlscan.io logo urlscan.io
SecurityTrails logo

staging2.bespokecosmeticsinstitute.com.au Open in urlscan Pro
35.213.222.222  Public Scan

Go To Rescan Add Verdict Report
URL: https://staging2.bespokecosmeticsinstitute.com.au/
Submission: On July 24 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 23 HTTP transactions. The main IP is 35.213.222.222, located in Sydney, Australia and belongs to GOOGLE, US. The main domain is staging2.bespokecosmeticsinstitute.com.au.
TLS certificate: Issued by R11 on July 7th 2024. Valid for: 3 months.
This is the only time staging2.bespokecosmeticsinstitute.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 35.213.222.222 15169 (GOOGLE)
1 64.233.187.95 15169 (GOOGLE)
3 172.217.25.163 15169 (GOOGLE)
2 104.16.107.254 13335 (CLOUDFLAR...)
1 172.64.153.27 13335 (CLOUDFLAR...)
1 104.17.175.201 13335 (CLOUDFLAR...)
1 104.18.80.204 13335 (CLOUDFLAR...)
1 104.16.140.209 13335 (CLOUDFLAR...)
1 104.16.117.116 13335 (CLOUDFLAR...)
23 10
12    35.213.222.222 (Sydney, Australia)

ASN15169 (GOOGLE, US)
PTR: 222.222.213.35.bc.googleusercontent.com
staging2.bespokecosmeticsinstitute.com.au
1    64.233.187.95 (United States)

ASN15169 (GOOGLE, US)
PTR: tj-in-f95.1e100.net
fonts.googleapis.com
3    172.217.25.163 (United States)

ASN15169 (GOOGLE, US)
PTR: sin01s16-in-f3.1e100.net
fonts.gstatic.com
2    104.16.107.254 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
1    172.64.153.27 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    104.17.175.201 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    104.16.140.209 (None, )

ASN13335 (CLOUDFLARENET, US)
js-na1.hs-scripts.com
1    104.16.117.116 (None, )

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Apex Domain
Subdomains		 Transfer
12 bespokecosmeticsinstitute.com.au
staging2.bespokecosmeticsinstitute.com.au
3 MB
3 gstatic.com
fonts.gstatic.com
70 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 9601
forms.hscollectedforms.net — Cisco Umbrella Rank: 9837
25 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 5359
1 KB
1 hs-scripts.com
js-na1.hs-scripts.com — Cisco Umbrella Rank: 14508
1 KB
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 9382
886 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 5135
24 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 5067
26 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
23 9
Domain Requested by
12 staging2.bespokecosmeticsinstitute.com.au 1 redirects staging2.bespokecosmeticsinstitute.com.au
3 fonts.gstatic.com fonts.googleapis.com
1 track.hubspot.com
1 js-na1.hs-scripts.com js.hs-analytics.net
1 forms.hsforms.com staging2.bespokecosmeticsinstitute.com.au
1 forms.hscollectedforms.net js.hscollectedforms.net
1 js.hs-analytics.net staging2.bespokecosmeticsinstitute.com.au
1 js.hs-banner.com staging2.bespokecosmeticsinstitute.com.au
1 js.hscollectedforms.net staging2.bespokecosmeticsinstitute.com.au
1 fonts.googleapis.com staging2.bespokecosmeticsinstitute.com.au
23 10
Subject Issuer Validity Valid
*.staging2.bespokecosmeticsinstitute.com.au
R11		 2024-07-07 -
2024-10-05		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
hscollectedforms.net
E1		 2024-05-27 -
2024-08-25		 3 months crt.sh
hs-banner.com
E1		 2024-05-30 -
2024-08-28		 3 months crt.sh
hs-analytics.net
WE1		 2024-06-11 -
2024-09-09		 3 months crt.sh
hsforms.com
WE1		 2024-06-14 -
2024-09-12		 3 months crt.sh
hs-scripts.com
E1		 2024-05-31 -
2024-08-29		 3 months crt.sh
hubspot.com
E5		 2024-07-21 -
2024-10-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://staging2.bespokecosmeticsinstitute.com.au/
Frame ID: 4715CD5DE3AC949833AA05C8D68A3AE3
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Bespoke Cosmetics Institute

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

91 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

3314 kB
Transfer

4097 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://staging2.bespokecosmeticsinstitute.com.au/favicon.ico HTTP 302
  • https://staging2.bespokecosmeticsinstitute.com.au/wp-includes/images/w-logo-blue-white-bg.png

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
staging2.bespokecosmeticsinstitute.com.au/ 		124 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://staging2.bespokecosmeticsinstitute.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.222.222 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
222.222.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
49c727527aa8d3a94e92f2b4b7976a6c5176be1c721aaa330945acca8e167e39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 12:26:31 GMT
host-header
6b7412fb82ca5edfd0917e3957f05d89
link
<https://staging2.bespokecosmeticsinstitute.com.au/wp-json/>; rel="https://api.w.org/", <https://staging2.bespokecosmeticsinstitute.com.au/wp-json/wp/v2/pages/3425>; rel="alternate"; title="JSON"; type="application/json", <https://staging2.bespokecosmeticsinstitute.com.au/>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
x-content-type-options
nosniff
x-httpd
1
x-proxy-cache
MISS
x-proxy-cache-info
d NC:000000 UP:
x-xss-protection
1; mode=block
siteground-optimizer-combined-css-1d362ab8f9f3247c1aa5f04a6fc0f3c0.css
staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/siteground-optimizer-assets/ 		396 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1d362ab8f9f3247c1aa5f04a6fc0f3c0.css
Requested by
Host: staging2.bespokecosmeticsinstitute.com.au
URL: https://staging2.bespokecosmeticsinstitute.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.222.222 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
222.222.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
92b67b104a495d4e982192eb3fac2311f024f5780ef1d0d7e755fe6ed512c4ac

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:31 GMT
content-encoding
br
last-modified
Tue, 23 Jul 2024 11:33:40 GMT
server
nginx
etag
W/"669f9514-631fd"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Thu, 24 Jul 2025 12:26:31 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A400%7CSignika+Negative%3A700%2C400%7CPoppins%3A400&display=fallback&ver=4.7.3
Requested by
Host: staging2.bespokecosmeticsinstitute.com.au
URL: https://staging2.bespokecosmeticsinstitute.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f95.1e100.net
Software
ESF /
Resource Hash
e54ab95b7a80271333bb32955996aaf0dbc5dd03456ce5ba413e0c058a431587
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jul 2024 12:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jul 2024 12:26:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jul 2024 12:26:32 GMT
jquery.min.js
staging2.bespokecosmeticsinstitute.com.au/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging2.bespokecosmeticsinstitute.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: staging2.bespokecosmeticsinstitute.com.au
URL: https://staging2.bespokecosmeticsinstitute.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.222.222 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
222.222.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:31 GMT
content-encoding
br
last-modified
Thu, 04 Apr 2024 23:18:48 GMT
server
nginx
etag
W/"660f3558-15601"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Thu, 24 Jul 2025 12:26:31 GMT
cropped-cropped-BESPOKE_horizontal_green_CMYK-1-450x116.png
staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/2024/04/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/2024/04/cropped-cropped-BESPOKE_horizontal_green_CMYK-1-450x116.png
Requested by
Host: staging2.bespokecosmeticsinstitute.com.au
URL: https://staging2.bespokecosmeticsinstitute.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.222.222 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
222.222.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9777604d344ed783bf42d1d6b3be34c47ec7572751ddc457c7ac3369c9ae64be

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:31 GMT
last-modified
Tue, 23 Jul 2024 01:17:46 GMT
server
nginx
etag
"669f04ba-226e"
x-proxy-cache-info
DT:1
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
8814
expires
Thu, 24 Jul 2025 12:26:31 GMT
siteground-optimizer-combined-js-e23d592a8e3662378d6c0090aa895dd8.js
staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/siteground-optimizer-assets/ 		163 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-e23d592a8e3662378d6c0090aa895dd8.js
Requested by
Host: staging2.bespokecosmeticsinstitute.com.au
URL: https://staging2.bespokecosmeticsinstitute.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.222.222 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
222.222.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d591d87c268845f81a5e0be8bee4e6d8a954a1d72103f979b4e19a567bd92077

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:31 GMT
content-encoding
br
last-modified
Tue, 23 Jul 2024 11:33:40 GMT
server
nginx
etag
W/"669f9514-28d15"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Thu, 24 Jul 2025 12:26:31 GMT
Bespoke-Cosmetics-Institute-first-image-1.png
staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/2024/05/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/2024/05/Bespoke-Cosmetics-Institute-first-image-1.png
Requested by
Host: staging2.bespokecosmeticsinstitute.com.au
URL: https://staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1d362ab8f9f3247c1aa5f04a6fc0f3c0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.222.222 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
222.222.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd1bf55cfc1789ba48574b4c8cc5c4ec1c853b82e5a76383af5578926b4ccbcb

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1d362ab8f9f3247c1aa5f04a6fc0f3c0.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:32 GMT
last-modified
Fri, 03 May 2024 05:05:46 GMT
server
nginx
etag
"663470aa-17708f"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
1536143
expires
Thu, 24 Jul 2025 12:26:32 GMT
Bespoke-Cosmetics-Institute-1.png
staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/2024/05/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/2024/05/Bespoke-Cosmetics-Institute-1.png
Requested by
Host: staging2.bespokecosmeticsinstitute.com.au
URL: https://staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1d362ab8f9f3247c1aa5f04a6fc0f3c0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.222.222 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
222.222.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
92c53d027ee4446a710669e79a9086b6ffce1b1581c9511bd5eae69c2ffe5895

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1d362ab8f9f3247c1aa5f04a6fc0f3c0.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:32 GMT
last-modified
Thu, 09 May 2024 23:31:12 GMT
server
nginx
etag
"663d5cc0-1682a2"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
1475234
expires
Thu, 24 Jul 2025 12:26:32 GMT
Bespoke-Cosmetics-Institute-follow-image.png
staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/2024/05/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/2024/05/Bespoke-Cosmetics-Institute-follow-image.png
Requested by
Host: staging2.bespokecosmeticsinstitute.com.au
URL: https://staging2.bespokecosmeticsinstitute.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.222.222 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
222.222.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0b3185b708088859993869be3dde429bc0f01704f84edd897a6088a0cf4fb0f0

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:32 GMT
last-modified
Fri, 03 May 2024 05:11:24 GMT
server
nginx
etag
"663471fc-d984"
x-proxy-cache-info
DT:1
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
55684
expires
Thu, 24 Jul 2025 12:26:32 GMT
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A400%7CSignika+Negative%3A700%2C400%7CPoppins%3A400&display=fallback&ver=4.7.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.25.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin01s16-in-f3.1e100.net
Software
sffe /
Resource Hash
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging2.bespokecosmeticsinstitute.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 10:12:57 GMT
x-content-type-options
nosniff
age
353615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22432
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Jul 2025 10:12:57 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A400%7CSignika+Negative%3A700%2C400%7CPoppins%3A400&display=fallback&ver=4.7.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.25.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin01s16-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging2.bespokecosmeticsinstitute.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 14:03:38 GMT
x-content-type-options
nosniff
age
512574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Jul 2025 14:03:38 GMT
E218_cfngu7HiRpPX3ZpNE4kY5zKYvWhrw.woff2
fonts.gstatic.com/s/signikanegative/v21/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/signikanegative/v21/E218_cfngu7HiRpPX3ZpNE4kY5zKYvWhrw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A400%7CSignika+Negative%3A700%2C400%7CPoppins%3A400&display=fallback&ver=4.7.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.25.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin01s16-in-f3.1e100.net
Software
sffe /
Resource Hash
457a5e873a212109d96ac80a2c0ed9ce38ffb55d72b030240d3929ed6eac7c10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging2.bespokecosmeticsinstitute.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 23:22:52 GMT
x-content-type-options
nosniff
age
392620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40316
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:25:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Jul 2025 23:22:52 GMT
truncated
/ 		42 B
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
collectedforms.js
js.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: staging2.bespokecosmeticsinstitute.com.au
URL: https://staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-e23d592a8e3662378d6c0090aa895dd8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/
Origin
https://staging2.bespokecosmeticsinstitute.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.586/bundles/project.js&cfRay=8a83e6319b7cdfab-SYD
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"ac41634810840adc02ea51748cb19c2f"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
collected-forms-embed-js/static-1.586/bundles/project.js
date
Wed, 24 Jul 2024 12:26:32 GMT
x-amz-version-id
FCxgV_B3nWescR00el0uV0Hdj2lazDBZ
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
08f12a5a-670d-40e3-a980-99e6e254ba3e
x-cache
Miss from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
28
x-evy-trace-route-configuration
listener_https/all
x-request-id
08f12a5a-670d-40e3-a980-99e6e254ba3e
last-modified
Tue, 23 Jul 2024 12:55:20 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-65f7f7c749-wf75s
cf-ray
8a83e6319b7cdfab-SYD
x-amz-cf-id
xo5mAptfb-queH0BhF-8tIJ0s_bH7qt9cHc-fDAiyFls8o-_BHWPpg==
banner.js
js.hs-banner.com/v2/46054909/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/46054909/banner.js
Requested by
Host: staging2.bespokecosmeticsinstitute.com.au
URL: https://staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-e23d592a8e3662378d6c0090aa895dd8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc526e9b133fd21b796c28754dba3551fecc539edcb1a7378059baf8c481773d

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:33 GMT
x-amz-version-id
uKqK4b9jSP2Es4BJ2NSJjuqQrwsjgFPr
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
KGA971HQGS64DKX6
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
c41750a7-c916-4cc7-b39a-784b8f0a60e3
x-envoy-upstream-service-time
121
x-amz-id-2
oEi0Wfy/tsDhKWwbNdFxVY5Oujm/DvjqJBkt8/XRo5obcC7u6vn+5C3/LAirIBs0S9Fa3+ang/8=
x-evy-trace-listener
listener_https
x-request-id
c41750a7-c916-4cc7-b39a-784b8f0a60e3
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 03 May 2024 06:27:11 GMT
server
cloudflare
etag
W/"d70dcad330523a57cf99169f02c6dad1"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://bespokecosmeticsinstitute.com.au
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-lw9wf
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8a83e6319f285c0b-SYD
expires
Wed, 24 Jul 2024 12:31:33 GMT
46054909.js
js.hs-analytics.net/analytics/1721734200000/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1721734200000/46054909.js
Requested by
Host: staging2.bespokecosmeticsinstitute.com.au
URL: https://staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-e23d592a8e3662378d6c0090aa895dd8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.175.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc868af4b7023a98656b63390e7c48bb0ba531b972a6ce653318ea0b6b561f03

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:32 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
TQJBX9PMVFQQK331
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
67e0f827-7c78-4025-91e5-61f7bb46ac4f
x-envoy-upstream-service-time
79
x-amz-id-2
MaxAXUiG2E+lH7DhBbyr+n1y6bXGFqbJeQEgC9AGkTiGnzFxSyE+GkrcA7ot8llf+QOWveavsmuEiWIyeZ3fqQ+vA7UtgE7S
x-evy-trace-listener
listener_https
x-request-id
67e0f827-7c78-4025-91e5-61f7bb46ac4f
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 23 Jul 2024 21:11:02 GMT
server
cloudflare
etag
W/"3f6fc0566584f4a7d33e2256270352af"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-gtkxs
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8a83e63188685744-SYD
expires
Wed, 24 Jul 2024 12:31:32 GMT
a4313ffa-4993-4ae2-9cdc-c59cc45ea47c
https://staging2.bespokecosmeticsinstitute.com.au/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://staging2.bespokecosmeticsinstitute.com.au/a4313ffa-4993-4ae2-9cdc-c59cc45ea47c
Requested by
Host: staging2.bespokecosmeticsinstitute.com.au
URL: https://staging2.bespokecosmeticsinstitute.com.au/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
Bespoke-Cosmetics-Institute-sec-image-2.png
staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/2024/05/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/2024/05/Bespoke-Cosmetics-Institute-sec-image-2.png
Requested by
Host: staging2.bespokecosmeticsinstitute.com.au
URL: https://staging2.bespokecosmeticsinstitute.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.222.222 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
222.222.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
baa14f496e3777d2f284babd50c1ae92e590cbf63947d437fa92147462c15104

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:32 GMT
last-modified
Wed, 01 May 2024 04:58:25 GMT
server
nginx
etag
"6631cbf1-42ea"
x-proxy-cache-info
DT:1
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
17130
expires
Thu, 24 Jul 2025 12:26:32 GMT
wp-emoji-release.min.js
staging2.bespokecosmeticsinstitute.com.au/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging2.bespokecosmeticsinstitute.com.au/wp-includes/js/wp-emoji-release.min.js?ver=6.6
Requested by
Host: staging2.bespokecosmeticsinstitute.com.au
URL: https://staging2.bespokecosmeticsinstitute.com.au/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-e23d592a8e3662378d6c0090aa895dd8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.222.222 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
222.222.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:32 GMT
content-encoding
br
last-modified
Thu, 04 Apr 2024 23:18:48 GMT
server
nginx
etag
W/"660f3558-4926"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Thu, 24 Jul 2025 12:26:32 GMT
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		136 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=46054909&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c880af5497754984c44d4aef3dd826c9e928e9ab2f29ad5d36df8a8c5b90ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://staging2.bespokecosmeticsinstitute.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
aa05926e-1ef3-449a-adfb-cdc1645c87b0
x-envoy-upstream-service-time
10
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
aa05926e-1ef3-449a-adfb-cdc1645c87b0
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://staging2.bespokecosmeticsinstitute.com.au
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-65f7f7c749-vzz6g
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
8a83e6337d61dfab-SYD
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Requested by
Host: staging2.bespokecosmeticsinstitute.com.au
URL: https://staging2.bespokecosmeticsinstitute.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
20e424b4-ad96-400c-b27a-5c55c6f33b9e
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
20e424b4-ad96-400c-b27a-5c55c6f33b9e
server
cloudflare
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-776cb5686f-xvndp
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
8a83e635bd715744-SYD
46054909.js
js-na1.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-na1.hs-scripts.com/46054909.js
Requested by
Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1721734200000/46054909.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.140.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56013d9239dd22ebe0839c6a52d44bf3d1929d88ea178dd0c9c05eac2c242545
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
ed4e2a79-f942-4331-8a80-5729283800c3
x-envoy-upstream-service-time
48
content-length
604
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
ed4e2a79-f942-4331-8a80-5729283800c3
last-modified
Wed, 24 Jul 2024 08:44:39 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://staging2.bespokecosmeticsinstitute.com.au
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-7dd59b876-nt6g5
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a83e6393cffa7f6-SYD
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-au&bfp=3640867636&v=1.1&a=46054909&ct=standard-page&rcu=https%3A%2F%2Fstaging2.bespokecosmeticsinstitute.com.au%2F&pu=https%3A%2F%2Fstaging2.bespokecosmeticsinstitute.com.au%2F&t=Home+-+Bespoke+Cosmetics+Institute&cts=1721823993466&vi=287d54d016120945f5fed2403a1b0530&nc=true&u=94842371.287d54d016120945f5fed2403a1b0530.1721823993463.1721823993463.1721823993463.1&b=94842371.1.1721823993464&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
e51a284d-9a1e-46a3-847e-b118a23d8634
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
4
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e51a284d-9a1e-46a3-847e-b118a23d8634
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GEkWHdmvbV%2Boi%2FbnRIN41fPjtdMSbM9lUBOJZUlMdjP3Yzd8i6G4s9kryVNv1p3ohBniLwcvshjJcXWiC0XkHY6J%2Fin4fTV6n7b2J9gBOWjtqAL8Fv9hNKIBXZ6ofi31hDkc"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-f56xp
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
8a83e639bfe5aac4-SYD
x-robots-tag
none
w-logo-blue-white-bg.png
staging2.bespokecosmeticsinstitute.com.au/wp-includes/images/
Redirect Chain
  • https://staging2.bespokecosmeticsinstitute.com.au/favicon.ico
  • https://staging2.bespokecosmeticsinstitute.com.au/wp-includes/images/w-logo-blue-white-bg.png
4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://staging2.bespokecosmeticsinstitute.com.au/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H2
Server
35.213.222.222 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
222.222.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

Referer
https://staging2.bespokecosmeticsinstitute.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:26:33 GMT
last-modified
Thu, 04 Apr 2024 23:18:48 GMT
server
nginx
etag
"660f3558-1017"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
4119
expires
Thu, 24 Jul 2025 12:26:33 GMT

Redirect headers

date
Wed, 24 Jul 2024 12:26:33 GMT
x-cache-enabled
True
x-content-type-options
nosniff
server
nginx
x-redirect-by
WordPress
x-proxy-cache-info
0302 NC:000000 UP:
content-type
text/html; charset=UTF-8
location
https://staging2.bespokecosmeticsinstitute.com.au/wp-includes/images/w-logo-blue-white-bg.png
x-httpd
1
host-header
6b7412fb82ca5edfd0917e3957f05d89
sg-f-cache
BYPASS
link
<https://staging2.bespokecosmeticsinstitute.com.au/wp-json/>; rel="https://api.w.org/"
x-xss-protection
1; mode=block
x-proxy-cache
MISS

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| jQuery object| astra object| leadin_wordpress object| spectra_pro_instagram_media object| uagb_forms_data object| starter_templates_zip_preview object| astraAddon object| _hsq function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent object| _hsp function| getQueryIdFromUrl function| scrollToQueryId object| _wpemojiSettings function| astraSmoothScroll function| astScrollToTopHandler function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle object| lazySizes object| UAGBButtonChild function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| imagesLoaded object| SpectraInstagramMasonry object| SpectraInstagramPagedGrid object| UAGBForms object| wp function| astraToggleSetupPro function| astraNavMenuTogglePro object| twemoji object| __hsCollectedFormsDebug object| _paq function| sanitizeKey boolean| _hstc_loaded object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran number| link number| len boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime

8 Cookies

Domain/Path Name / Value
.hsforms.com/ Name: __cf_bm
Value: W0M7M39cXLEvN7tbAPdDWPRRMt.vD7dWocsDTFUOQ28-1721823993-1.0.1.1-4sElFZUW7RsSNrZz8i556PZ2Zj5Vi4qLmItYy__TYxYUP377VdJL3Go7P0wqGDi2Ni.vLuo6fKGX.R7Q7K1Q_g
.hsforms.com/ Name: _cfuvid
Value: UmNgWZHpZ_i9MCaeicb6QcbQdVCX9fvtxk81JfcfuOs-1721823993456-0.0.1.1-604800000
.bespokecosmeticsinstitute.com.au/ Name: __hstc
Value: 94842371.287d54d016120945f5fed2403a1b0530.1721823993463.1721823993463.1721823993463.1
.bespokecosmeticsinstitute.com.au/ Name: hubspotutk
Value: 287d54d016120945f5fed2403a1b0530
.bespokecosmeticsinstitute.com.au/ Name: __hssrc
Value: 1
.bespokecosmeticsinstitute.com.au/ Name: __hssc
Value: 94842371.1.1721823993464
.hubspot.com/ Name: __cf_bm
Value: jpkzxDcKzipShO4JGChe76_eb28ie8_ErXU.hqIgxIY-1721823994-1.0.1.1-SkWZQ7ojufcmRsk7dg4GafpTw64m3O4H8wF.1Mm7OxqAopssz0ZiETpJ.C8e1yneVJ3GTnzfdKLjsKZy.jzIxw
.hubspot.com/ Name: _cfuvid
Value: rF2hVuZyr3M7G1rqCTtLdBf.4GYY3HKNoPBXqN8fTTc-1721823994117-0.0.1.1-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
staging2.bespokecosmeticsinstitute.com.au
track.hubspot.com
104.16.107.254
104.16.117.116
104.16.140.209
104.17.175.201
104.18.80.204
172.217.25.163
172.64.153.27
35.213.222.222
64.233.187.95
0b3185b708088859993869be3dde429bc0f01704f84edd897a6088a0cf4fb0f0
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c
457a5e873a212109d96ac80a2c0ed9ce38ffb55d72b030240d3929ed6eac7c10
49c727527aa8d3a94e92f2b4b7976a6c5176be1c721aaa330945acca8e167e39
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
56013d9239dd22ebe0839c6a52d44bf3d1929d88ea178dd0c9c05eac2c242545
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
92b67b104a495d4e982192eb3fac2311f024f5780ef1d0d7e755fe6ed512c4ac
92c53d027ee4446a710669e79a9086b6ffce1b1581c9511bd5eae69c2ffe5895
9777604d344ed783bf42d1d6b3be34c47ec7572751ddc457c7ac3369c9ae64be
baa14f496e3777d2f284babd50c1ae92e590cbf63947d437fa92147462c15104
bc526e9b133fd21b796c28754dba3551fecc539edcb1a7378059baf8c481773d
bd1bf55cfc1789ba48574b4c8cc5c4ec1c853b82e5a76383af5578926b4ccbcb
c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc868af4b7023a98656b63390e7c48bb0ba531b972a6ce653318ea0b6b561f03
d591d87c268845f81a5e0be8bee4e6d8a954a1d72103f979b4e19a567bd92077
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e2c880af5497754984c44d4aef3dd826c9e928e9ab2f29ad5d36df8a8c5b90ce
e54ab95b7a80271333bb32955996aaf0dbc5dd03456ce5ba413e0c058a431587
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629