www.beautybarmedspa.com Open in urlscan Pro
3.67.141.185 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ow.ly/yvLw50IRMRu
Effective URL:
https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Submission: On July 24 via manual (July 24th 2022, 12:33:02 pm UTC) from IE — Scanned from DE

Summary HTTP 171 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 36 IPs in 3 countries across 28 domains to perform 171 HTTP transactions. The main IP is 3.67.141.185, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.beautybarmedspa.com.
TLS certificate: Issued by R3 on June 7th 2022. Valid for: 3 months.

This is the only time www.beautybarmedspa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.183.131.91 54.183.131.91	16509 (AMAZON-02) (AMAZON-02)
1	3.67.141.185 3.67.141.185	16509 (AMAZON-02) (AMAZON-02)
11	13.32.99.173 13.32.99.173	16509 (AMAZON-02) (AMAZON-02)
12	18.64.79.13 18.64.79.13	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::2013	15169 (GOOGLE) (GOOGLE)
1	18.66.112.9 18.66.112.9	16509 (AMAZON-02) (AMAZON-02)
9	143.204.89.125 143.204.89.125	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:224a:d800:1c:b536:2c40:21	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
10	52.217.131.168 52.217.131.168	16509 (AMAZON-02) (AMAZON-02)
9	3.67.22.251 3.67.22.251	16509 (AMAZON-02) (AMAZON-02)
1	104.89.44.137 104.89.44.137	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	108.138.7.63 108.138.7.63	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	13.33.244.94 13.33.244.94	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	18.66.242.187 18.66.242.187	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:6c00:1f:f560:8d00:21	16509 (AMAZON-02) (AMAZON-02)
2	54.173.147.65 54.173.147.65	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:1f18:243... 2600:1f18:243f:2d01:137e:ccfb:6d82:44ab	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.206.108 52.222.206.108	16509 (AMAZON-02) (AMAZON-02)
14	2606:4700::68... 2606:4700::6813:e968	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1 1	89.187.169.15 89.187.169.15	60068 (CDN77 ^_^) (CDN77 ^_^)
16	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
5	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
1	13.248.205.93 13.248.205.93	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
5	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.217.174.201 52.217.174.201	() ()
171	36

1 54.183.131.91 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ow.ly

ow.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.141.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-141-185.eu-central-1.compute.amazonaws.com

www.beautybarmedspa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.32.99.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-173.fra60.r.cloudfront.net

irp.cdn-website.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.64.79.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-13.txl50.r.cloudfront.net

static.cdn-website.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

beautybarmedspa.agilecrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats2.agilecrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-9.fra56.r.cloudfront.net

lirp.cdn-website.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.89.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-125.fra50.r.cloudfront.net

d2j6dbq0eux0bg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:d800:1c:b536:2c40:21 (United States)

ASN16509 (AMAZON-02, US)

d1oxsl77a1kjht.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.217.131.168 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.67.22.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-22-251.eu-central-1.compute.amazonaws.com

app.multiscreenstore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.44.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-44-137.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.7.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-63.fra56.r.cloudfront.net

static-cdn.multiscreensite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.244.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-244-94.hel50.r.cloudfront.net

d32hwlnfiv2gyn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.242.187 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-187.dus51.r.cloudfront.net

d2scn539ulxr09.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:6c00:1f:f560:8d00:21 (United States)

ASN16509 (AMAZON-02, US)

d3dq8sxcny4hg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.173.147.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-147-65.compute-1.amazonaws.com

ecomm.events	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:243f:2d01:137e:ccfb:6d82:44ab (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

analytics.sitewit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-108.fra56.r.cloudfront.net

d1dkdnyvras0l5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6813:e968 (United States)

ASN13335 (CLOUDFLARENET, US)

messenger.mindbodyonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5514 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.169.15 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: edge-632.bunnyinfra.net

cdn.materialdesignicons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.205.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad42d0847b05b89b1.awsglobalaccelerator.com

js.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.174.201 (None, )

ASN- ()

agilecrm.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	cdn-website.com irp.cdn-website.com — Cisco Umbrella Rank: 17038 static.cdn-website.com — Cisco Umbrella Rank: 17284 lirp.cdn-website.com — Cisco Umbrella Rank: 16446	404 KB
20	cloudfront.net d2j6dbq0eux0bg.cloudfront.net d1oxsl77a1kjht.cloudfront.net d32hwlnfiv2gyn.cloudfront.net d2scn539ulxr09.cloudfront.net d3dq8sxcny4hg.cloudfront.net d1dkdnyvras0l5.cloudfront.net	2 MB
16	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1999	398 KB
14	mindbodyonline.com messenger.mindbodyonline.com — Cisco Umbrella Rank: 183419	485 KB
12	amazonaws.com s3.amazonaws.com agilecrm.s3.amazonaws.com	349 KB
10	paypal.com www.paypal.com — Cisco Umbrella Rank: 2205 t.paypal.com — Cisco Umbrella Rank: 3068	17 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	60 KB
9	multiscreenstore.com app.multiscreenstore.com — Cisco Umbrella Rank: 78169	53 KB
7	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	65 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	766 B
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	264 KB
4	jsdelivr.net 1 redirects cdn.jsdelivr.net — Cisco Umbrella Rank: 424	183 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5701	735 B
4	google.com www.google.com — Cisco Umbrella Rank: 10	735 B
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 117 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	2 KB
3	sitewit.com analytics.sitewit.com — Cisco Umbrella Rank: 44888	27 KB
3	multiscreensite.com static-cdn.multiscreensite.com — Cisco Umbrella Rank: 19296	106 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	195 KB
3	agilecrm.com beautybarmedspa.agilecrm.com stats2.agilecrm.com — Cisco Umbrella Rank: 108641	30 KB
2	gstatic.com fonts.gstatic.com	170 KB
2	ecomm.events ecomm.events — Cisco Umbrella Rank: 36477	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
1	squareup.com js.squareup.com — Cisco Umbrella Rank: 19007	45 KB
1	materialdesignicons.com 1 redirects cdn.materialdesignicons.com — Cisco Umbrella Rank: 28181	656 B
1	chimpstatic.com chimpstatic.com — Cisco Umbrella Rank: 4865	649 B
1	beautybarmedspa.com www.beautybarmedspa.com	18 KB
1	ow.ly 1 redirects ow.ly — Cisco Umbrella Rank: 51456	424 B
171	28

	Domain	Requested by
16	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
14	messenger.mindbodyonline.com	s3.amazonaws.com messenger.mindbodyonline.com
12	static.cdn-website.com	www.beautybarmedspa.com static.cdn-website.com
11	irp.cdn-website.com	www.beautybarmedspa.com irp.cdn-website.com
10	s3.amazonaws.com	www.beautybarmedspa.com beautybarmedspa.agilecrm.com messenger.mindbodyonline.com cdnjs.cloudflare.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.beautybarmedspa.com messenger.mindbodyonline.com
9	app.multiscreenstore.com	www.beautybarmedspa.com static.cdn-website.com app.multiscreenstore.com
9	d2j6dbq0eux0bg.cloudfront.net	www.beautybarmedspa.com
7	cdnjs.cloudflare.com	beautybarmedspa.agilecrm.com cdnjs.cloudflare.com s3.amazonaws.com www.beautybarmedspa.com
6	www.facebook.com	www.beautybarmedspa.com
6	www.googletagmanager.com	www.beautybarmedspa.com www.googletagmanager.com analytics.sitewit.com
5	t.paypal.com
5	www.paypal.com	www.beautybarmedspa.com www.paypalobjects.com
4	cdn.jsdelivr.net	1 redirects s3.amazonaws.com cdn.jsdelivr.net
4	d2scn539ulxr09.cloudfront.net	app.multiscreenstore.com
4	www.google.de	www.beautybarmedspa.com
4	www.google.com	www.beautybarmedspa.com
3	fonts.googleapis.com	s3.amazonaws.com
3	analytics.sitewit.com	app.multiscreenstore.com analytics.sitewit.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	d32hwlnfiv2gyn.cloudfront.net	www.beautybarmedspa.com
3	static-cdn.multiscreensite.com	static.cdn-website.com
3	connect.facebook.net	www.beautybarmedspa.com connect.facebook.net
2	agilecrm.s3.amazonaws.com	s3.amazonaws.com www.beautybarmedspa.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ecomm.events	app.multiscreenstore.com ecomm.events
2	d1oxsl77a1kjht.cloudfront.net	www.beautybarmedspa.com app.multiscreenstore.com
2	beautybarmedspa.agilecrm.com	www.beautybarmedspa.com beautybarmedspa.agilecrm.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	js.squareup.com	s3.amazonaws.com
1	cdn.materialdesignicons.com	1 redirects
1	d1dkdnyvras0l5.cloudfront.net	www.beautybarmedspa.com
1	d3dq8sxcny4hg.cloudfront.net	app.multiscreenstore.com
1	stats2.agilecrm.com	beautybarmedspa.agilecrm.com
1	chimpstatic.com	www.beautybarmedspa.com
1	lirp.cdn-website.com	www.beautybarmedspa.com
1	www.beautybarmedspa.com
1	ow.ly	1 redirects
171	39

This site contains links to these domains. Also see Links.

Domain
facebook.com
www.instagram.com
www.linkedin.com
www.youtube.com
instagram.com
bowtie.ai

Subject Issuer	Validity	Valid
www.beautybarmedspa.com R3	`2022-06-07` - `2022-09-05`	3 months	crt.sh
multiscreensite.com R3	`2022-05-15` - `2022-08-13`	3 months	crt.sh
*.agilecrm.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-30` - `2022-12-31`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.multiscreenstore.com Amazon	`2021-11-22` - `2022-12-21`	a year	crt.sh
wildcardsan.us15.list-manage.com DigiCert SHA2 Secure Server CA	`2021-11-19` - `2022-11-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-02` - `2022-07-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.ecomm.events R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
analytics.sitewit.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-30` - `2022-10-31`	a year	crt.sh
*.mindbodyonline.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-01-25` - `2023-02-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
api-global.squareup.com Amazon	`2022-07-08` - `2023-08-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-03-04` - `2022-11-23`	9 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Frame ID: C3AFEE05634364BC00666BD8B615695C
Requests: 138 HTTP requests in this frame

Frame: https://d2scn539ulxr09.cloudfront.net/static/br/2022-27120-gace86f0a8a5/5BAAF2AA3F3634158C597ADFF53B8A66.cache.js
Frame ID: 40434DF8EE07D136FCE447985724810B
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/promotions/index.html
Frame ID: 9142AB7C0D3FF735866A85C78B6F2DEE
Requests: 14 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 25D6F62BFA7D156D6A333B76DAAAACD5
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Varela:400|Montserrat:700
Frame ID: 1CC1FE1D1E34F00CC3BC5EF0C56D9CA2
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Frame ID: 0FEC11843B200427D9E03A248AFC0F83
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Image Skin Care Products

Page URL History Show full URLs

http://ow.ly/yvLw50IRMRu HTTP 301
https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194 Page URL

Detected technologies

Ecwid (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

https://app\.multiscreenstore\.com/script\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Square (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.squareup\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HeadJS (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

head\.(?:core|load)(?:\.min)?\.js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

chimpstatic\.com/mcjs-connected

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

171
Requests

99 %
HTTPS

45 %
IPv6

28
Domains

39
Subdomains

36
IPs

3
Countries

4533 kB
Transfer

14042 kB
Size

35
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/beautybarmedspa

Search URL Search Domain Scan URL

URL: https://www.instagram.com/beautybarmedspa/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/beauty-bar-med-spa/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=gHlh_zijH0U

Search URL Search Domain Scan URL

URL: https://instagram.com/beautybarmedspa/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCarEAy-0BE9kbrhyYiTAEoA

Search URL Search Domain Scan URL

URL: https://bowtie.ai/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ow.ly/yvLw50IRMRu HTTP 301
https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://cdn.materialdesignicons.com/3.0.39/css/materialdesignicons.min.css HTTP 301
https://cdn.jsdelivr.net/mdi/3.0.39/css/materialdesignicons.min.css HTTP 301
https://cdn.jsdelivr.net/npm/@mdi/font@3.0.39/css/materialdesignicons.min.css

171 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Image-Skin-Care-Products-c46728194 Show response
www.beautybarmedspa.com/store/
Redirect Chain

http://ow.ly/yvLw50IRMRu
https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

82 KB
18 KB

153ms
28ms

Document
text/html

3.67.141.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.67.141.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-141-185.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cec59b540aab61309924e3ab9158d87e29ade42b01e61fa5aa772ccce1d85480

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 18227
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=utf-8
d-cache: from-cache
d-geo: EU
date: Sun, 24 Jul 2022 12:32:49 GMT
server: nginx
strict-transport-security: max-age=31536000; preload
vary: user-agent,accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Connection: close
Content-Length: 0
Date: Sun, 24 Jul 2022 12:32:49 GMT
Location: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-Pool: owly_web
X-XSS-Protection: 1; mode=block

GET
H2 200 css
irp.cdn-website.com/fonts/ 107 KB
3 KB 46ms
9ms Stylesheet
text/css 13.32.99.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-173.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: f71bb2b908c2cf3da70140c2b654c4323079aa761fba0ddc601023dbe19f898e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 12:43:11 GMT
content-encoding: br
server: CloudFront
age: 1640978
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: eT8QvtY0g7P_KX5kH5V3ZR3jYj7R5TmHOhx-2CVnCopLbVp7Mvei8g==
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)

GET
H2 200 d-css-runtime-desktop-one-package-new.min.css
static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/css/ 233 KB
25 KB 96ms
37ms Stylesheet
text/css 18.64.79.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-new.min.css
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-13.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64ef47987f568d82cc516003b792004e74cea759de0721e6ab48150d06875a44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 07:03:13 GMT
content-encoding: br
age: 883776
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 25268
access-control-allow-origin: *
last-modified: Thu, 14 Jul 2022 06:55:23 GMT
server: AmazonS3
etag: "95bbfd7795929b9231f4008db8f6792f"
access-control-allow-methods: GET
x-amz-version-id: jomIqjWkNgErslcqRQNf992gpFIGSuOM
via: 1.1 9ee1074b6d71798355c695fb26c21452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: M1054P2NoFVMoNoBKzIAJhVi0iOf7JkOifJEFRpu0edZKTvG2-W2UQ==

GET
H2 200 fc4d0fdaa1f660f3db93972fc71b5a82.css
irp.cdn-website.com/WIDGET_CSS/production_2689/ 48 KB
8 KB 46ms
10ms Stylesheet
text/css 13.32.99.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/WIDGET_CSS/production_2689/fc4d0fdaa1f660f3db93972fc71b5a82.css
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-173.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be100f383588f013b2b37c735d096150f4f8a10b738fc9406e7f5945da62e3eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: mY7XPhFSkAb3j0AlnWMvSM9uhZH809T_
content-encoding: br
last-modified: Thu, 14 Jul 2022 07:03:11 GMT
server: AmazonS3
age: 278919
etag: W/"377cb7e903be6309a64f84bab5403c02"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
date: Thu, 21 Jul 2022 07:04:11 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: j9YLI_PH4Q2kTnhvlCS2Ug1CjT130HKObVk5VM3oi3OYD_ZnyZ5rCw==

GET
H2 200 e0176954_1.min.css
irp.cdn-website.com/e0176954/files/ 346 KB
37 KB 48ms
13ms Stylesheet
text/css 13.32.99.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/e0176954/files/e0176954_1.min.css?v=2016
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-173.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2987547fe026699e4abdfdf85a044b0e691d7244142701b0d6267c2c3c366e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: ANcRmgtNJwDLYYyNOLX_Q7BWw3i9FckC
content-encoding: br
last-modified: Thu, 14 Jul 2022 02:46:53 GMT
server: AmazonS3
age: 284929
etag: W/"fcbc66bb56ed45ac1e3cc2f946331931"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
date: Thu, 21 Jul 2022 05:24:01 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: TOk3s1MEHsWnQuzKzly2AmUpVVlvVo8GMkHVlS8AG8agHMp61o3ZEg==

GET
H2 200 jquery-3.6.0.min.js Show response
static.cdn-website.com/libs/jquery/ 87 KB
28 KB 79ms
22ms Script
text/javascript 18.64.79.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/libs/jquery/jquery-3.6.0.min.js
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-13.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 23:16:22 GMT
content-encoding: br
age: 2812587
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 27967
access-control-allow-origin: *
last-modified: Sun, 20 Jun 2021 11:54:25 GMT
server: AmazonS3
etag: "8fb8fee4fcc3cc86ff6c724154c49c42"
access-control-allow-methods: GET
x-amz-version-id: DnPaSD2ax.ofdsMomR96m6B51pMZfReJ
via: 1.1 9ee1074b6d71798355c695fb26c21452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-type: text/javascript
x-amz-cf-id: 7r50faqi8Mn2jufk6g6PwdUdSfbcJ9oNW6rtVuQq9CNwMmMW6B_vUg==

GET
H2 200 d-js-one-runtime-unified-desktop.min.js Show response
static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/scripts/ 341 KB
84 KB 99ms
43ms Script
application/javascript 18.64.79.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-13.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37d91723ab0da3bd14856ee93966c6d1471ddc72d40ee3b4d43072541ff39420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 07:03:13 GMT
content-encoding: br
age: 883775
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
content-length: 85867
access-control-allow-origin: *
last-modified: Thu, 14 Jul 2022 06:55:23 GMT
server: AmazonS3
etag: "15a90767230c0dafaf582615bf18e3c1"
access-control-allow-methods: GET
x-amz-version-id: 1CmWNk_lCNaLkLAovckxeBmqjupFFLdC
via: 1.1 9ee1074b6d71798355c695fb26c21452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: d7CgEDFcd_OHZLNQnBmjwHQEgiPWqFvJfjF5W5Dz9SOnXkpuxMdB3Q==

GET
H2 200 d-js-jquery-migrate.min.js Show response
static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/scripts/ 11 KB
4 KB 94ms
38ms Script
application/javascript 18.64.79.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/scripts/d-js-jquery-migrate.min.js
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-13.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e2e557cfdf7a05389c23c9fda8daa535d6bed4f93e421e47a863c7331013bc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 07:03:53 GMT
content-encoding: br
age: 883737
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 3809
access-control-allow-origin: *
last-modified: Thu, 14 Jul 2022 06:55:23 GMT
server: AmazonS3
etag: "3b9b4be11c442558448e1bcb0e914c6c"
access-control-allow-methods: GET
x-amz-version-id: 4kqRQblwmm8t2.xN4h60B2lDOJN1JYx2
via: 1.1 9ee1074b6d71798355c695fb26c21452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: LVAV_RVLtaoV2ZASyrPPD_WrSG_OLgzo8-CP3YF2zXPfK3ZUjjuX-g==

GET
H2 200 agile-min.js Show response
beautybarmedspa.agilecrm.com/stats/min/ 63 KB
18 KB 280ms
157ms Script
application/javascript 2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beautybarmedspa.agilecrm.com/stats/min/agile-min.js
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: ed65b5428ab2a5530280232bc6b31854e63395734447a8ba651848af52d1a609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:49 GMT
content-encoding: gzip
server: Google Frontend
etag: "xUx6wQ"
content-type: application/javascript
x-cloud-trace-context: 3634e724109d3a8ed309e6d877968dbc
cache-control: public, max-age=600
expires: Sun, 24 Jul 2022 12:42:49 GMT

GET
H2 200 webMenulogo-1920w.png
lirp.cdn-website.com/e0176954/dms3rep/multi/opt/ 13 KB
13 KB 45ms
9ms Image
image/webp 18.66.112.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/e0176954/dms3rep/multi/opt/webMenulogo-1920w.png
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e7bf1aee8741f917663e35f5f7baf7cc59a65088dd38e62cbce861f55e8f9b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 16:47:11 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 31 Jul 2022 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Mon, 31 Jan 2022 12:36:19 GMT
server: AmazonS3
age: 762339
etag: "24c9a64c3d1905862a8a242c2b58dd9d"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 13248
x-amz-cf-id: H8g8U2RKeG8OVDQe_KrU2eFqHttAHY4OJKG-yilE1NFADG1mDEmuFg==

GET
H2 200 1315273427.jpg
d2j6dbq0eux0bg.cloudfront.net/images/15173444/ 15 KB
15 KB 480ms
449ms Image
image/jpeg 143.204.89.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/15173444/1315273427.jpg
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-125.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 342359f7df465170952f18c8403cd47c3a9f64175a59a35125dd7913c689aed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Fri, 28 Feb 2020 17:11:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "2529ef7f47d059027cb90f8d056edc09"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 15508
x-amz-cf-id: LcN2jp9S9-X3jgQud5JRAgDlS4gje4DG1GH1I0KLUSLTxFJtpMOjVA==

GET
H2 200 new
d1oxsl77a1kjht.cloudfront.net/css/ 804 KB
101 KB 205ms
133ms Stylesheet
text/css 2600:9000:224a:d800:1c:b536:2c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=202850667&ownerid=15173444&frontendV2=true&pswpNative=true
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d800:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c6508b1ee7bffea98b452068f42f14372e8ddd8251739abce45f8d08cbdcbafd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:49 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: "202850667"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css;charset=utf-8
cache-control: public, max-age=31536000
content-encoding: gzip
x-amz-cf-id: pneufHqHuzwNKi0CMPtxA5j2uZQYykOfBvo5WIU1W26RptAIN6L2rA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 136ms
51ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-125101325-1

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad8a7fa94e1d2bc6863ee25744c93b0b04467775d6eb0f98c96d1de2321a9ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41744
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Jul 2022 12:32:49 GMT

GET
H/1.1 200
OK bowtie_widget.js Show response
s3.amazonaws.com/bowtie.ai/bowtieJS/ 5 KB
5 KB 437ms
129ms Script
application/javascript 52.217.131.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/bowtie.ai/bowtieJS/bowtie_widget.js
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.131.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ca9034edc684caa1fc15365d70af446b04fa5dc9d76473f53c9f1d85098b118f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Sun, 24 Jul 2022 12:32:51 GMT
Last-Modified: Sun, 10 Apr 2022 15:33:56 GMT
Server: AmazonS3
x-amz-request-id: ZPTGRK4WZX9WNGX1
ETag: "82c1ab8fd99ecc60832618cf67652cd0"
x-amz-version-id: SetDgArN2ji7jEY.BjzZ2hODZ5mgUYGl
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 5081
x-amz-id-2: 6gcF6KFjGRb5K4WZirZ07ivytFrFGIF5ziRh3HeS9ddnIDnwO2XOlwpDFFuSNXbKKgEwyxx3pHE=

GET
H/1.1 200
OK script.js
app.multiscreenstore.com/ 0
21 KB 430ms
336ms Other
text/javascript 3.67.22.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.multiscreenstore.com/script.js?15173444
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 12:32:49 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"-630716070"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Cache-Control: private,must-revalidate,max-age:3
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
52 KB 189ms
105ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBTN6C2

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0171e6a9486f5f7710cb21082f97cbef0a73f98e184279c358d89e389f64fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53384
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Jul 2022 12:32:49 GMT

GET
H/1.1 200
OK 8e55979acb3a1fa6f19f0ee35.js Show response
chimpstatic.com/mcjs-connected/js/users/941699f0d7de9fb1124831f04/ 50 B
649 B 407ms
377ms Script
application/javascript 104.89.44.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/941699f0d7de9fb1124831f04/8e55979acb3a1fa6f19f0ee35.js
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.44.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-44-137.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 361, 361
Date: Sun, 24 Jul 2022 12:32:50 GMT
Last-Modified: Wed, 18 Dec 2019 00:54:50 GMT
Server: AmazonS3
x-amz-request-id: QZ67JHZRRBDQAKN6
X-EdgeConnect-MidMile-RTT: 0, 0
ETag: "104d46a3208b40e8ded389332f5a78a3"
Content-Type: application/javascript
Cache-Control: max-age=1796
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50
x-amz-id-2: OQbnt3h3E+tX5ttaLO5cNoEZagQWNdStcV9vUVMoxx45Godph55WApx8+mORB68WRvYnHuiuInA=
Expires: Sun, 24 Jul 2022 13:02:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
27 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae31d2c42bca396f9ad140594890b16f599b6cd8f36c809adac8ebd5eb45b2e5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26093
x-xss-protection: 0
pragma: public
x-fb-debug: W96TMYXdtyQEOdzAwd1F/N1ARXrGb8FuDNLPSW1VbWK0JssGLpPErGR6f4HhaW5sapaSt70Eute2uS5G3K8SIw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 24 Jul 2022 12:32:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dm-social-icons.ttf
static-cdn.multiscreensite.com/fonts/ 7 KB
7 KB 43ms
8ms Font
application/octet-stream 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.multiscreensite.com/fonts/dm-social-icons.ttf?y1xkih
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-new.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8e4e1f414f2a790771c5713eb9335d443a9c28ae1ef920d96fd174c56125fc8

Request headers

Referer: https://static.cdn-website.com/
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: A7dzZ5GzYh.PgPjPbir5YBk.EmiN_nXo
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
etag: "51ad629032c8acd046ef0db7e8a11b7f"
age: 2470592
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 7060
last-modified: Wed, 07 Aug 2019 12:03:22 GMT
server: AmazonS3
date: Sat, 25 Jun 2022 22:16:18 GMT
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: ojbVnTu2mbL9XWuwFcJcexsbETFTuDNL3mOx9_fcuTT9XPN-yVEATw==

GET
H2 200 fontawesome-webfont.woff
static-cdn.multiscreensite.com/fonts/ 96 KB
96 KB 44ms
9ms Font
application/font-woff 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.multiscreensite.com/fonts/fontawesome-webfont.woff?v=6
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-new.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://static.cdn-website.com/
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: bR46Z9gnVogjFEVmln4nlzTlCUFntZSU
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
etag: "fee66e712a8a08eef5805a46892932ad"
age: 2989806
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 98024
last-modified: Wed, 05 Jun 2019 08:06:55 GMT
server: AmazonS3
date: Sun, 19 Jun 2022 22:02:44 GMT
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: YQ8x8cb4fuLptwVJJcPExjL17sDradLbOWcZryHqdFHHAc1TcGwdsg==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
irp.cdn-website.com/fonts/s/roboto/v30/ 15 KB
16 KB 25ms
9ms Font
font/woff2 13.32.99.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-173.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 12:00:42 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server: CloudFront
age: 1125127
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P3
content-length: 15744
x-amz-cf-id: nrIcDzojYNTiNvhSSYTVumDKsjKPkheiY3Ocu6RvQpspSKAWtNPgwA==

GET
H2 200 140530900234883 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 90ms
89ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/140530900234883?v=2.9.66&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc6ba0b2c1c2e22add0059cbe521ee4e15227d77cc8b49659022aaee46f6cca2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: FerWWUQeyEKF3oUXffybdJiR874f09K8Sm7yym19pgb3gBloGu4lBbz7z0chxRtyEhITxnjaDrh/t9UhqFZGMQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 24 Jul 2022 12:32:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658665969816
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dm-common-icons.ttf
static-cdn.multiscreensite.com/fonts/ 2 KB
3 KB 20ms
19ms Font
application/octet-stream 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.multiscreensite.com/fonts/dm-common-icons.ttf?5f0fg
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-new.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 432d3ceb04bc5bb9c94242a57a06211ab0cbe6168af26354223a9b57df4266f0

Request headers

Referer: https://static.cdn-website.com/
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: PqntK7H35YcTmkMvqWIJAJRdU.53YusY
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
etag: "b71bfcb8a1c734ad0654e25cd41964f2"
age: 2892549
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 2368
last-modified: Mon, 19 Aug 2019 11:53:23 GMT
server: AmazonS3
date: Tue, 21 Jun 2022 01:03:41 GMT
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: 49SruEtqmAn8Q34WrBkWJP-ysPbd-CJqS8C84ZiRFqIhj1NQImkZHQ==

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 34ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=140530900234883&ev=PageView&dl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&rl=&if=false&ts=1658665975580&sw=1600&sh=1200&v=2.9.66&r=stable&ec=0&o=30&fbp=fb.1.1658665975579.781789113&it=1658665975380&coo=false&rqm=GET

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 24 Jul 2022 12:32:49 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 34ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=140530900234883&ev=CompleteRegistration&dl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&rl=&if=false&ts=1658665975581&cd[value]=125&cd[currency]=%24&sw=1600&sh=1200&v=2.9.66&r=stable&ec=1&o=30&fbp=fb.1.1658665975579.781789113&it=1658665975380&coo=false&rqm=GET

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 24 Jul 2022 12:32:49 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 34ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=140530900234883&ev=Lead&dl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&rl=&if=false&ts=1658665975582&cd[value]=125&cd[currency]=%24&sw=1600&sh=1200&v=2.9.66&r=stable&ec=2&o=30&fbp=fb.1.1658665975579.781789113&it=1658665975380&coo=false&rqm=GET

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 24 Jul 2022 12:32:49 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 135ms
57ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-125101325-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBTN6C2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

112363a0249d170a59361f48a8fee05b53f14ff3e859e03df92d4d8e08f88390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41767
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Jul 2022 12:32:50 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 133ms
56ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=UA-125101325-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBTN6C2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

795f14d50f9af41ebeb41e49df9f54ecf5bf8e69e7e6b5a3b037b886da8341c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41753
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Jul 2022 12:32:50 GMT

GET
H2 200 sp-2.0.0-dm-0.1.min.js Show response
d32hwlnfiv2gyn.cloudfront.net/ 49 KB
18 KB 133ms
40ms Script
application/javascript 13.33.244.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32hwlnfiv2gyn.cloudfront.net/sp-2.0.0-dm-0.1.min.js
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.244.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-244-94.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4737e970e7344d8bf4ee6760b4a0dd29c21c1899a7c34dbe1e10cb2893834f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 21:19:21 GMT
content-encoding: gzip
last-modified: Sun, 20 Mar 2022 08:45:42 GMT
server: AmazonS3
age: 3338010
etag: W/"81ff203c31c9a3e5c15c5a790eebb460"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: IZwYrapPL5STtMyaSYUvOnEvHgmJogqU
via: 1.1 daf591bf33395af21c13beff18f6613c.cloudfront.net (CloudFront)
cache-control: max-age=6048000
x-amz-replication-status: FAILED
x-amz-cf-pop: HEL50-C1
content-type: application/javascript
x-amz-cf-id: nJozDYrdAEcBHjtFEWfFIeq1pWQBOHUmUIBJZi7_j6CYSsvY4Jw32g==

GET
H2 200 lozad.min.js Show response
static.cdn-website.com/libs/lozad/1.15.0/ 3 KB
1 KB 18ms
18ms Script
text/javascript 18.64.79.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/libs/lozad/1.15.0/lozad.min.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/libs/jquery/jquery-3.6.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-13.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f803337d01a657607bca6b20e06f371c3895b36a5f2be03a8fa9b5e16c9a83e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: _6SCyxVyLbypq6FqWKSVVeOJ5iX21EVE
content-encoding: br
etag: "0af1d330e19fe2a0aa127e1709936c75"
age: 2451651
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 1025
access-control-allow-origin: *
last-modified: Sun, 24 May 2020 08:00:59 GMT
server: AmazonS3
date: Sun, 26 Jun 2022 03:31:59 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
via: 1.1 9ee1074b6d71798355c695fb26c21452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
x-amz-cf-id: 9vkdLRXRWqVzEQ6cebT-QM25JSTk5nu6Nj5yzLz8ytSt73CSQSAjhw==

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
irp.cdn-website.com/fonts/s/roboto/v30/ 15 KB
16 KB 9ms
8ms Font
font/woff2 13.32.99.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-173.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 23:16:54 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server: CloudFront
age: 2034955
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P3
content-length: 15740
x-amz-cf-id: OR8fCzaU3NwQAScbn4c7g435bwl5aTy4y2sDJEYtQnhSoNDZ6ahmJw==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
irp.cdn-website.com/fonts/s/roboto/v30/ 15 KB
16 KB 10ms
9ms Font
font/woff2 13.32.99.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-173.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:22:53 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server: CloudFront
age: 1775396
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P3
content-length: 15860
x-amz-cf-id: GXVJHJWKvMqRpkIBvGM2lBuOkYb2GjgcqjKErmkTT-wldSeOuGv-wg==

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
irp.cdn-website.com/fonts/s/roboto/v30/ 15 KB
16 KB 15ms
14ms Font
font/woff2 13.32.99.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-173.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 22:22:06 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server: CloudFront
age: 2383843
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P3
content-length: 15764
x-amz-cf-id: WQk9TtIE-vnL0ivjAiXnnC0_pOy7c46HaIGGXKOWc1IMTbU7jJ1sfA==

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
irp.cdn-website.com/fonts/s/roboto/v30/ 15 KB
16 KB 8ms
8ms Font
font/woff2 13.32.99.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-173.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 00:24:23 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server: CloudFront
age: 562106
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P3
content-length: 15752
x-amz-cf-id: yYIL3oxSM5N4_3KI0k36bLyxcF8xcesCX176iobMdJ0dy6etMzuw0w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 143ms
38ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125101325-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5450
date: Sun, 24 Jul 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 24 Jul 2022 13:02:00 GMT

GET
H2 200 addstats Show response
stats2.agilecrm.com/ 0
83 B 247ms
215ms Script
text/html 2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats2.agilecrm.com/addstats?callback=json874820212704368&guid=9354eae1-8302-0125-3a21-f8afe0c53190&sid=5fee3e50-f755-f4b6-e9cc-3bb2f07cfa30&url=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&agile=ag08rq5na46f9fsnjem1ir4s6r&new=1&ref=&domain=beautybarmedspa
Requested by: Host: beautybarmedspa.agilecrm.com
URL: https://beautybarmedspa.agilecrm.com/stats/min/agile-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-cloud-trace-context: 4ba858a79621a9ed3659d16a6ecd2026
server: Google Frontend
date: Sun, 24 Jul 2022 12:32:50 GMT
content-length: 0
content-type: text/html

GET
H/1.1 200
OK agile-webrules-min.js Show response
s3.amazonaws.com/agilecrm/web-rules-static/ 38 KB
39 KB 220ms
118ms Script
application/x-javascript 52.217.131.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/agilecrm/web-rules-static/agile-webrules-min.js
Requested by: Host: beautybarmedspa.agilecrm.com
URL: https://beautybarmedspa.agilecrm.com/stats/min/agile-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.131.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e260b9c304598205a322374408f2e2718acab63e585af74e41fb69179d3b4337

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 12:32:51 GMT
Last-Modified: Thu, 20 Jul 2017 12:34:14 GMT
Server: AmazonS3
x-amz-request-id: ZPTWZ5BVGAWAHB83
ETag: "8905dc1d776f9bce281cdbca7a515b7f"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 39245
x-amz-id-2: 4VnGXrq7JrBJduRJgNink+96MQ6lUdDM3kAR27Q1CwZ6MPbNwZNdcKqWZYuxrEXKWK37lqQHH+I=

GET
H2 200 14.32433783739d424080fd.js Show response
static.cdn-website.com/mnlt/production/2689/editor/apps/modules/runtime/ 14 KB
6 KB 19ms
19ms Script
application/javascript 18.64.79.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/2689/editor/apps/modules/runtime/14.32433783739d424080fd.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-13.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e240f6295311b176c868e9292c140a4291bd3405984b7372bd34d4019cd00be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 07:03:15 GMT
content-encoding: br
age: 883775
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 5294
access-control-allow-origin: *
last-modified: Thu, 14 Jul 2022 06:55:26 GMT
server: AmazonS3
etag: "acfde9e0dbebd9031a166ab74c6c0467"
access-control-allow-methods: GET
x-amz-version-id: AlU512p3nbwq6MpOz25xZp2TPhz0SXai
via: 1.1 9ee1074b6d71798355c695fb26c21452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 5t59oSWI8wGbSb-TtWPXtTbk0XxVTbcpliU3AAXwbAd5c882VgZI-A==

GET
H2 200 runtime-module-anchors.45de80bf97413604ac19.js Show response
static.cdn-website.com/mnlt/production/2689/editor/apps/modules/runtime/ 3 KB
1 KB 23ms
22ms Script
application/javascript 18.64.79.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/2689/editor/apps/modules/runtime/runtime-module-anchors.45de80bf97413604ac19.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-13.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6033ddf0bf8992cf448cc97d586f669417896f1d743ed6b8e103ff110ebd65c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 07:03:15 GMT
content-encoding: br
age: 883775
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 1040
access-control-allow-origin: *
last-modified: Thu, 14 Jul 2022 06:55:26 GMT
server: AmazonS3
etag: "94fc46acf355141952a574e8b3178fa0"
access-control-allow-methods: GET
x-amz-version-id: WYvH5sVs4OXVZ9f2QCwlk1OYEjoEWlY.
via: 1.1 9ee1074b6d71798355c695fb26c21452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: T6LEOC8gtf8UqyEVKxkWmIYSjjE6ZEEjHAizK86yniUHKFwIZ1TK3Q==

GET
H2 200 1.9a25e57fafe0a4658324.js Show response
static.cdn-website.com/mnlt/production/2689/editor/apps/modules/runtime/ 127 KB
33 KB 26ms
26ms Script
application/javascript 18.64.79.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/2689/editor/apps/modules/runtime/1.9a25e57fafe0a4658324.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-13.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b1dbd0579fdc483d36e7b1e600c00f50c3920d97728804fce8b33cc67dd39d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 07:03:15 GMT
content-encoding: br
age: 883774
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 32970
access-control-allow-origin: *
last-modified: Thu, 14 Jul 2022 06:55:26 GMT
server: AmazonS3
etag: "e1a3bf59931a41020762113b000e31d1"
access-control-allow-methods: GET
x-amz-version-id: YtiJJkUXAawa3ZKqGODseRllylh6w2Lw
via: 1.1 9ee1074b6d71798355c695fb26c21452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: KBTrX2wjYi_mjX478yZNSyZYYQml1GWPx371lLYNPokGobIKWw6SvA==

GET
H2 200 3.56f6c3b5e3318fcfabf2.js Show response
static.cdn-website.com/mnlt/production/2689/editor/apps/modules/runtime/ 52 KB
14 KB 23ms
22ms Script
application/javascript 18.64.79.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/2689/editor/apps/modules/runtime/3.56f6c3b5e3318fcfabf2.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-13.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67d0acf2903cd998d65a5be035da7d437acf902be34e2b77f15e5f028cd54972

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 07:03:15 GMT
content-encoding: br
age: 883775
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 13515
access-control-allow-origin: *
last-modified: Thu, 14 Jul 2022 06:55:26 GMT
server: AmazonS3
etag: "aa86427d4531b9065cdeeed8ac611a31"
access-control-allow-methods: GET
x-amz-version-id: 2SLi_Y3stA29uuF_Pu2iyRY.YurUQjED
via: 1.1 9ee1074b6d71798355c695fb26c21452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: BedmOa-ad9u2TyfpeY1V6v76IKHQNfKrw77NflPpuMvqOPeRQgz3Bw==

GET
H2 200 24.268aadd3fe7ed9a4b965.js Show response
static.cdn-website.com/mnlt/production/2689/editor/apps/modules/runtime/ 6 KB
3 KB 24ms
23ms Script
application/javascript 18.64.79.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/2689/editor/apps/modules/runtime/24.268aadd3fe7ed9a4b965.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-13.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d57961d860e91829d77df1f33d1b9c3aff7dd64ac2b147c4bd30b95cdb1ecaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 07:03:16 GMT
content-encoding: br
age: 883774
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 2125
access-control-allow-origin: *
last-modified: Thu, 14 Jul 2022 06:55:26 GMT
server: AmazonS3
etag: "88f60e3bc1503bec0a7f1ab9c42a0d2e"
access-control-allow-methods: GET
x-amz-version-id: i4sQQ_67ImNxi.qQv5TAvF2JjBIhY6wC
via: 1.1 9ee1074b6d71798355c695fb26c21452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: g-lOdtDmp6P3F-H1r32j4N9rtluJMdRJHQZX-odOMBUOC7pD7EsNZg==

GET
H2 200 i
d32hwlnfiv2gyn.cloudfront.net/ 37 B
372 B 454ms
453ms Image
image/gif 13.33.244.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32hwlnfiv2gyn.cloudfront.net/i?e=pv&page=Image%20Skin%20Care%20Products&dtm=1658665975773&tid=642613&vp=1600x1200&ds=1600x1825&vid=1&duid=239554656f5a3972&p=web&tv=js-2.0.0&fp=2140059099&aid=e0176954&lang=en-US&cs=UTF-8&tz=UTC&tna=cf&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.244.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-244-94.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
via: 1.1 daf591bf33395af21c13beff18f6613c.cloudfront.net (CloudFront)
last-modified: Thu, 03 Jul 2014 09:50:57 GMT
server: AmazonS3
x-amz-cf-pop: HEL50-C1
etag: "3eacd0132310ea44cad756b378a3bc07"
x-cache: Miss from cloudfront
x-amz-version-id: null
accept-ranges: bytes
content-type: image/gif
content-length: 37
x-amz-cf-id: 2UKAtuGA-mB81D_adjPL1DNfnqJtjkzmnGvDlhybD-Os2sAOD6JxDg==

GET
H2 200 19.9e0874c6c05d12c03c34.js Show response
static.cdn-website.com/mnlt/production/2689/editor/apps/modules/runtime/ 1 KB
1 KB 19ms
18ms Script
application/javascript 18.64.79.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/2689/editor/apps/modules/runtime/19.9e0874c6c05d12c03c34.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-13.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d400b1013acb25d1e69b865cff3deca919cb4039a2174825d9cb9150d53bd04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 07:03:17 GMT
content-encoding: br
age: 883774
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
content-length: 623
access-control-allow-origin: *
last-modified: Thu, 14 Jul 2022 06:55:26 GMT
server: AmazonS3
etag: "60b42fb26985a82b61448ef35f65cf92"
access-control-allow-methods: GET
x-amz-version-id: AsbsOMHI5I7RgKl0Nb3pMZxCAa06NkmL
via: 1.1 9ee1074b6d71798355c695fb26c21452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: WBMPRhMt7HkvcI296fv8ktJb3tdqyXrc8eShErQJ3JMit4-n1nyckg==

GET
H2 200 9.7fedbf2aa923275450ca.js Show response
static.cdn-website.com/mnlt/production/2689/editor/apps/modules/runtime/ 47 KB
15 KB 22ms
21ms Script
application/javascript 18.64.79.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/2689/editor/apps/modules/runtime/9.7fedbf2aa923275450ca.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/2689/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-13.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 060d04d52235f9383a1826968f3a7625d857a334274b24de0b6999cf0911d0ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 07:03:17 GMT
content-encoding: br
age: 883773
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 15161
access-control-allow-origin: *
last-modified: Thu, 14 Jul 2022 06:55:26 GMT
server: AmazonS3
etag: "54e0601a4cc1c35bc9666d966cffd883"
access-control-allow-methods: GET
x-amz-version-id: TGiWpJPdWMe2VUaO6jIgfPLKBjSZOWAK
via: 1.1 9ee1074b6d71798355c695fb26c21452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: g7vAcRG4MWq7eh-M762kpwbM4ybyMrq5ydzonAv-4APa0FnNeO29Eg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 125ms
46ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1249277581&t=pageview&_s=1&dl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&ul=en-us&de=UTF-8&dt=Image%20Skin%20Care%20Products&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1539447938&gjid=1080706467&cid=1485889207.1658665976&tid=UA-125101325-1&_gid=1411243474.1658665976&_r=1&gtm=2ou7k0&z=571174816

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.beautybarmedspa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 12:32:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.beautybarmedspa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 121ms
47ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1249277581&t=pageview&_s=1&dl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&ul=en-us&de=UTF-8&dt=Image%20Skin%20Care%20Products&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACUABBAAAAC~&jid=120529042&gjid=1323228908&cid=1485889207.1658665976&tid=UA-125101325-1&_gid=1411243474.1658665976&_r=1&gtm=2wg7k0KBTN6C2&z=164186416

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.beautybarmedspa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 12:32:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.beautybarmedspa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 112ms
39ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1249277581&t=pageview&_s=1&dl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&ul=en-us&de=UTF-8&dt=Image%20Skin%20Care%20Products&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACUABBAAAAC~&jid=&gjid=&cid=1485889207.1658665976&tid=UA-125101325-1&_gid=1411243474.1658665976&gtm=2ou7k0&z=197626911

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 08:30:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14542
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK script.js Show response
app.multiscreenstore.com/ 78 KB
21 KB 311ms
311ms Script
text/javascript 3.67.22.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.multiscreenstore.com/script.js?15173444
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/2689/editor/apps/modules/runtime/9.7fedbf2aa923275450ca.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8a866cd9640f5f8466fa723baafb4dcaa90e6303545b7d92a71532f6f5b53f2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 12:32:50 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"-630716070"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Cache-Control: private,must-revalidate,max-age:3
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 67ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-125101325-1&cid=1485889207.1658665976&jid=1539447938&gjid=1080706467&_gid=1411243474.1658665976&_u=YGBACUAABAAAAC~&z=1885791703

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.beautybarmedspa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 24 Jul 2022 12:32:50 GMT
content-type: text/plain
access-control-allow-origin: https://www.beautybarmedspa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 66ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-125101325-1&cid=1485889207.1658665976&jid=120529042&gjid=1323228908&_gid=1411243474.1658665976&_u=YGDACUABBAAAAC~&z=1639842896

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.beautybarmedspa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 24 Jul 2022 12:32:50 GMT
content-type: text/plain
access-control-allow-origin: https://www.beautybarmedspa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-rules Show response
beautybarmedspa.agilecrm.com/core/js/api/ 11 KB
12 KB 361ms
359ms Script
text/plain 2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beautybarmedspa.agilecrm.com/core/js/api/web-rules?callback=json7407844018696386&id=ag08rq5na46f9fsnjem1ir4s6r
Requested by: Host: beautybarmedspa.agilecrm.com
URL: https://beautybarmedspa.agilecrm.com/stats/min/agile-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c4e0fb1bef8e01c998672875a3c1b19c075bee93e026220978345bef27b56475

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:50 GMT
cache-control: private
server: Google Frontend
x-cloud-trace-context: 57a12c67fd2ed240575b818b81e6d7fe;o=1
content-type: application / x-javascript;charset="UTF-8"
content-length: 11694
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 337ms
242ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-125101325-1&cid=1485889207.1658665976&jid=1539447938&_u=YGBACUAABAAAAC~&z=1067329823

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 12:32:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 171ms
63ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-125101325-1&cid=1485889207.1658665976&jid=1539447938&_u=YGBACUAABAAAAC~&z=1067329823

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 12:32:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 168ms
74ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-125101325-1&cid=1485889207.1658665976&jid=120529042&_u=YGDACUABBAAAAC~&z=398007666

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 12:32:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 171ms
64ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-125101325-1&cid=1485889207.1658665976&jid=120529042&_u=YGDACUABBAAAAC~&z=398007666

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 12:32:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=140530900234883&ev=Microdata&dl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&rl=&if=false&ts=1658665976082&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20Image%20Skin%20Care%20Products%5Cn%20%20%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Image%20Skin%20Care%20Products%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs3.amazonaws.com%2Fimages.ecwid.com%2Fimages%2F15173444%2F1340197818.jpg%22%2C%22og%3Asite_name%22%3A%22Beauty%20Bar%20Online%20Store%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.66&r=stable&ec=3&o=30&fbp=fb.1.1658665975579.781789113&it=1658665975380&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 24 Jul 2022 12:32:50 GMT

GET
H2 200 new-frontend.de.1141333410.js Show response
d2scn539ulxr09.cloudfront.net/rosetta/translations2022/new-frontend/files/ 259 KB
73 KB 56ms
11ms Script
application/javascript 18.66.242.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2scn539ulxr09.cloudfront.net/rosetta/translations2022/new-frontend/files/new-frontend.de.1141333410.js
Requested by: Host: app.multiscreenstore.com
URL: https://app.multiscreenstore.com/script.js?15173444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-187.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dfdb1fb1f8379149d7d04ad2a2b6c695e64164aa6c60690d762b1531f49d08a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:03 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 07:07:17 GMT
server: AmazonS3
age: 451428
etag: W/"226214975d51eb352b1ae234db1c891a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: kDazA_OH7UtgaPP6kkXXwrDl8garhfQD
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-P1
content-type: application/javascript;charset=UTF-8
x-amz-cf-id: A8UrvF_RZExkIfVQgzJ0qZBMB9JVk0Xf0KKNCijcTg8v9FeTQJzelA==

GET
H2 200 ecwid-storefront.39bbd4e33b70bb065dda0ac40f7150fc.min.js Show response
d2scn539ulxr09.cloudfront.net/venera/static/ 991 KB
223 KB 69ms
25ms Script
application/javascript 18.66.242.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2scn539ulxr09.cloudfront.net/venera/static/ecwid-storefront.39bbd4e33b70bb065dda0ac40f7150fc.min.js

Requested by

Host: app.multiscreenstore.com
URL: https://app.multiscreenstore.com/script.js?15173444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-187.dus51.r.cloudfront.net

Software

nginx/1.19.0 /

Resource Hash

ac95a02686ab5235cf3878938b3cb8529b2c16184a489d60d433609d7fe05f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 06:46:29 GMT
content-encoding: gzip
server: nginx/1.19.0
age: 279981
etag: 39bbd4e33b70bb065dda0ac40f7150fc
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: -6OK9nWs7utdU5ZzJqQe9WcpThxC9-z0SWfZ0YOoZMcCCT7ryV0rfw==
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)

GET
H2 200 states.js Show response
d3dq8sxcny4hg.cloudfront.net/ 70 KB
22 KB 177ms
8ms Script
application/javascript 2600:9000:21f3:6c00:1f:f560:8d00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dq8sxcny4hg.cloudfront.net/states.js?version=2022-27120-gace86f0a8a5&callback=window.ecwid_states_data.loaded
Requested by: Host: app.multiscreenstore.com
URL: https://app.multiscreenstore.com/script.js?15173444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6c00:1f:f560:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 52dcb5625761df9bf503b34b6c50adb6cae62bbd1807843e67e1588a852402a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 06:11:56 GMT
content-encoding: gzip
server: nginx
age: 195654
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C2
content-length: 22514
x-amz-cf-id: cunq8B5qMmpb6pe85TGS4GJ9iipsi9oigsGoiwm8g7nftvVALfx-XA==

GET
H/1.1 200
OK data.js Show response
app.multiscreenstore.com/ 44 KB
10 KB 423ms
422ms Script
application/javascript 3.67.22.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.multiscreenstore.com/data.js?ownerid=15173444&lang=en&callback=window.ecwid_initial_data.data.doInit
Requested by: Host: app.multiscreenstore.com
URL: https://app.multiscreenstore.com/script.js?15173444
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8a11647096ba0a6902d63a1e2befe422234d0bcf30caf253d0553ee15d71c90e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 12:32:50 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Length: 10099
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

GET
H2 200 i.js Show response
ecomm.events/ 5 KB
2 KB 327ms
102ms Script
text/javascript 54.173.147.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ecomm.events/i.js

Requested by

Host: app.multiscreenstore.com
URL: https://app.multiscreenstore.com/script.js?15173444

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.173.147.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-173-147-65.compute-1.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

c648bc3960d36813170173b7a3d8ab456e4bfd21e534ceda639faf84ed59693a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:50 GMT
content-encoding: gzip
vary: Accept-Encoding
server: nginx/1.19.0
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/javascript; charset=utf-8

GET
H2 200 new
d1oxsl77a1kjht.cloudfront.net/css/ 804 KB
101 KB 133ms
133ms Stylesheet
text/css 2600:9000:224a:d800:1c:b536:2c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=-1127737881&ownerid=15173444&pswpNative=true&frontendV2
Requested by: Host: app.multiscreenstore.com
URL: https://app.multiscreenstore.com/script.js?15173444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d800:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c6508b1ee7bffea98b452068f42f14372e8ddd8251739abce45f8d08cbdcbafd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:50 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: "-1127737881"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css;charset=utf-8
cache-control: no-cache
content-encoding: gzip
x-amz-cf-id: ZfaxdeDhW_ttjsCFq8ug3SLXlgq527uowAkuJXbDfadSHGragaHBfQ==

GET
H2 200 5BAAF2AA3F3634158C597ADFF53B8A66.cache.js Show response
d2scn539ulxr09.cloudfront.net/static/br/2022-27120-gace86f0a8a5/ Frame 4043 2 MB
475 KB 34ms
34ms Script
application/javascript 18.66.242.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2scn539ulxr09.cloudfront.net/static/br/2022-27120-gace86f0a8a5/5BAAF2AA3F3634158C597ADFF53B8A66.cache.js
Requested by: Host: app.multiscreenstore.com
URL: https://app.multiscreenstore.com/script.js?15173444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-187.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e19c947ce048ea4864edcf0ca5d0095c04ae373961d9e22acc1c03dfaca94cfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 06:23:01 GMT
content-encoding: br
age: 194990
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 485681
last-modified: Fri, 22 Jul 2022 05:57:29 GMT
server: AmazonS3
etag: "05e8c272a22cc984b3ed10ea9716afe1"
x-amz-version-id: ObfxfBbz4oNBJwoIRwQWfIoRGZ0sRbic
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: V8uPxwLZbcBx4Wn81WCviA8v2NaAH4vnGjHiJkYw6f0ktRq7wYO1VQ==

GET
H2 200 ecwid.plugin.js Show response
analytics.sitewit.com/ 5 KB
5 KB 367ms
109ms Script
text/javascript 2600:1f18:243f:2d01:137e:ccfb:6d82:44ab
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.sitewit.com/ecwid.plugin.js
Requested by: Host: app.multiscreenstore.com
URL: https://app.multiscreenstore.com/script.js?15173444
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:243f:2d01:137e:ccfb:6d82:44ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cc0e4f219f21626d1465ee04d03321771daafad17bc57d31a4727051b862f27b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:50 GMT
cache-control: private,no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: text/javascript; charset=utf-8
content-length: 4916
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"

GET
H2 200 loading.gif
d1dkdnyvras0l5.cloudfront.net/dudamobile/ 13 KB
13 KB 36ms
8ms Image
image/gif 52.222.206.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1dkdnyvras0l5.cloudfront.net/dudamobile/loading.gif
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a6d17d2003f86a050544e300b25d2dea9ce6fc9d2801e9570420c81944bc809

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 07 May 2022 18:03:35 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
last-modified: Mon, 18 Aug 2014 13:30:55 GMT
server: AmazonS3
age: 6719356
etag: "a85352636acb77e556966b608e982528"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/gif
content-length: 12965
x-amz-cf-id: wWs0UcOraZynHehRypxbhVj2Bvm03ciMybp4exwf0MS-lQp8j8rCQg==

GET
H2 200 widget Show response
messenger.mindbodyonline.com/ 5 KB
2 KB 438ms
391ms Script
text/javascript 2606:4700::6813:e968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://messenger.mindbodyonline.com/widget?callback=?&callback=callback_json1

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/bowtie.ai/bowtieJS/bowtie_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6813:e968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be116841280d8381e770e2150098cf2a163677ef06fd97d16c066660382302ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM HTTPS://FACEBOOK.COM

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 vegur, 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-encoding: gzip
referrer-policy: same-origin
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://FACEBOOK.COM
date: Sun, 24 Jul 2022 12:32:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Cookie
content-type: text/javascript
cf-ray: 72fcae4f4ecebb4f-FRA
x-amz-cf-id: NGM7rym17cdE51fEbra5Cobl7X7q4yufhIWhcKtvNUoh9zmo0utorQ==

GET
H2 200 webchat.css
messenger.mindbodyonline.com/static/companies/stylus/ 46 KB
7 KB 504ms
458ms Stylesheet
text/css 2606:4700::6813:e968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://messenger.mindbodyonline.com/static/companies/stylus/webchat.css?q=0.6207319175575361

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/bowtie.ai/bowtieJS/bowtie_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6813:e968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa1a3a6a9ce769eb2d8a884f1d222144d009fa50866cc6d10c176a0ce764c8f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
via: 1.1 vegur, 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 22 Jul 2022 18:22:43 GMT
server: cloudflare
etag: W/"62db2333-b98f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=60, public
cf-ray: 72fcae4f4ec2bb4f-FRA
x-amz-cf-id: GOOJ1SjfRcG1VofI3h3MoI2yeqNjD_XugyxpPRdPrAzq1KxD75Tqtw==

GET
H2 200 animate.css
messenger.mindbodyonline.com/static/common/css/core/ 71 KB
5 KB 504ms
459ms Stylesheet
text/css 2606:4700::6813:e968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://messenger.mindbodyonline.com/static/common/css/core/animate.css

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/bowtie.ai/bowtieJS/bowtie_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6813:e968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d1750205059a573a437b38c84bf7e3b1a3b5315f5b0e336ff015bba8e0d5e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
via: 1.1 vegur, 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 22 Jul 2022 18:22:44 GMT
server: cloudflare
etag: W/"62db2334-11c99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=60, public
cf-ray: 72fcae4f4ecdbb4f-FRA
x-amz-cf-id: CL2CKGk5FXWpuBaLwKTek4qTNFisupGSeKys0rclztektQnmX522jw==

GET
H2 200 tippy.css
messenger.mindbodyonline.com/static/common/css/ 15 KB
2 KB 506ms
461ms Stylesheet
text/css 2606:4700::6813:e968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://messenger.mindbodyonline.com/static/common/css/tippy.css

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/bowtie.ai/bowtieJS/bowtie_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6813:e968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78676e43ebdbd775493518539d6845a29690dbd80ae97b2907268ab257785eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
via: 1.1 vegur, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 22 Jul 2022 18:22:44 GMT
server: cloudflare
etag: W/"62db2334-3de8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=60, public
cf-ray: 72fcae4f4ec6bb4f-FRA
x-amz-cf-id: fp2xXNdXt3tSt93iOu29G9fnH82hOb83d8OsnywZBXef9t2AyExDfw==

GET
H2 200 stylesheet.css
messenger.mindbodyonline.com/static/common/fonts/Akkurat_Web/ 2 KB
716 B 421ms
375ms Stylesheet
text/css 2606:4700::6813:e968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://messenger.mindbodyonline.com/static/common/fonts/Akkurat_Web/stylesheet.css

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/bowtie.ai/bowtieJS/bowtie_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6813:e968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fa0c99c4e5831f46337bdcd3ae52f236140e25b2947ae2a65ed695a142e96c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
via: 1.1 vegur, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 22 Jul 2022 18:22:44 GMT
server: cloudflare
etag: W/"62db2334-631"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=60, public
cf-ray: 72fcae4f4ec5bb4f-FRA
x-amz-cf-id: Ro_Z9lnj4uRSC7FzePJltugYBWvvTIzTsIRCiCBGXGCnRHHlug-kYA==

GET
H2 200 stylesheet.css
messenger.mindbodyonline.com/static/common/fonts/graphik_web/ 1 KB
1020 B 411ms
366ms Stylesheet
text/css 2606:4700::6813:e968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://messenger.mindbodyonline.com/static/common/fonts/graphik_web/stylesheet.css

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/bowtie.ai/bowtieJS/bowtie_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6813:e968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9859d569817c66c40a6bce3169e1d99807d99bed396170b514d281eb9e56e42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
via: 1.1 vegur, 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 22 Jul 2022 18:22:44 GMT
server: cloudflare
etag: W/"62db2334-528"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=60, public
cf-ray: 72fcae4f4ecbbb4f-FRA
x-amz-cf-id: gUzgpaa6A-YhMoifCxLr99-VsuTr53DJCeaVEAtm2NOohgH1I9160g==

GET
H2 200 stylesheet.css
messenger.mindbodyonline.com/static/common/fonts/Averta/ 521 B
566 B 437ms
392ms Stylesheet
text/css 2606:4700::6813:e968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://messenger.mindbodyonline.com/static/common/fonts/Averta/stylesheet.css

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/bowtie.ai/bowtieJS/bowtie_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6813:e968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e63958122778ec8bed91b0a4d274fe4bfb753abc8d3279c3f1649a0f0bd8629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
via: 1.1 vegur, 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 22 Jul 2022 18:22:44 GMT
server: cloudflare
etag: W/"62db2334-209"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=60, public
cf-ray: 72fcae4f4ec8bb4f-FRA
x-amz-cf-id: cqF2wkeHWmU_HIeXLCu8Tlv7WKVCX699tFRrxHEU1hBcHbNipBew6Q==

GET
H2 200 pikaday.css
cdn.jsdelivr.net/npm/pikaday/css/ 4 KB
2 KB 77ms
29ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/pikaday/css/pikaday.css

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/bowtie.ai/bowtieJS/bowtie_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c1e90dad6a7cf7aea83622e85032b766db7470604ea348dfa966cdf443bc7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6200
x-jsd-version: 1.8.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19145-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1144-lmZWiNEnny3m2IZB7OGs5gx2b+k"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhhP0gMeBASXNNWyquV%2Bs8FegUWzSngcPTmMvEeekrq7DYdjVbk6F%2BaA0ZwCqBXUIixolwRjclT265KOT%2FJyqlcGOO2FD47zVkM6tsRP7%2FcPJ19S4VM0uxRMlfIPoE5yheBHFned4%2FJYGJgOJw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 72fcae4f4a459b55-FRA

GET
H2 200 icon
fonts.googleapis.com/ 569 B
868 B 135ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/bowtie.ai/bowtieJS/bowtie_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3fd05981a0c3de2a9a444448377474b00455094746abfec60bb97bf0e66ae4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 12:32:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 12:32:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 12:32:51 GMT

GET
H3

200

materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@3.0.39/css/
Redirect Chain

https://cdn.materialdesignicons.com/3.0.39/css/materialdesignicons.min.css
https://cdn.jsdelivr.net/mdi/3.0.39/css/materialdesignicons.min.css
https://cdn.jsdelivr.net/npm/@mdi/font@3.0.39/css/materialdesignicons.min.css

126 KB
23 KB

25ms
24ms

Stylesheet
text/css

2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@3.0.39/css/materialdesignicons.min.css

Protocol

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaa26a4ac399c70b0f7e6d431e32f0e68a51aff05e5632be15a0f61afa31ec34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10811451
x-jsd-version: 3.0.39
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19152-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1f9ce-4vR8IJJW+u7cgyLlfFcQNP/bqSc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCjxVRymkdSWx20l7CmWM%2FXhw%2FjT2yFNTbS%2FisMMORIqXEQ1a9hydJ2E%2Fodwv8%2FqSzI9RZrMc3bGel3Uk1GuY3hdGyTkS38azF0Vv7Zylh4rhuu%2Fetiew9OPqVoqCh3WB0j9avq7daKzq9KMG1U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 72fcae511ea5693f-FRA

Redirect headers

date: Sun, 24 Jul 2022 12:32:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10811452
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 111
x-served-by: cache-fra19149-FRA
timing-allow-origin: *
access-control-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ci4vwtX%2BeTYKMr7rBFoK8psd1f%2B%2FmLRU%2BDm4VcdC1e0G8CVWzD0KAfIDtKxZnlyFHeYpR0gSbuU61dAJ6VnHFG21KH3Lkg6gde4CdLzbTPevwzTlcMpi3nnsk%2BIwdmm8RS1VCQwqFZ2E4AE58EY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
location: https://cdn.jsdelivr.net/npm/@mdi/font@3.0.39/css/materialdesignicons.min.css
access-control-expose-headers: *
cache-control: public, max-age=31536000
cf-ray: 72fcae508db3693f-FRA

OPTIONS
H/1.1 200
OK rpc
app.multiscreenstore.com/ Frame 0
0 222ms
199ms Preflight 3.67.22.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.multiscreenstore.com/rpc?ownerid=15173444&version=2022-27120-gace86f0a8a5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method: POST
Origin: https://www.beautybarmedspa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Allow: GET, HEAD, POST, TRACE, OPTIONS
Connection: keep-alive
Content-Length: 0
Date: Sun, 24 Jul 2022 12:32:51 GMT
Server: nginx

OPTIONS
H/1.1 200
OK rpc
app.multiscreenstore.com/ Frame 0
0 221ms
196ms Preflight 3.67.22.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.multiscreenstore.com/rpc?ownerid=15173444&version=2022-27120-gace86f0a8a5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method: POST
Origin: https://www.beautybarmedspa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Allow: GET, HEAD, POST, TRACE, OPTIONS
Connection: keep-alive
Content-Length: 0
Date: Sun, 24 Jul 2022 12:32:51 GMT
Server: nginx

POST
H/1.1 200
OK rpc Show response
app.multiscreenstore.com/ 12 B
238 B 291ms
291ms XHR
application/json 3.67.22.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.multiscreenstore.com/rpc?ownerid=15173444&version=2022-27120-gace86f0a8a5
Requested by: Host:
URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base: https://d2scn539ulxr09.cloudfront.net/static/br/2022-27120-gace86f0a8a5/
X-GWT-Permutation: 5BAAF2AA3F3634158C597ADFF53B8A66
Referer: https://www.beautybarmedspa.com/
X-Ecwid-Device-Measurement: WEB_DESKTOP;1600;1200;96;1600;1200
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 24 Jul 2022 12:32:51 GMT
Server: nginx
Connection: keep-alive
Content-Length: 12
Content-Disposition: attachment
Content-Type: application/json;charset=utf-8

POST
H/1.1 200
OK rpc Show response
app.multiscreenstore.com/ 12 B
238 B 288ms
287ms XHR
application/json 3.67.22.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.multiscreenstore.com/rpc?ownerid=15173444&version=2022-27120-gace86f0a8a5
Requested by: Host:
URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base: https://d2scn539ulxr09.cloudfront.net/static/br/2022-27120-gace86f0a8a5/
X-GWT-Permutation: 5BAAF2AA3F3634158C597ADFF53B8A66
Referer: https://www.beautybarmedspa.com/
X-Ecwid-Device-Measurement: WEB_DESKTOP;1600;1200;96;1600;1200
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 24 Jul 2022 12:32:51 GMT
Server: nginx
Connection: keep-alive
Content-Length: 12
Content-Disposition: attachment
Content-Type: application/json;charset=utf-8

POST
H2 200 register
ecomm.events/ 0
94 B 105ms
105ms Ping
text/plain 54.173.147.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ecomm.events/register

Requested by

Host: ecomm.events
URL: https://ecomm.events/i.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.173.147.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-173-147-65.compute-1.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.beautybarmedspa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
server: nginx/1.19.0
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

GET
H3 200 436628996993187 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 135ms
135ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/436628996993187?v=2.9.66&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8820ab1a6f2f2e486c073f1c5c782a6b5cb5a6ab4b2bb640dcfe4808adb9ad70

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: hMWZMqx6JvFrbPUjjNxDkqKzdI+0rwHIr4d+mPfbbSdtZ6l2+Qem2jA6dqi7J1HM2FY9dUNnsgscfC3PLG5kFw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 24 Jul 2022 12:32:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658665971206
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5451
date: Sun, 24 Jul 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 24 Jul 2022 13:02:00 GMT

GET
H2 200 checkout.min.js Show response
www.paypalobjects.com/api/ 862 KB
189 KB 64ms
7ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.min.js

Requested by

Host:
URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

950d13c3e8a9fd93e026afeec5ad6205e36d194aa1d8f062c0876a9f9c42405d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: HIT, HIT
paypal-debug-id: 1bfde845f9ac0
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 192776
x-served-by: cache-sjc10034-SJC, cache-hhn4059-HHN
last-modified: Mon, 25 Apr 2022 17:04:48 GMT
x-timer: S1658665971.319127,VS0,VE0
etag: W/"6266d4b0-d7987"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
x-cache-hits: 9, 5840

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 16 KB
6 KB 949ms
892ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=193ce8f4-fa3a-4846-8cb2-7892db0e36a0

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

52b379b4036d6534dc3819c4f3507922743ced081671be2ed4fed9ac25966bc3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-gNwFarzXyVyLI6yRj1LFJtfRWLu4OxtnwpV9aq0hvff8gzPP' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-gNwFarzXyVyLI6yRj1LFJtfRWLu4OxtnwpV9aq0hvff8gzPP' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
paypal-debug-id: f346622d3803c
server-timing: "traceparent;desc="00-0000000000000000000f346622d3803c-8b55751bd0f9a8e4-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 5275
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4036-HHN
traceparent: 00-0000000000000000000f346622d3803c-59f1fad299713d5c-01
x-timer: S1658665971.319402,VS0,VE878
x-frame-options: SAMEORIGIN
date: Sun, 24 Jul 2022 12:32:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
etag: W/"3edd-qL7hOq4RSo2qT5cMMiSkTT8K2Uw"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ecwid-checkout.dd5c7f2aa9da7f17edfad97db49f71d9.min.js Show response
d2scn539ulxr09.cloudfront.net/venera/static/ 720 KB
158 KB 10ms
10ms Script
application/javascript 18.66.242.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2scn539ulxr09.cloudfront.net/venera/static/ecwid-checkout.dd5c7f2aa9da7f17edfad97db49f71d9.min.js

Requested by

Host: app.multiscreenstore.com
URL: https://app.multiscreenstore.com/script.js?15173444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-187.dus51.r.cloudfront.net

Software

nginx/1.19.0 /

Resource Hash

b60bfbd12069dcb1ea2ac303e83145198a59b861043c48502982d4b0976330d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 03:40:14 GMT
content-encoding: gzip
server: nginx/1.19.0
age: 550357
etag: dd5c7f2aa9da7f17edfad97db49f71d9
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: -F05YvtO0i_mud91KjtCPwVib2q6NoQa5EO-PJagtxWrMzVDxWc_4w==
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)

POST
H/1.1 200
OK rpc Show response
app.multiscreenstore.com/ 2 KB
1 KB 307ms
307ms XHR
application/json 3.67.22.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.multiscreenstore.com/rpc?ownerid=15173444&version=2022-27120-gace86f0a8a5
Requested by: Host:
URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 75ab0375555d1baee100d6e95a8b9e2e3caa6b6422f27f42063bee2dee1ea5f9

Request headers

X-GWT-Module-Base: https://d2scn539ulxr09.cloudfront.net/static/br/2022-27120-gace86f0a8a5/
X-GWT-Permutation: 5BAAF2AA3F3634158C597ADFF53B8A66
Referer: https://www.beautybarmedspa.com/
X-Ecwid-Device-Measurement: WEB_DESKTOP;1600;1200;96;1600;1200
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

Date: Sun, 24 Jul 2022 12:32:51 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 901

OPTIONS
H/1.1 200
OK rpc
app.multiscreenstore.com/ Frame 0
0 225ms
199ms Preflight 3.67.22.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.multiscreenstore.com/rpc?ownerid=15173444&version=2022-27120-gace86f0a8a5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method: POST
Origin: https://www.beautybarmedspa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Allow: GET, HEAD, POST, TRACE, OPTIONS
Connection: keep-alive
Content-Length: 0
Date: Sun, 24 Jul 2022 12:32:51 GMT
Server: nginx

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 11:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 24 Jul 2022 12:36:40 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=436628996993187&ev=PageView&dl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&rl=&if=false&ts=1658665977044&sw=1600&sh=1200&v=2.9.66&r=stable&a=plecwid&ec=0&o=30&fbp=fb.1.1658665975579.781789113&it=1658665975380&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 24 Jul 2022 12:32:51 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 256ms
255ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.beautybarmedspa.com&source=checkoutjs&t=xo&v=4.0.336

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-3XurgfoYZ1b7zUsWZVuQRhqK0AIyBF7TFVqMlDasOaMu39t4' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-3XurgfoYZ1b7zUsWZVuQRhqK0AIyBF7TFVqMlDasOaMu39t4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: HIT
paypal-debug-id: f82912724b8d3
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4036-HHN
traceparent: 00-0000000000000000000f82912724b8d3-db9b4774796d0b8c-01
x-timer: S1658665971.494151,VS0,VE248
x-frame-options: SAMEORIGIN
date: Sun, 24 Jul 2022 12:32:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=3600
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 app.bundle.js Show response
messenger.mindbodyonline.com/static/companies/js/webchat/ 1 MB
323 KB 242ms
241ms Script
text/javascript 2606:4700::6813:e968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://messenger.mindbodyonline.com/static/companies/js/webchat/app.bundle.js?q=0.15118305777067387

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/bowtie.ai/bowtieJS/bowtie_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6813:e968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

385d1cfcf6efcd3f7c6fd61dff33145349041547d1cf7a3ada05ea253297b031

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 329996
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Fri, 22 Jul 2022 18:22:43 GMT
server: cloudflare
etag: "62db2333-145e68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset="utf-8"
via: 1.1 vegur, 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
cache-control: max-age=60, public
cf-ray: 72fcae527b2ebb4f-FRA
x-amz-cf-id: tAun_K0oXbgFeLDarfC_fCrrwDJBIK2vq3VD1z40sWkNAo_qLVTXeg==

GET
H2 200 paymentform Show response
js.squareup.com/v2/ 161 KB
45 KB 334ms
107ms Script
application/javascript 13.248.205.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.squareup.com/v2/paymentform

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/bowtie.ai/bowtieJS/bowtie_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.205.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad42d0847b05b89b1.awsglobalaccelerator.com

Software

Resource Hash

6a0b6b79b4f8afe5801a48261da73974aaafc6d2dc19281476653df5081afbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 12:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-sq-region: iad2b
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK your-site.png
s3.amazonaws.com/bowtie.ai/bowtie_assets/images/sales_landing/ 22 KB
22 KB 112ms
112ms Image
image/png 52.217.131.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bowtie.ai/bowtie_assets/images/sales_landing/your-site.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.131.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f46527de0b6a85a4b718a47084fd60a6465fb0da81cf178e23ae1cdbd652fedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 12:32:52 GMT
Last-Modified: Tue, 13 Nov 2018 17:21:33 GMT
Server: AmazonS3
x-amz-request-id: YJFWFWCMHM13QC5E
ETag: "1ff96e83fbe46fde9836f4ceacf1ad22"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 22133
x-amz-id-2: s2DgmWA7Y2NmG1VhNd61cP7NINm8gzdXE4bQ0Fy/hvFqDCFCcG3i7xSkT7Ch4key34i658tmTmI=

GET
H/1.1 200
OK mb-webchat-logo.png
s3.amazonaws.com/bowtie.ai/bowtie_assets/images/ 13 KB
13 KB 128ms
128ms Image
image/png 52.217.131.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bowtie.ai/bowtie_assets/images/mb-webchat-logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.131.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b08bd509fe04590bacc5070ac4deb7a7cd248a7c0a95b240e33230aa022c57cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Sun, 24 Jul 2022 12:32:52 GMT
Last-Modified: Tue, 02 Feb 2021 19:27:20 GMT
Server: AmazonS3
x-amz-request-id: YJFS3G5TFKS9J1X7
ETag: "0eb1b8f1184eea04957a1cb68754d788"
x-amz-version-id: iaMLbT2k.rP0QAfw1KJY4nAvMguJDr13
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 12816
x-amz-id-2: 1zMZooDSLd0WVGpHEgXdM53eztnbksNkaxCilWiqTTVEZJPeKmzVPhToGPlomoPkupVLdSsXMs4=

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
irp.cdn-website.com/fonts/s/sourcesanspro/v21/ 13 KB
13 KB 8ms
7ms Font
font/woff2 13.32.99.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-173.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:24:31 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server: CloudFront
age: 1742900
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P3
content-length: 13036
x-amz-cf-id: kP9bHnUhWjhB1JpUXO65md5XsnUL6fkJjzpPgAwryeCD9U3bMyfmcg==

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v135/ 125 KB
126 KB 123ms
37ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v135/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ceee87b4f5030bcea1406c18ab6534743fd5f65a37fafd864cc47af46ba79bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 08:01:49 GMT
x-content-type-options: nosniff
age: 275462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128504
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 18:44:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 08:01:49 GMT

GET
H3 200 materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@3.0.39/fonts/ 156 KB
157 KB 23ms
14ms Font
font/woff2 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@3.0.39/fonts/materialdesignicons-webfont.woff2?v=3.0.39

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@3.0.39/css/materialdesignicons.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee7d5d599473bc8f60be449f90567a0b4da2b6598879a5ffefe2f311e60a6b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@mdi/font@3.0.39/css/materialdesignicons.min.css
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10811463
x-jsd-version: 3.0.39
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 159932
x-served-by: cache-fra19135-FRA, cache-hhn4054-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"270bc-WWCNPA4KAVAeeXiIQa6XLnSey8E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vcs373gJPU5%2BQYczt1Pw1fNCoRX5chQbECGITVJRivNX2p9qfjiUuQwxhweGhCplPbUkU%2FexVADMvNQAor4YoV6X7LOQfUjsJSpcq5u1Z2lKcPu6CthzSCVdPxpMX8kiIcAHxk9ZI1Gl835PQYY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 72fcae529d71697f-FRA

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
irp.cdn-website.com/fonts/s/sourcesanspro/v21/ 12 KB
13 KB 8ms
7ms Font
font/woff2 13.32.99.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-173.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:57:48 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server: CloudFront
age: 2302503
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P3
content-length: 12580
x-amz-cf-id: r4nd0NJ9Qn13CDG75NlcwDD3tksnNxTD_RuNGUpxYh80AHey_T23FQ==

GET
H2 200 ts
t.paypal.com/ 42 B
809 B 204ms
166ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Image%20Skin%20Care%20Products&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1658665977400&g=0&completeurl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&ru=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 3b14de0605c28
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4038-HHN
pragma: no-cache
traceparent: 00-00000000000000000003b14de0605c28-0e19d85b46ce73ee-01
x-timer: S1658665972.792186,VS0,VE159
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Jul 2022 12:32:51 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 46ms
46ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1249277581&t=pageview&cu=USD&_s=1&dl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&dp=%2Fcategory%2F46728194&ul=en-us&de=UTF-8&dt=Image%20Skin%20Care%20Products&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SCCAAEIJCAAAAC~&jid=1858861261&gjid=301108495&cid=1485889207.1658665976&tid=UA-125101325-1&_gid=1411243474.1658665976&_r=1&_slc=1&z=1700204259

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.beautybarmedspa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 12:32:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.beautybarmedspa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=436628996993187&ev=Microdata&dl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&rl=&if=false&ts=1658665977582&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Image%20Skin%20Care%20Products%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Image%20Skin%20Care%20Products%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs3.amazonaws.com%2Fimages.ecwid.com%2Fimages%2F15173444%2F1340197818.jpg%22%2C%22og%3Asite_name%22%3A%22Beauty%20Bar%20Online%20Store%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.66&r=stable&a=plecwid&ec=1&o=30&fbp=fb.1.1658665975579.781789113&it=1658665975380&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 24 Jul 2022 12:32:51 GMT

GET
H2 200 1356234178.jpg
d2j6dbq0eux0bg.cloudfront.net/images/15173444/ 45 KB
45 KB 429ms
427ms Image
image/jpeg 143.204.89.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/15173444/1356234178.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-125.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19e040138d629eb3b932daf82717c14a133c892ed994c0227a85a32c6ffed863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:53 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Sun, 22 Mar 2020 16:55:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "71c6ae8d47770776015ed3519779eacf"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 45647
x-amz-cf-id: IxbNxvX1KrvX7wESGZdJGhlscnCcVpsF9ODIgIdFtEf4VaOHKf4uGQ==

GET
H2 200 1356246426.jpg
d2j6dbq0eux0bg.cloudfront.net/images/15173444/ 51 KB
51 KB 477ms
475ms Image
image/jpeg 143.204.89.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/15173444/1356246426.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-125.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dba727e7847adf3720b730ac7377085efe3aeac8375682402622fac36854d163

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:53 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Sun, 22 Mar 2020 17:15:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "e638526de48646091ab2233a8ff0d1b4"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 51827
x-amz-cf-id: 1xzQKChkAe1wvnHN9DJ1dNQSDJcjFFerdy13j8XPtHL1UnGcFvBW-w==

GET
H2 200 1356119974.jpg
d2j6dbq0eux0bg.cloudfront.net/images/15173444/ 171 KB
171 KB 470ms
467ms Image
image/jpeg 143.204.89.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/15173444/1356119974.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-125.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dcbc2f124830872e4c9d246f0ef81edff32732002ea3aa6fce6ee031649f3ccb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:53 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Sun, 22 Mar 2020 16:17:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "bc15ce6bbc3d3585ec4895377b116722"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 174863
x-amz-cf-id: 8Bl3VGeIalrWF13oxLHT4vGchHS38r_2i7b6ToUdiDtLGbJl9DwsDA==

GET
H2 200 1356167631.jpg
d2j6dbq0eux0bg.cloudfront.net/images/15173444/ 35 KB
35 KB 427ms
425ms Image
image/jpeg 143.204.89.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/15173444/1356167631.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-125.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63efda770c44451c923c0a23417c559b397d962b569d3804fc26972e8b64d81a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:53 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Sun, 22 Mar 2020 16:48:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "b240f96bc30bf3a353f9b15b9f6181da"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 35586
x-amz-cf-id: lIXKT_wJ2ld_Nhucfo2YZZm4V4jENdZndfoi8BnzCDbaDvNmjrK2hg==

GET
H2 200 1356181099.jpg
d2j6dbq0eux0bg.cloudfront.net/images/15173444/ 58 KB
58 KB 435ms
433ms Image
image/jpeg 143.204.89.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/15173444/1356181099.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-125.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 093b7ca0070fc98298e3c8f5486a3f50b7d7e8861b284502ecadd12a292ac7e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:53 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Sun, 22 Mar 2020 16:23:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "bccb1f1b4b9ae30db1e3fa52c58eb083"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 59297
x-amz-cf-id: uG0XxbzKgEaf7ROaNDF9AoPppdmxYJ_CbqHyOFDF5wMVVF1w9Ow_6g==

GET
H2 200 1356130916.jpg
d2j6dbq0eux0bg.cloudfront.net/images/15173444/ 19 KB
19 KB 443ms
441ms Image
image/png 143.204.89.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/15173444/1356130916.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-125.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f1f544e0c2b181b03d1f35f594124b39426fcd7519812f2892f7217ece01358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:53 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Sun, 22 Mar 2020 16:34:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "83c97a1e9a558ae097a79ec748fbfc3a"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 19533
x-amz-cf-id: Yr_-bVEOTOAm0dnYqkEkm1bOWkKO5LK2ZmFjwOXYs2m40z41nqnh6g==

GET
H2 200 1356181876.jpg
d2j6dbq0eux0bg.cloudfront.net/images/15173444/ 44 KB
45 KB 436ms
434ms Image
image/jpeg 143.204.89.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/15173444/1356181876.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-125.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99ca3b50efe0483e0cf2777e71fed2933480afa8397d1b98fe2141f13ab0e5bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:53 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Sun, 22 Mar 2020 17:00:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "80827d3873218dd2307d698b4fb5ce39"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 45277
x-amz-cf-id: C2rP-nHTsMML8gX80Jy1x3e9evu52FqPgMDEHjyh9kG4qDr4li471w==

GET
H2 200 1315273427.jpg
d2j6dbq0eux0bg.cloudfront.net/images/15173444/ 15 KB
15 KB 16ms
14ms Image
image/jpeg 143.204.89.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/15173444/1315273427.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-125.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 342359f7df465170952f18c8403cd47c3a9f64175a59a35125dd7913c689aed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:51 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Fri, 28 Feb 2020 17:11:24 GMT
server: AmazonS3
age: 1
etag: "2529ef7f47d059027cb90f8d056edc09"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 15508
x-amz-cf-id: rzorkdnEliTNW__0MPGFnVzEdib6mYfQiQxTpQP6dgfBr0CH-aLi6g==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-125101325-1&cid=1485889207.1658665976&jid=1858861261&gjid=301108495&_gid=1411243474.1658665976&_u=SCCAAEIICAAAAC~&z=1796660008

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.beautybarmedspa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 24 Jul 2022 12:32:52 GMT
content-type: text/plain
access-control-allow-origin: https://www.beautybarmedspa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
irp.cdn-website.com/fonts/s/oldstandardtt/v18/ 22 KB
23 KB 8ms
7ms Font
font/woff2 13.32.99.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-173.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: b6ad8f4894150c85aa2a6158e918a26f119cba2e97ff2135a03eb1b3a4044230

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Josefin+Slab:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Belgrano:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Creepster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cabin:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Arvo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Courgette:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Oswald:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Eater:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster+Two:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Give+You+Glory:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Alice:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Cinzel:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Lobster:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amaranth:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Almarai:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Old+Standard+TT:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Dancing+Script:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 07:13:46 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server: CloudFront
age: 278345
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P3
content-length: 22840
x-amz-cf-id: R3SHX5DnxxPK-2jMOmtraFisHpRAhaXmEwlYgtePVs_tiKMDATsArA==

GET
H2 200 sw.js Show response
analytics.sitewit.com/partner/ecwid/15173444/noconnect/ 20 KB
21 KB 111ms
109ms Script
text/javascript 2600:1f18:243f:2d01:137e:ccfb:6d82:44ab
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.sitewit.com/partner/ecwid/15173444/noconnect/sw.js
Requested by: Host: analytics.sitewit.com
URL: https://analytics.sitewit.com/ecwid.plugin.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:243f:2d01:137e:ccfb:6d82:44ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: aacd70b174941dd2787e8e34c62a120da1e47cb405881f561cc5b79742151b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
cache-control: private,no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: text/javascript; charset=utf-8
content-length: 20386
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1249277581&t=pageview&_s=1&dl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&dp=%2Fstore%2FImage-Skin-Care-Products-c46728194&ul=en-us&de=UTF-8&dt=Image%20Skin%20Care%20Products&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SCCAAUIJCAAAAC~&jid=&gjid=&cid=1485889207.1658665976&tid=UA-125101325-1&_gid=1411243474.1658665976&gtm=2ou7k0&z=354884705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 08:30:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14544
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i
d32hwlnfiv2gyn.cloudfront.net/ 37 B
372 B 451ms
450ms Image
image/gif 13.33.244.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32hwlnfiv2gyn.cloudfront.net/i?e=pv&page=Image%20Skin%20Care%20Products&dtm=1658665977670&tid=200610&vp=1600x1200&ds=1600x3895&vid=1&duid=239554656f5a3972&p=web&tv=js-2.0.0&fp=2140059099&aid=e0176954&lang=en-US&cs=UTF-8&tz=UTC&tna=cf&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.244.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-244-94.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:53 GMT
via: 1.1 daf591bf33395af21c13beff18f6613c.cloudfront.net (CloudFront)
last-modified: Thu, 03 Jul 2014 09:50:57 GMT
server: AmazonS3
x-amz-cf-pop: HEL50-C1
etag: "3eacd0132310ea44cad756b378a3bc07"
x-cache: Miss from cloudfront
x-amz-version-id: null
accept-ranges: bytes
content-type: image/gif
content-length: 37
x-amz-cf-id: JpJxasa-Zg17z9RuILUSciImIxuvpKm7LUBJg-fP5VtPFa5u5w8nRg==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 314ms
238ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-125101325-1&cid=1485889207.1658665976&jid=1858861261&_u=SCCAAEIICAAAAC~&z=1377457233

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 12:32:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 139ms
62ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-125101325-1&cid=1485889207.1658665976&jid=1858861261&_u=SCCAAEIICAAAAC~&z=1377457233

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 12:32:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-685455725

Requested by

Host: analytics.sitewit.com
URL: https://analytics.sitewit.com/partner/ecwid/15173444/noconnect/sw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45961f514ed5395016606b511a58360e9545f8bbfef63de3a7961ea016b88217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45371
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Jul 2022 12:32:52 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-685455725&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBTN6C2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffb2d7d0d1616a17ce3404840a418b61bf59a7bb1904ba66cfe3a3c443aaa8d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45368
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Jul 2022 12:32:52 GMT

GET
H2 200 cq_blank.gif
analytics.sitewit.com/images/ 35 B
624 B 110ms
110ms Image
image/gif 2600:1f18:243f:2d01:137e:ccfb:6d82:44ab
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.sitewit.com/images/cq_blank.gif?_sw_ecwidid=15173444&_sw_uid=8c689444-0102-4d04-99a7-a0d88008152d&_sw_fp=64cd05eebc7e043da4e104083b1714b97c3516f8&_sw_pl=306&_sw_pc=3&_sw_dat=MXx3d3cuYmVhdXR5YmFybWVkc3BhLmNvbXxodHRwczovL3d3dy5iZWF1dHliYXJtZWRzcGEuY29tL3N0b3JlL0ltYWdlLVNraW4tQ2FyZS1Qcm9kdWN0cy1jNDY3MjgxOTR8ZW4tVVN8MTYwMHwxMjAwfDI0fENocm9tZS8xMDMuMC41MDYwLjEzNHx4NjR8MXwwfDF8MHwtfHwtfC18LXwyYTAzOjFiMjA6NjpmMDExOjo4ZXww&to=788
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:243f:2d01:137e:ccfb:6d82:44ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
last-modified: Thu, 24 Jun 2010 20:21:15 GMT
server: Microsoft-IIS/10.0
etag: "9f8deacbda13cb1:0"
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
cache-control: no-cache
accept-ranges: bytes
content-type: image/gif
content-length: 35

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 8ms
8ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=193ce8f4-fa3a-4846-8cb2-7892db0e36a0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 84840867de170
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 16464
x-served-by: cache-sjc10028-SJC, cache-hhn4059-HHN
last-modified: Tue, 03 May 2022 17:28:29 GMT
x-timer: S1658665972.215678,VS0,VE0
etag: W/"6271663d-da91"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 213946, 1179630

GET
H2 200 ts
t.paypal.com/ 42 B
505 B 167ms
167ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics%3A%3A4JNLKXK8YXNM6-1&page=muse%3Athird-party%3Aanalytics%3A%3A4JNLKXK8YXNM6-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=193ce8f4-fa3a-4846-8cb2-7892db0e36a0&fltp=analytics&mrid=4JNLKXK8YXNM6&code=Ecwid_SP&partner_name=StoreFront&flag_consume=yes&pt=Image%20Skin%20Care%20Products&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1658665977862&g=0&completeurl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 67851823ecf37
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4038-HHN
pragma: no-cache
traceparent: 00-000000000000000000067851823ecf37-e164d3d2989a56a9-01
x-timer: S1658665972.229154,VS0,VE147
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Jul 2022 12:32:52 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 134ms
50ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-685455725&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Jul 2022 12:32:52 GMT

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/promotions/ Frame 9142 195 KB
59 KB 8ms
7ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/promotions/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ce47b22e768a937ac604165b4dcc87b15008b84593b23d7aa8f941e09950635e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.beautybarmedspa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 60145
content-type: text/html
date: Sun, 24 Jul 2022 12:32:52 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6271663d-30cdd"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 7af78c70f2233
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 114, 19500
x-content-type-options: nosniff
x-served-by: cache-sjc10071-SJC, cache-hhn4059-HHN
x-timer: S1658665972.244042,VS0,VE0

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 25D6 54 KB
17 KB 8ms
7ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.beautybarmedspa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Sun, 24 Jul 2022 12:32:52 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6271663d-d994"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 50b39f10d2761
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 348781, 1229831
x-content-type-options: nosniff
x-served-by: cache-sjc10046-SJC, cache-hhn4059-HHN
x-timer: S1658665972.246038,VS0,VE0

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame 9142 18 B
335 B 7ms
7ms Fetch
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/promotions/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/promotions/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: ef9c765e4af1c
x-cache-hits: 102455, 24805
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 38
x-served-by: cache-sjc10054-SJC, cache-hhn4059-HHN
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
x-timer: S1658665972.300944,VS0,VE0
etag: "60271cd0-12"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public,max-age=3600
accept-ranges: bytes
x-client-location: DE

GET
H2 200 69f6eb1f8dca19285f7c.chunk.js Show response
www.paypalobjects.com/muse/promotions/chunk/ Frame 9142 49 KB
9 KB 8ms
7ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/promotions/chunk/69f6eb1f8dca19285f7c.chunk.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/promotions/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

80300cfba78c32dbcdf80c2d83f8e041891760035ea3cdf0f146c4391ca1d069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/promotions/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: ecd84a44a2c85
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 9390
x-served-by: cache-sjc10043-SJC, cache-hhn4059-HHN
last-modified: Wed, 07 Jul 2021 18:47:51 GMT
x-timer: S1658665972.325042,VS0,VE0
etag: W/"60e5f6d7-c566"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 303, 80

GET
H2 200 5135b41102718fd07c6e.chunk.js Show response
www.paypalobjects.com/muse/promotions/chunk/ Frame 9142 16 KB
5 KB 9ms
8ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/promotions/chunk/5135b41102718fd07c6e.chunk.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/promotions/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2c435409f30af7bc9f44fb3a07503ce693a8f626b5d4a3fde6295c6f90c3de01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/promotions/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 1189ebac3ea57
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 5276
x-served-by: cache-sjc10035-SJC, cache-hhn4059-HHN
last-modified: Thu, 29 Jul 2021 18:29:29 GMT
x-timer: S1658665972.325536,VS0,VE0
etag: W/"6102f389-4107"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1, 27

GET
H2 200 47694f0f7c82af839a16.chunk.js Show response
www.paypalobjects.com/muse/promotions/chunk/ Frame 9142 17 KB
4 KB 10ms
9ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/promotions/chunk/47694f0f7c82af839a16.chunk.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/promotions/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

be7891c253aaf59d47d6cf03f8fc9b676c3e554ec2446cbfa1fe8152ee03162e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/promotions/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 63e2d610d5054
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4452
x-served-by: cache-sjc10081-SJC, cache-hhn4059-HHN
last-modified: Wed, 07 Jul 2021 18:47:51 GMT
x-timer: S1658665972.326142,VS0,VE1
etag: W/"60e5f6d7-4423"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 249, 1

GET
H2 200 eb12be3de0b4f6b9d959.chunk.js Show response
www.paypalobjects.com/muse/promotions/chunk/ Frame 9142 12 KB
3 KB 10ms
10ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/promotions/chunk/eb12be3de0b4f6b9d959.chunk.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/promotions/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d3277aff75ec834488f6a9e5e4c37c4c6ebeb39c8c773f5b7187311e2302dab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/promotions/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: de1b22faf52ce
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 2503
x-served-by: cache-sjc10077-SJC, cache-hhn4059-HHN
last-modified: Wed, 07 Jul 2021 18:47:52 GMT
x-timer: S1658665972.326164,VS0,VE1
etag: W/"60e5f6d8-3011"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1, 1

GET
H2 200 ts
t.paypal.com/ 42 B
161 B 179ms
178ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A4JNLKXK8YXNM6-1&page=muse%3Aoffer%3A%3A%3A4JNLKXK8YXNM6-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=193ce8f4-fa3a-4846-8cb2-7892db0e36a0&es=visitorInfoFlowStarted&mrid=4JNLKXK8YXNM6&code=Ecwid_SP&partner_name=StoreFront&pt=Image%20Skin%20Care%20Products&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1658665977982&g=0&completeurl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 67888d4267f68
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4038-HHN
pragma: no-cache
traceparent: 00-000000000000000000067888d4267f68-4c38e45fa7cba45d-01
x-timer: S1658665972.348002,VS0,VE160
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Jul 2022 12:32:52 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 25D6 434 B
1 KB 301ms
301ms Fetch
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cc259ff34f36bb8eec80d7433101f2c1d37c2389ccbd00aae1ef6e6ab1b36e2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-4ZueiA78aSbU8m0jtyLrVZ+THE7vRzkBXBAAAZnB6UySatpO' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-4ZueiA78aSbU8m0jtyLrVZ+THE7vRzkBXBAAAZnB6UySatpO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
vary: Accept-Encoding
x-cache: MISS
paypal-debug-id: f402807960215
date: Sun, 24 Jul 2022 12:32:52 GMT
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4036-HHN
traceparent: 00-0000000000000000000f402807960215-24dd6ca290306c68-01
x-timer: S1658665973.542034,VS0,VE292
x-frame-options: SAMEORIGIN
etag: W/W/"1b2-qWrepZoVOGB7G8d5yqjdrRoujQU"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
content-encoding: br
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 199ms
185ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Sun, 24 Jul 2022 12:32:52 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f9051216827c1
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f9051216827c1-6e62095855381f51-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4061-HHN
x-timer: S1658665972.355207,VS0,VE173

GET
H2 200 ts
t.paypal.com/ 42 B
161 B 163ms
162ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3Aone-touch%3Aslide-up%3A4JNLKXK8YXNM6-1&page=muse%3Aoffer%3Aone-touch%3Aslide-up%3A4JNLKXK8YXNM6-1%3A%3AconnectionStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=smartincentive&s=ci&item=193ce8f4-fa3a-4846-8cb2-7892db0e36a0&fltp=one-touch&es=connectionStarted&mrid=4JNLKXK8YXNM6&code=Ecwid_SP&partner_name=StoreFront&pt=Image%20Skin%20Care%20Products&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1658665978004&g=0&completeurl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 8d7511fe6b482
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4038-HHN
pragma: no-cache
traceparent: 00-00000000000000000008d7511fe6b482-e31dd9ae88d8c366-01
x-timer: S1658665972.362806,VS0,VE151
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Jul 2022 12:32:52 GMT

GET
H2 200 PayPalSansSmall-Regular.woff2
www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/ Frame 9142 36 KB
37 KB 8ms
8ms Font
application/font-woff2 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/PayPalSansSmall-Regular.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fbc9938e7f80cc983bbdfe777b736364fec34f493d20a81f84b5c67b6bc0c24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/muse/promotions/index.html
Origin: https://www.paypalobjects.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: d9186dd1ad071
dc: ccg11-origin-www-1.paypal.com
content-length: 37186
x-served-by: cache-sjc10042-SJC, cache-hhn4059-HHN
last-modified: Sat, 13 Feb 2021 00:29:24 GMT
x-timer: S1658665972.369783,VS0,VE1
etag: "60271d64-9142"
strict-transport-security: max-age=31557600
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 6947, 30

GET
H2 200 PayPalVXIcons-Regular.woff
www.paypalobjects.com/ui-web/vx-icons/2-0-1/ Frame 9142 9 KB
9 KB 9ms
9ms Font
font/woff 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ui-web/vx-icons/2-0-1/PayPalVXIcons-Regular.woff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

87a3ea6f934b38d018e81a6c563c3ff7544e1ad5860f26933a17c08912bbd3fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/muse/promotions/index.html
Origin: https://www.paypalobjects.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: f27ae4998b546
dc: ccg11-origin-www-1.paypal.com
content-length: 9488
x-served-by: cache-sjc10043-SJC, cache-hhn4059-HHN
last-modified: Sat, 13 Feb 2021 00:29:24 GMT
x-timer: S1658665972.370177,VS0,VE0
etag: "60271d64-2510"
strict-transport-security: max-age=31557600
content-type: font/woff
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 2674, 2

GET
H2 200 PayPalSansSmall-Medium.woff2
www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/ Frame 9142 38 KB
38 KB 8ms
7ms Font
application/font-woff2 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/PayPalSansSmall-Medium.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b337b4723a05881b0fdbc54695b0558d288b13ab9d98ff45d091e51d78fd6ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/muse/promotions/index.html
Origin: https://www.paypalobjects.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: d2afed21916d6
dc: ccg11-origin-www-1.paypal.com
content-length: 38606
x-served-by: cache-sjc10058-SJC, cache-hhn4059-HHN
last-modified: Sat, 13 Feb 2021 00:29:24 GMT
x-timer: S1658665972.372092,VS0,VE0
etag: "60271d64-96ce"
strict-transport-security: max-age=31557600
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 22046, 293615

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/685455725/ 2 KB
2 KB 134ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/685455725/?random=1658665978034&cv=9&fst=1658665978034&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7k0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&tiba=Image%20Skin%20Care%20Products&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

418e822edffb6cef62c964bf14c9654c1f474c07daf0335309cf299186c496f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 12:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1062
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 locale Show response
www.paypal.com/muse/api/ Frame 9142 18 B
2 KB 244ms
244ms Fetch
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/muse/api/locale

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/promotions/chunk/5135b41102718fd07c6e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

548269cd9a18be58c3bc004473c05d8d3e7d09a0c695ec1626d247dadded7502

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-+Zy/F7+hsg/FCG+3SqGukYfsPI8hp+p4Iw/B0LkI6OtkCw70' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-+Zy/F7+hsg/FCG+3SqGukYfsPI8hp+p4Iw/B0LkI6OtkCw70' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f90512142694e
date: Sun, 24 Jul 2022 12:32:52 GMT
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4036-HHN
traceparent: 00-0000000000000000000f90512142694e-80c16162920b9b94-01
x-timer: S1658665972.461782,VS0,VE236
x-frame-options: SAMEORIGIN
etag: W/W/"12-fzj02wHXGxo6ukwnEmbCxRzx3FY"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

POST
H2 200 web_chat_user Show response
messenger.mindbodyonline.com/ 2 KB
2 KB 412ms
411ms Fetch
application/json 2606:4700::6813:e968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://messenger.mindbodyonline.com/web_chat_user

Requested by

Host: messenger.mindbodyonline.com
URL: https://messenger.mindbodyonline.com/static/companies/js/webchat/app.bundle.js?q=0.15118305777067387

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6813:e968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b40a70e5e9b42d2427e8ed934dd2483a7613dd65edb301147fabccde4fca56e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM HTTPS://FACEBOOK.COM

Request headers

Accept: application/json
Referer: https://www.beautybarmedspa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Jul 2022 12:32:53 GMT
via: 1.1 vegur, 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
referrer-policy: same-origin
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://FACEBOOK.COM
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Cookie
content-type: application/json
access-control-allow-origin: *
cf-ray: 72fcae5ac8fc9a35-FRA
x-amz-cf-id: 14E0EvBPQTcUlIoZKCsOXvTwnnCzEj8M6BzUxPcWkIEN0dLFJkzW6g==

OPTIONS
H2 200 web_chat_user
messenger.mindbodyonline.com/ Frame 0
0 358ms
338ms Preflight
text/html 2606:4700::6813:e968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://messenger.mindbodyonline.com/web_chat_user

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6813:e968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM HTTPS://FACEBOOK.COM

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.beautybarmedspa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 72fcae58bdfa9a35-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 24 Jul 2022 12:32:52 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Cookie
via: 1.1 vegur, 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-id: DlrHkz3q5WdMcUQwTX4YfabtEdGZFbrFA_fxnyRLjEXwxG-SBs95Vg==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM HTTPS://FACEBOOK.COM

GET
H3 200 /
www.google.com/pagead/1p-user-list/685455725/ 42 B
64 B 53ms
53ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/685455725/?random=1658665978034&cv=9&fst=1658664000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&tiba=Image%20Skin%20Care%20Products&async=1&fmt=3&is_vtc=1&random=2195848251&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 12:32:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/685455725/ 42 B
64 B 49ms
48ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/685455725/?random=1658665978034&cv=9&fst=1658664000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194&tiba=Image%20Skin%20Care%20Products&async=1&fmt=3&is_vtc=1&random=2195848251&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 12:32:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 92499fddeb63fce0ece4.chunk.js Show response
www.paypalobjects.com/muse/promotions/chunk/ Frame 9142 1 KB
830 B 9ms
9ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/promotions/chunk/92499fddeb63fce0ece4.chunk.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/promotions/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

deeb717830ce49e1bab3452af8601f7958547a6781cc68e7512a7ef5af228d6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/promotions/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: cc3ef9a39dccd
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 550
x-served-by: cache-sjc10071-SJC, cache-hhn4059-HHN
last-modified: Wed, 07 Jul 2021 18:47:51 GMT
x-timer: S1658665973.708505,VS0,VE0
etag: W/"60e5f6d7-493"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1, 5

GET
H2 200 pp-white.png
www.paypalobjects.com/muse/img/ Frame 9142 3 KB
3 KB 9ms
9ms Image
image/png 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/muse/img/pp-white.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fb615afc947f23d9dad13ff0851050dce4f4d642dc32cbf5b96b9c7e1309e8b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/promotions/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=4292 idim=190x48 ifmt=png ofsz=3037 odim=190x48 ofmt=png
paypal-debug-id: 2f4a5edd1e67d
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 3037
x-served-by: cache-sjc10076-SJC, cache-hhn4059-HHN
traceparent: 00-00000000000000000002f4a5edd1e67d-5a5d188ad6cf7217-01
x-timer: S1658665973.725687,VS0,VE1
etag: "8XvzZRZuuq9FKsy9LAEO+eCezuMyZphITo57lKlcFe0"
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1, 1

GET
H2 200 pp-logo.png
www.paypalobjects.com/muse/img/ Frame 9142 5 KB
5 KB 9ms
8ms Image
image/png 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/muse/img/pp-logo.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8fedd18ff9e95e44d9fe2aefd0929c62c0a9215dc989a7ec5d46b66646f731bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/promotions/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=5556 idim=204x54 ifmt=png ofsz=4738 odim=204x54 ofmt=png
paypal-debug-id: 19f604de3be99
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 4738
x-served-by: cache-sjc10076-SJC, cache-hhn4059-HHN
traceparent: 00-000000000000000000019f604de3be99-a4dc8cef7fd39fa5-01
x-timer: S1658665973.726462,VS0,VE0
etag: "3uyBexc8VIcpj39vwy5IGFVC4lp1xoKfo/vqMNXVcPc"
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 11, 18

GET
H2 200 cart-icon.png
www.paypalobjects.com/muse/img/ Frame 9142 2 KB
2 KB 10ms
9ms Image
image/png 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/muse/img/cart-icon.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

21ac34869bc0fe640b2e0d2c29b586026c69a54fea08c1461113324aa32d01ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/promotions/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=3475 idim=103x93 ifmt=png ofsz=1771 odim=103x93 ofmt=png
paypal-debug-id: 89ca527b1e18d
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 1771
x-served-by: cache-sjc10082-SJC, cache-hhn4059-HHN
x-timer: S1658665973.726441,VS0,VE1
etag: "MYTTd+8iAWWkJqI/tqbWYmAsTD1Q8sujASAr9VhVVRA"
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 2, 1

GET
H2 200 ts
t.paypal.com/ 42 B
457 B 162ms
161ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3Aone-touch%3Aslide-up%3A4JNLKXK8YXNM6-1&page=muse%3Aoffer%3Aone-touch%3Aslide-up%3A4JNLKXK8YXNM6-1%3A%3AflowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=smartincentive&s=ci&item=193ce8f4-fa3a-4846-8cb2-7892db0e36a0&fltp=one-touch&es=flowStarted&mrid=4JNLKXK8YXNM6&code=Ecwid_SP&partner_name=StoreFront&flag_consume=yes&pt=Image%20Skin%20Care%20Products&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1658665978375&g=0&completeurl=https%3A%2F%2Fwww.beautybarmedspa.com%2Fstore%2FImage-Skin-Care-Products-c46728194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:52 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: d08b408a5b18
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4038-HHN
pragma: no-cache
traceparent: 00-00000000000000000000d08b408a5b18-ac7d1a8c37bb4709-01
x-timer: S1658665973.729671,VS0,VE152
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Jul 2022 12:32:52 GMT

OPTIONS
H2 200 get_chat_history
messenger.mindbodyonline.com/ Frame 0
0 318ms
317ms Preflight
text/html 2606:4700::6813:e968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://messenger.mindbodyonline.com/get_chat_history

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6813:e968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM HTTPS://FACEBOOK.COM

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.beautybarmedspa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 72fcae5d8d339a35-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 24 Jul 2022 12:32:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Cookie
via: 1.1 vegur, 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-id: DmEsE_e8h8r-lZKVHua2i9AS1fAugpV3OmGrZduUZL1mpfeomNaqrw==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM HTTPS://FACEBOOK.COM

POST
H2 200 get_chat_history Show response
messenger.mindbodyonline.com/ 27 B
360 B 369ms
368ms Fetch
application/json 2606:4700::6813:e968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://messenger.mindbodyonline.com/get_chat_history

Requested by

Host: messenger.mindbodyonline.com
URL: https://messenger.mindbodyonline.com/static/companies/js/webchat/app.bundle.js?q=0.15118305777067387

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6813:e968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4a874f60ade0a9f657f172bc0d5f50695f011024f008a51bcbc545590ec8eb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM HTTPS://FACEBOOK.COM

Request headers

Accept: application/json
Referer: https://www.beautybarmedspa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Jul 2022 12:32:54 GMT
via: 1.1 vegur, 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
vary: Origin, Cookie
content-length: 27
referrer-policy: same-origin
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://FACEBOOK.COM
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
cf-ray: 72fcae5f88149a35-FRA
x-amz-cf-id: 3BxuXrJ7Wimza_Wg-WiZIDOcNNnz8jByII38xhye11J1c7Pv0A-gdA==

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: messenger.mindbodyonline.com
URL: https://messenger.mindbodyonline.com/static/companies/js/webchat/app.bundle.js?q=0.15118305777067387

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5453
date: Sun, 24 Jul 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 24 Jul 2022 13:02:00 GMT

GET
H/1.1 200
OK 5gaSEQ9e6pfh6s5C.png
s3.amazonaws.com/bowtie.ai/company_logomarks/ 22 KB
22 KB 119ms
119ms Image
image/png 52.217.131.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bowtie.ai/company_logomarks/5gaSEQ9e6pfh6s5C.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.131.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9e0ca708c3a324380d3093a55dd051cc762391c83db0f49f7674229672cde192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Sun, 24 Jul 2022 12:32:54 GMT
Last-Modified: Sat, 01 Feb 2020 01:02:14 GMT
Server: AmazonS3
x-amz-request-id: YBV1M93R8TMT8NQJ
ETag: "c931c335e6ab3ca2dc86a1e9b749254b"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 22332
x-amz-id-2: XFqOS07NWeaPbg3Og/9ernJFEzpHZFctNvkCwxJUw/Jn6L/aeF+t7SQ6Y1m2uxV5rWNaY8lkmoE=

GET
H/1.1 200
OK 5gaSEQ9e6p4pmABE.jpg
s3.amazonaws.com/bowtie.ai/company_avatars/ 172 KB
172 KB 147ms
146ms Image
image/jpeg 52.217.131.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bowtie.ai/company_avatars/5gaSEQ9e6p4pmABE.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.131.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6e0ecb6061f8c35d8f6688fd7d80a95d9a5cd54cbe3db81255c3a93035d39e02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Sun, 24 Jul 2022 12:32:55 GMT
Last-Modified: Sat, 01 Feb 2020 00:59:42 GMT
Server: AmazonS3
x-amz-request-id: TY8T2RM7YQYQPH6T
ETag: "8c84b455b0d885f08511d4c296f27c4d"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 175847
x-amz-id-2: rZXMi7LkWA0W0C+TbA7gtkoY5r47YOyiWVGutQ0mM783rbtkLh3/Y3iGNnvzkzYJcOWdGxwA7Zs=

GET
H/1.1 200
OK message_icon.png
s3.amazonaws.com/bowtie.ai/bowtie_assets/icons/ 2 KB
2 KB 114ms
113ms Image
image/png 52.217.131.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bowtie.ai/bowtie_assets/icons/message_icon.png
Requested by: Host: messenger.mindbodyonline.com
URL: https://messenger.mindbodyonline.com/static/companies/stylus/webchat.css?q=0.6207319175575361
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.131.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e8a2fdc1e06e582200e5795c0654a220d9d31452fd034bcb598e23d5c58e035c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 12:32:55 GMT
Last-Modified: Thu, 09 Feb 2017 00:13:11 GMT
Server: AmazonS3
x-amz-request-id: TY8PGS7YYE0DX3Z2
ETag: "7418686106cd5e3755813c244c9636f6"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 1831
x-amz-id-2: vAiNy7+F6xsFziRu4gaKEuqfF2yEV3zCtiBhf1WSkBY+4R/9QMWlDLuC0Lh6872RhtSMiMLq+Aw=

GET
H2 200 Averta-Semibold.ttf
messenger.mindbodyonline.com/static/common/fonts/Averta/ 70 KB
70 KB 447ms
447ms Font
application/octet-stream 2606:4700::6813:e968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://messenger.mindbodyonline.com/static/common/fonts/Averta/Averta-Semibold.ttf

Requested by

Host: messenger.mindbodyonline.com
URL: https://messenger.mindbodyonline.com/static/common/fonts/Averta/stylesheet.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6813:e968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21bb6569f492035b154c97b87d8f28da53d1ca8738205a3a3719558e9e09b466

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://messenger.mindbodyonline.com/static/common/fonts/Averta/stylesheet.css
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:54 GMT
via: 1.1 vegur, 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-length: 71488
referrer-policy: same-origin
last-modified: Fri, 22 Jul 2022 18:22:44 GMT
server: cloudflare
etag: "62db2334-11740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=60, public
cf-ray: 72fcae61fbda9a35-FRA
x-amz-cf-id: OVHlZA3HcSadYC4Eqjl8oJWydg3CvYCengCvyPVEn4AeZ1x2ssyAHg==

GET
H2 200 Averta-Regular.ttf
messenger.mindbodyonline.com/static/common/fonts/Averta/ 70 KB
71 KB 433ms
433ms Font
application/octet-stream 2606:4700::6813:e968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://messenger.mindbodyonline.com/static/common/fonts/Averta/Averta-Regular.ttf

Requested by

Host: messenger.mindbodyonline.com
URL: https://messenger.mindbodyonline.com/static/common/fonts/Averta/stylesheet.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6813:e968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ede606de6a58fb1b3ec8e90396c348f7ad3182397b381ee4fb8e79354f9f7915

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://messenger.mindbodyonline.com/static/common/fonts/Averta/stylesheet.css
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:54 GMT
via: 1.1 vegur, 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-length: 72116
referrer-policy: same-origin
last-modified: Fri, 22 Jul 2022 18:22:44 GMT
server: cloudflare
etag: "62db2334-119b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=60, public
cf-ray: 72fcae61fbdc9a35-FRA
x-amz-cf-id: wibYWaPPsIk4GpJphHna5gnxk14Mxn6yT6U-7rt-VQ1bhKZvbgJ1ug==

GET
H2 200 head.load.min.js Show response
cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/ 4 KB
2 KB 62ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js

Requested by

Host: beautybarmedspa.agilecrm.com
URL: https://beautybarmedspa.agilecrm.com/stats/min/agile-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a642da827ad3fb5b4bd419082f0b6da9e60654433368a9d3cb829058ba19f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7955932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1704
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e76-11fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89SdhlD3%2B5ZzgK010bpSwGZwTMnpISkbKoGpfVrZHDnWLRGztGrjxjMVCMJhKa3Ju0Wehtooe7OmtwmRfDbFxZ60shrHKW2E0i7YFJVEARqC%2B8jd1bOcYPJ3XeVTbP0r0cD9v9t2veW%2BDxsjtkx68L8Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72fcae6c5e226943-FRA
expires: Fri, 14 Jul 2023 12:32:55 GMT

GET
H/1.1 200
OK simple-modal-min.js Show response
s3.amazonaws.com/agilecrm/web-rules-static/responsive/scripts/ 5 KB
5 KB 128ms
127ms Script
application/x-javascript 52.217.131.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/agilecrm/web-rules-static/responsive/scripts/simple-modal-min.js
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.131.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b7caf6fa34e902c25c089f3d78618ef7dc0ffe3503ff5ee7a8c8c4fdca5badd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 12:32:56 GMT
Last-Modified: Thu, 20 Jul 2017 12:34:26 GMT
Server: AmazonS3
x-amz-request-id: 4SNGR61F7A78XZVK
ETag: "d351db7d70ad34a2bc7a01abbed46a6f"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 5026
x-amz-id-2: hmIR3caSDW4pDqJnHdJCP9dWXuzeFb4ye+Y1vupss7pwgBKAFwHhvcuNkBzS5FH7Yea3K+KVmhk=

GET
H/1.1 200
OK custommodal.css
s3.amazonaws.com/agilecrm/web-rules-static/responsive/css/ 2 KB
2 KB 114ms
113ms Stylesheet
text/css 52.217.131.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/agilecrm/web-rules-static/responsive/css/custommodal.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.131.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0004d696bc128f7771397a7214e776822a6353758fa4cb78a88f0ae81f2b823f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 12:32:56 GMT
Last-Modified: Thu, 20 Jul 2017 12:34:21 GMT
Server: AmazonS3
x-amz-request-id: 4SNRBKBCHB08NDBR
ETag: "6c59bc0a45c70d03fb65f1ba27ff822a"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2175
x-amz-id-2: LnvtnCdzgX+by4PzJGBNCcUUuPqhPirzQwabswcr6kKDqoDkKp3OEqdQ9bcC+0+R43TPGd/yh2M=

GET
H3 200 handlebars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/ 43 KB
12 KB 46ms
23ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/handlebars.min.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12072961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11830
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-ac34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbogrF0BkFqOFhfzdzSIWqhbGKF%2BRYIjI1bgolQidqwxKYbJQeK7n7n7HPsOcQikKZrk1E55sV0JnY9u8nJX2xw8sSHduN%2FQ1L%2Fwl5qxbuv3UfEhTjnVBU0d72YuMh5XL2lG6MD%2FG3L5lmLcWanzzbUV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72fcae6e4895914a-FRA
expires: Fri, 14 Jul 2023 12:32:56 GMT

GET
H/1.1 200
OK modernizr.min.js Show response
s3.amazonaws.com/agilewebgrabbers/scripts/ 8 KB
4 KB 119ms
118ms Script
application/x-javascript 52.217.131.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/agilewebgrabbers/scripts/modernizr.min.js
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.131.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e66f326dafe1b0eb820ea77dd51099ee95ddfcd8d10b43ae784c1e39b6d7c838

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 12:32:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Jun 2015 06:29:36 GMT
Server: AmazonS3
x-amz-request-id: QYFXDDAFNPKT0G8V
ETag: "a92dc9a87bf7be5867178e51c927f4ce"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 3737
x-amz-id-2: wnZcvavgvh7Se6jg4F3GrsdgQgxXcmyvP332fxPGNQUWr/yPw8LDOOusxR2Z49RG2rWmJQWIQk0=
Expires: Tue, 01 Dec 2020 20:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1CC1 2 KB
581 B 123ms
46ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Varela:400|Montserrat:700

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/agilecrm/web-rules-static/responsive/scripts/simple-modal-min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

49dc34084df3d9a0f1d74ae3c86ef12a247f82427a5cef21c1b8203fee7827ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 12:32:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 12:32:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 12:32:56 GMT

GET
H/1.1 200
OK agile-crm-logo.png
agilecrm.s3.amazonaws.com/ Frame 1CC1 30 KB
31 KB 593ms
116ms Image
image/png 52.217.174.201

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agilecrm.s3.amazonaws.com/agile-crm-logo.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/agilecrm/web-rules-static/responsive/scripts/simple-modal-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.174.201 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97321c5889e20d8afcfe93171ac4cb2fcca5a41bbe94cd001f2df6eb80562ff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 12:32:57 GMT
Last-Modified: Mon, 28 Nov 2016 05:13:04 GMT
Server: AmazonS3
x-amz-request-id: QYFSRS78BQCJ73GJ
ETag: "a23a4cda54395394a3edf1fcb3586501"
Content-Type: image/png
x-amz-meta-s3fox-filesize: 30991
x-amz-meta-s3fox-modifiedtime: 1480309697990
Accept-Ranges: bytes
Content-Length: 30991
x-amz-id-2: /GLry2/QpgLAa6Y3w1DP0yk/c17B7d6dc5q9rEe+dsNNHQgUy2KV1Nh1ZTJB/Vj8V3Nz23kqrq4=

GET
H3 200 css
fonts.googleapis.com/ Frame 0FEC 5 KB
667 B 115ms
53ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/agilecrm/web-rules-static/responsive/scripts/simple-modal-min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 11:14:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 12:32:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 12:32:56 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.7.2/ Frame 0FEC 93 KB
30 KB 20ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/agilecrm/web-rules-static/responsive/scripts/simple-modal-min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3843103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29787
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOBUcCT7nzjV49Te348mWhqqZd6FOO9lNIqWss2paPuB9s1YGyFK%2F4fgDUHDD51kEfWveWvUAGSwRAsObHFyectSSPB9e9b%2B74BnILHYaiAUEKlxYa2Jdu%2BKx3ugPO7YtaM%2BQ63VkHB3Mln5G5HqRXnT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72fcae6f9ab8914a-FRA
expires: Fri, 14 Jul 2023 12:32:56 GMT

GET
H3 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.11.1/ Frame 0FEC 21 KB
6 KB 45ms
45ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.11.1/jquery.validate.min.js

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/agilecrm/web-rules-static/responsive/scripts/simple-modal-min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 321563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5650
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-524c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDhMderdvTG7GFHg1gh1A7A01nAKggnzzke%2BjiVL%2BcvbsgeXmGCHJQY9YnHQnodDqWvRxOWq7bTIovIXUzDlnz1utbkvKo09HeJJn%2FGsiDrDia%2BpYi0UWX81xKM2L5uqkqows1gmCXPCIxxmMvgRr4vX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72fcae6f9ac0914a-FRA
expires: Fri, 14 Jul 2023 12:32:56 GMT

GET
H3 200 additional-methods.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.11.1/ Frame 0FEC 13 KB
4 KB 46ms
45ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.11.1/additional-methods.min.js

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/agilecrm/web-rules-static/responsive/scripts/simple-modal-min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60507e9b22e3bf0ec92e952301ffd66700ac166e5412ddb9d504d6539b892472

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12513708
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3448
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-35fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtdO8ChooRX8GvhYeA6uR7IEC0Wdgolmf82G6MolGltGL5Z2NizGktfaivhfnKyVYnPFikJ%2FNZz93XO2OvimvMyWJgt%2FpsnD42CiPgXqBJHKHhuLxOxLFI%2BLBve7tAmiISgXNKyeGGF5SUu8cjE1s5qM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72fcae6f9ac3914a-FRA
expires: Fri, 14 Jul 2023 12:32:56 GMT

GET
H/1.1 200
OK agile-crm-logo.png
agilecrm.s3.amazonaws.com/ Frame 1CC1 30 KB
31 KB 579ms
118ms Image
image/png 52.217.174.201

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agilecrm.s3.amazonaws.com/agile-crm-logo.png
Requested by: Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.174.201 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97321c5889e20d8afcfe93171ac4cb2fcca5a41bbe94cd001f2df6eb80562ff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 12:32:57 GMT
Last-Modified: Mon, 28 Nov 2016 05:13:04 GMT
Server: AmazonS3
x-amz-request-id: QYFM576SQHZVNSCW
ETag: "a23a4cda54395394a3edf1fcb3586501"
Content-Type: image/png
x-amz-meta-s3fox-filesize: 30991
x-amz-meta-s3fox-modifiedtime: 1480309697990
Accept-Ranges: bytes
Content-Length: 30991
x-amz-id-2: VN47T9+CVWSz2rlOC/i3tb4H1N1lLMGtkS7kXfbpEL7vlam1xG2xUAXcw4dTGepIlBgylE5UrCE=

GET
H3 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.11.1/ Frame 0FEC 21 KB
6 KB 20ms
19ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.11.1/jquery.validate.min.js

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 321563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5650
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-524c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVvioPxk6covO9gJm5vQ0otoff2MJuIPwKH3jc7p4aD4%2FTtlEHs%2BENhLNXI8HWGZL1CoBmH8FYeCYYPX04QUjLkYKCFjKQQ6rLH%2FA41wrAZLq765jF%2BpF%2B1hweocGaUfK0KoiwsPd8Fo6EaglOSqW4CZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72fcae706c05914a-FRA
expires: Fri, 14 Jul 2023 12:32:56 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 0FEC 44 KB
44 KB 118ms
39ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.beautybarmedspa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 478847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 23:32:09 GMT

GET
H3 200 additional-methods.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.11.1/ Frame 0FEC 13 KB
4 KB 20ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.11.1/additional-methods.min.js

Requested by

Host: www.beautybarmedspa.com
URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60507e9b22e3bf0ec92e952301ffd66700ac166e5412ddb9d504d6539b892472

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beautybarmedspa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12513708
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3448
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-35fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDA8JSHD7ujri9%2BvljRbS0uNA5FsIxdhzS38GamAZ4JFk0tQLKmwkCbd6Re1iqhplkEEWCdlL1PQ%2BY0eGfjYGfuuu%2BQ2QfE8H3mPmFM2571KXtB3OeTuRr3%2Bq5ck0tzzvXRbI8AlmTr1o2p9G18K1E4%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72fcae71ee67914a-FRA
expires: Fri, 14 Jul 2023 12:32:56 GMT

Verdicts & Comments Add Verdict or Comment

523 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.beautybarmedspa.com/store	1970-01-20 05:06:19	Name: dm_timezone_offset Value: 0
www.beautybarmedspa.com/store	1970-01-20 13:30:01	Name: dm_last_page_view Value: 1658665975598
www.beautybarmedspa.com/store	1970-01-20 13:30:01	Name: dm_this_page_view Value: 1658665975598
www.beautybarmedspa.com/store	1970-01-20 13:30:01	Name: dm_last_visit Value: 1658665975598
www.beautybarmedspa.com/store	1970-01-20 13:30:01	Name: dm_total_visits Value: 1
www.beautybarmedspa.com/store	1970-01-20 22:15:37	Name: _sp_id.5ee2 Value: 239554656f5a3972.1658665976.1.1658665978.1658665976
www.beautybarmedspa.com/store	1970-01-20 04:44:27	Name: _sp_ses.5ee2 Value: 1658667777670
www.beautybarmedspa.com/store	1970-01-23 20:24:45	Name: bowtieWebCookie Value: swiItxxu2Y
.beautybarmedspa.com/	1970-01-20 06:54:01	Name: _fbp Value: fb.1.1658665975579.781789113
.beautybarmedspa.com/	1970-01-20 06:54:01	Name: _gcl_au Value: 1.1.1263241113.1658665976
www.beautybarmedspa.com/	1970-01-22 00:32:25	Name: ag08rq5na46f9fsnjem1ir4s6r-agile-crm-guid Value: 9354eae1-8302-0125-3a21-f8afe0c53190
www.beautybarmedspa.com/	1969-12-31 23:59:59	Name: ag08rq5na46f9fsnjem1ir4s6r-agile-crm-session_id Value: 5fee3e50-f755-f4b6-e9cc-3bb2f07cfa30
www.beautybarmedspa.com/	1969-12-31 23:59:59	Name: ag08rq5na46f9fsnjem1ir4s6r-agile-crm-session_start_time Value: 55
.beautybarmedspa.com/	1970-01-20 22:15:37	Name: _ga Value: GA1.2.1485889207.1658665976
.beautybarmedspa.com/	1970-01-20 04:45:52	Name: _gid Value: GA1.2.1411243474.1658665976
.beautybarmedspa.com/	1970-01-20 04:44:26	Name: _gat_gtag_UA_125101325_1 Value: 1
.beautybarmedspa.com/	1970-01-20 04:44:26	Name: _gat_UA-125101325-1 Value: 1
www.beautybarmedspa.com/	1969-12-31 23:59:59	Name: ag08rq5na46f9fsnjem1ir4s6r-agile-session-webrules_v2 Value: %7B%26%2334%3Brule_id%26%2334%3B%3A5055841463828480%2C%26%2334%3Bcount%26%2334%3B%3A1%2C%26%2334%3Btime%26%2334%3B%3A1658665976354%7D
www.beautybarmedspa.com/	1970-01-22 00:32:25	Name: ag08rq5na46f9fsnjem1ir4s6r-agile-tags Value: newsletter
.beautybarmedspa.com/	1970-01-20 04:44:26	Name: _gat Value: 1
.squareup.com/	1970-01-21 07:01:13	Name: _savt Value: 512ce676-bc1f-4c3b-8197-67870a22938d
.beautybarmedspa.com/	1970-01-21 04:44:25	Name: _swa_u Value: 8c689444-0102-4d04-99a7-a0d88008152d
.beautybarmedspa.com/	1970-01-20 04:45:52	Name: paypal-offers--view-count-credit%2Cone-touch%2Creturn-shipping%2Cpurchase-protection Value: 1
analytics.sitewit.com/	1970-01-20 04:54:30	Name: AWSALBCORS Value: DKc5tbfE4rrzSunmTkPpDNjL/BLy5fHF8XXvXrRshNKcMRDRBHPrpiT2PXLsqYd9VtyCnpRTw9zhbPvVm2Ku0g+LSd5K/E7i3YbNJHQmBwBGf110nuxgslBSREcL
.paypalobjects.com/	1970-01-20 04:48:45	Name: paypal-offers--country Value: DE
.doubleclick.net/	1970-01-20 04:44:26	Name: test_cookie Value: CheckForPermission
.paypal.com/	1970-01-20 13:30:01	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 04:44:57	Name: LANG Value: de_DE%3BDE
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY1ODY2NTk3Mjc1MSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 04:48:45	Name: tsrce Value: targetingnodeweb
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3APQL6YHnybTXrNbCwCsxQU8mLwxSjzvML.NFNUSu84au0zSiYkIx5EQ2%2BNWxitbNN3j4TgP1RVgh8
.paypal.com/	1970-01-20 04:44:27	Name: l7_az Value: dcg02.phx
.paypalobjects.com/	1970-01-20 04:45:52	Name: paypal-offers--cust Value: null:null:null
.paypal.com/	1970-01-21 07:02:40	Name: ts Value: vreXpYrS%3D1753360372%26vteXpYrS%3D1658667772%26vr%3D3032344e1820a8a4cda33a24ffffffff%26vt%3D3032344e1820a8a4cda33a24fffffffe
.paypal.com/	1970-01-21 07:02:40	Name: ts_c Value: vr%3D3032344e1820a8a4cda33a24ffffffff%26vt%3D3032344e1820a8a4cda33a24fffffffe

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://s3.amazonaws.com/agilecrm/web-rules-static/responsive/scripts/simple-modal-min.js Message: Mixed Content: The page at 'https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194' was loaded over HTTPS, but requested an insecure element 'http://agilecrm.s3.amazonaws.com/agile-crm-logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194 Message: Mixed Content: The page at 'https://www.beautybarmedspa.com/store/Image-Skin-Care-Products-c46728194' was loaded over HTTPS, but requested an insecure element 'http://agilecrm.s3.amazonaws.com/agile-crm-logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agilecrm.s3.amazonaws.com
analytics.sitewit.com
app.multiscreenstore.com
beautybarmedspa.agilecrm.com
cdn.jsdelivr.net
cdn.materialdesignicons.com
cdnjs.cloudflare.com
chimpstatic.com
connect.facebook.net
d1dkdnyvras0l5.cloudfront.net
d1oxsl77a1kjht.cloudfront.net
d2j6dbq0eux0bg.cloudfront.net
d2scn539ulxr09.cloudfront.net
d32hwlnfiv2gyn.cloudfront.net
d3dq8sxcny4hg.cloudfront.net
ecomm.events
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
irp.cdn-website.com
js.squareup.com
lirp.cdn-website.com
messenger.mindbodyonline.com
ow.ly
s3.amazonaws.com
static-cdn.multiscreensite.com
static.cdn-website.com
stats.g.doubleclick.net
stats2.agilecrm.com
t.paypal.com
www.beautybarmedspa.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
104.89.44.137
108.138.7.63
13.248.205.93
13.32.99.173
13.33.244.94
142.250.186.66
143.204.89.125
151.101.193.21
151.101.194.133
151.101.65.35
18.64.79.13
18.66.112.9
18.66.242.187
2600:1f18:243f:2d01:137e:ccfb:6d82:44ab
2600:9000:21f3:6c00:1f:f560:8d00:21
2600:9000:224a:d800:1c:b536:2c40:21
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6813:e968
2a00:1450:4001:802::2004
2a00:1450:4001:806::2013
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c0c::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.67.141.185
3.67.22.251
52.217.131.168
52.217.174.201
52.222.206.108
54.173.147.65
54.183.131.91
89.187.169.15
0004d696bc128f7771397a7214e776822a6353758fa4cb78a88f0ae81f2b823f
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
060d04d52235f9383a1826968f3a7625d857a334274b24de0b6999cf0911d0ba
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
093b7ca0070fc98298e3c8f5486a3f50b7d7e8861b284502ecadd12a292ac7e4
0ceee87b4f5030bcea1406c18ab6534743fd5f65a37fafd864cc47af46ba79bc
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
0fa0c99c4e5831f46337bdcd3ae52f236140e25b2947ae2a65ed695a142e96c7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112363a0249d170a59361f48a8fee05b53f14ff3e859e03df92d4d8e08f88390
19e040138d629eb3b932daf82717c14a133c892ed994c0227a85a32c6ffed863
21ac34869bc0fe640b2e0d2c29b586026c69a54fea08c1461113324aa32d01ba
21bb6569f492035b154c97b87d8f28da53d1ca8738205a3a3719558e9e09b466
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
2a6d17d2003f86a050544e300b25d2dea9ce6fc9d2801e9570420c81944bc809
2c435409f30af7bc9f44fb3a07503ce693a8f626b5d4a3fde6295c6f90c3de01
2d400b1013acb25d1e69b865cff3deca919cb4039a2174825d9cb9150d53bd04
2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae
2e63958122778ec8bed91b0a4d274fe4bfb753abc8d3279c3f1649a0f0bd8629
2f1f544e0c2b181b03d1f35f594124b39426fcd7519812f2892f7217ece01358
342359f7df465170952f18c8403cd47c3a9f64175a59a35125dd7913c689aed6
37d91723ab0da3bd14856ee93966c6d1471ddc72d40ee3b4d43072541ff39420
385d1cfcf6efcd3f7c6fd61dff33145349041547d1cf7a3ada05ea253297b031
3e240f6295311b176c868e9292c140a4291bd3405984b7372bd34d4019cd00be
418e822edffb6cef62c964bf14c9654c1f474c07daf0335309cf299186c496f2
432d3ceb04bc5bb9c94242a57a06211ab0cbe6168af26354223a9b57df4266f0
45961f514ed5395016606b511a58360e9545f8bbfef63de3a7961ea016b88217
4737e970e7344d8bf4ee6760b4a0dd29c21c1899a7c34dbe1e10cb2893834f5a
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
49dc34084df3d9a0f1d74ae3c86ef12a247f82427a5cef21c1b8203fee7827ca
4a642da827ad3fb5b4bd419082f0b6da9e60654433368a9d3cb829058ba19f28
52b379b4036d6534dc3819c4f3507922743ced081671be2ed4fed9ac25966bc3
52dcb5625761df9bf503b34b6c50adb6cae62bbd1807843e67e1588a852402a1
548269cd9a18be58c3bc004473c05d8d3e7d09a0c695ec1626d247dadded7502
6033ddf0bf8992cf448cc97d586f669417896f1d743ed6b8e103ff110ebd65c2
60507e9b22e3bf0ec92e952301ffd66700ac166e5412ddb9d504d6539b892472
63efda770c44451c923c0a23417c559b397d962b569d3804fc26972e8b64d81a
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
64ef47987f568d82cc516003b792004e74cea759de0721e6ab48150d06875a44
67d0acf2903cd998d65a5be035da7d437acf902be34e2b77f15e5f028cd54972
6a0b6b79b4f8afe5801a48261da73974aaafc6d2dc19281476653df5081afbd7
6d1750205059a573a437b38c84bf7e3b1a3b5315f5b0e336ff015bba8e0d5e5c
6d57961d860e91829d77df1f33d1b9c3aff7dd64ac2b147c4bd30b95cdb1ecaa
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e0ecb6061f8c35d8f6688fd7d80a95d9a5cd54cbe3db81255c3a93035d39e02
6e2e557cfdf7a05389c23c9fda8daa535d6bed4f93e421e47a863c7331013bc9
75ab0375555d1baee100d6e95a8b9e2e3caa6b6422f27f42063bee2dee1ea5f9
7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6
78676e43ebdbd775493518539d6845a29690dbd80ae97b2907268ab257785eb1
795f14d50f9af41ebeb41e49df9f54ecf5bf8e69e7e6b5a3b037b886da8341c8
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7f803337d01a657607bca6b20e06f371c3895b36a5f2be03a8fa9b5e16c9a83e
80300cfba78c32dbcdf80c2d83f8e041891760035ea3cdf0f146c4391ca1d069
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87a3ea6f934b38d018e81a6c563c3ff7544e1ad5860f26933a17c08912bbd3fd
8820ab1a6f2f2e486c073f1c5c782a6b5cb5a6ab4b2bb640dcfe4808adb9ad70
8a11647096ba0a6902d63a1e2befe422234d0bcf30caf253d0553ee15d71c90e
8a866cd9640f5f8466fa723baafb4dcaa90e6303545b7d92a71532f6f5b53f2a
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8c1e90dad6a7cf7aea83622e85032b766db7470604ea348dfa966cdf443bc7b2
8fedd18ff9e95e44d9fe2aefd0929c62c0a9215dc989a7ec5d46b66646f731bd
950d13c3e8a9fd93e026afeec5ad6205e36d194aa1d8f062c0876a9f9c42405d
97321c5889e20d8afcfe93171ac4cb2fcca5a41bbe94cd001f2df6eb80562ff8
99ca3b50efe0483e0cf2777e71fed2933480afa8397d1b98fe2141f13ab0e5bd
9b1dbd0579fdc483d36e7b1e600c00f50c3920d97728804fce8b33cc67dd39d4
9e0ca708c3a324380d3093a55dd051cc762391c83db0f49f7674229672cde192
9e7bf1aee8741f917663e35f5f7baf7cc59a65088dd38e62cbce861f55e8f9b2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3fd05981a0c3de2a9a444448377474b00455094746abfec60bb97bf0e66ae4e
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aaa26a4ac399c70b0f7e6d431e32f0e68a51aff05e5632be15a0f61afa31ec34
aacd70b174941dd2787e8e34c62a120da1e47cb405881f561cc5b79742151b6d
ac95a02686ab5235cf3878938b3cb8529b2c16184a489d60d433609d7fe05f2e
ad8a7fa94e1d2bc6863ee25744c93b0b04467775d6eb0f98c96d1de2321a9ac2
ae31d2c42bca396f9ad140594890b16f599b6cd8f36c809adac8ebd5eb45b2e5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b08bd509fe04590bacc5070ac4deb7a7cd248a7c0a95b240e33230aa022c57cd
b2987547fe026699e4abdfdf85a044b0e691d7244142701b0d6267c2c3c366e0
b337b4723a05881b0fdbc54695b0558d288b13ab9d98ff45d091e51d78fd6ed0
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b40a70e5e9b42d2427e8ed934dd2483a7613dd65edb301147fabccde4fca56e5
b60bfbd12069dcb1ea2ac303e83145198a59b861043c48502982d4b0976330d7
b6ad8f4894150c85aa2a6158e918a26f119cba2e97ff2135a03eb1b3a4044230
b7caf6fa34e902c25c089f3d78618ef7dc0ffe3503ff5ee7a8c8c4fdca5badd4
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be100f383588f013b2b37c735d096150f4f8a10b738fc9406e7f5945da62e3eb
be116841280d8381e770e2150098cf2a163677ef06fd97d16c066660382302ce
be7891c253aaf59d47d6cf03f8fc9b676c3e554ec2446cbfa1fe8152ee03162e
c0171e6a9486f5f7710cb21082f97cbef0a73f98e184279c358d89e389f64fac
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c4e0fb1bef8e01c998672875a3c1b19c075bee93e026220978345bef27b56475
c648bc3960d36813170173b7a3d8ab456e4bfd21e534ceda639faf84ed59693a
c6508b1ee7bffea98b452068f42f14372e8ddd8251739abce45f8d08cbdcbafd
ca9034edc684caa1fc15365d70af446b04fa5dc9d76473f53c9f1d85098b118f
cc0e4f219f21626d1465ee04d03321771daafad17bc57d31a4727051b862f27b
cc259ff34f36bb8eec80d7433101f2c1d37c2389ccbd00aae1ef6e6ab1b36e2f
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6
ce47b22e768a937ac604165b4dcc87b15008b84593b23d7aa8f941e09950635e
cec59b540aab61309924e3ab9158d87e29ade42b01e61fa5aa772ccce1d85480
d3277aff75ec834488f6a9e5e4c37c4c6ebeb39c8c773f5b7187311e2302dab1
d9859d569817c66c40a6bce3169e1d99807d99bed396170b514d281eb9e56e42
dba727e7847adf3720b730ac7377085efe3aeac8375682402622fac36854d163
dc6ba0b2c1c2e22add0059cbe521ee4e15227d77cc8b49659022aaee46f6cca2
dcbc2f124830872e4c9d246f0ef81edff32732002ea3aa6fce6ee031649f3ccb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deeb717830ce49e1bab3452af8601f7958547a6781cc68e7512a7ef5af228d6a
dfdb1fb1f8379149d7d04ad2a2b6c695e64164aa6c60690d762b1531f49d08a7
e19c947ce048ea4864edcf0ca5d0095c04ae373961d9e22acc1c03dfaca94cfd
e260b9c304598205a322374408f2e2718acab63e585af74e41fb69179d3b4337
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a874f60ade0a9f657f172bc0d5f50695f011024f008a51bcbc545590ec8eb6
e66f326dafe1b0eb820ea77dd51099ee95ddfcd8d10b43ae784c1e39b6d7c838
e8a2fdc1e06e582200e5795c0654a220d9d31452fd034bcb598e23d5c58e035c
e8e4e1f414f2a790771c5713eb9335d443a9c28ae1ef920d96fd174c56125fc8
ed65b5428ab2a5530280232bc6b31854e63395734447a8ba651848af52d1a609
ede606de6a58fb1b3ec8e90396c348f7ad3182397b381ee4fb8e79354f9f7915
ee7d5d599473bc8f60be449f90567a0b4da2b6598879a5ffefe2f311e60a6b18
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f
f46527de0b6a85a4b718a47084fd60a6465fb0da81cf178e23ae1cdbd652fedc
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
f71bb2b908c2cf3da70140c2b654c4323079aa761fba0ddc601023dbe19f898e
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa1a3a6a9ce769eb2d8a884f1d222144d009fa50866cc6d10c176a0ce764c8f8
fb615afc947f23d9dad13ff0851050dce4f4d642dc32cbf5b96b9c7e1309e8b5
fbc9938e7f80cc983bbdfe777b736364fec34f493d20a81f84b5c67b6bc0c24e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffb2d7d0d1616a17ce3404840a418b61bf59a7bb1904ba66cfe3a3c443aaa8d9

www.beautybarmedspa.com Open in urlscan Pro 3.67.141.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

171 Requests

99 %HTTPS

45 %IPv6

28 Domains

39 Subdomains

36 IPs

3 Countries

4533 kBTransfer

14042 kBSize

35 Cookies

7 Outgoing links

Page URL History

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.beautybarmedspa.com Open in urlscan Pro
3.67.141.185 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

99 %
HTTPS

45 %
IPv6

28
Domains

39
Subdomains

36
IPs

3
Countries

4533 kB
Transfer

14042 kB
Size

35
Cookies

171 HTTP transactions
0 data transactions