prettyexquisite.bondlayer.com Open in urlscan Pro
52.16.71.118  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response prettyexquisite.bondlayer.com/	13 KB 5 KB	562ms 197ms	Document text/html	52.16.71.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prettyexquisite.bondlayer.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.16.71.118 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-16-71-118.eu-west-1.compute.amazonaws.com Software openresty / Resource Hash cd9b236f57af6fca0c28fbe49644cd396b9649515862627939a319baa4483bae Security Headers Name Value Content-Security-Policy manifest-src *; default-src 'self' blob:; media-src * data: blob:; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: blob: data:; img-src * 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; frame-src *; connect-src https: wss:; object-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Security-Policy manifest-src *; default-src 'self' blob:; media-src * data: blob:; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: blob: data:; img-src * 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; frame-src *; connect-src https: wss:; object-src 'none' Content-Type text/html Date Wed, 03 Jan 2024 11:10:15 GMT ETag W/"0a3e4eaff1ed3701c7ff1f4450691f32" Last-Modified Tue, 02 Jan 2024 18:17:23 GMT Referrer-Policy strict-origin-when-cross-origin Server openresty Strict-Transport-Security max-age=31536000; includeSubDomains Transfer-Encoding chunked Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block x-amz-meta-surrogate-key prettyexquisite.bondlayer.com x-amz-version-id null
GET H2	200	styles.css cdn.bndlyr.com/sdwus5adfhxnxgck/_s/	121 KB 16 KB	406ms 296ms	Stylesheet text/css	104.26.10.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bndlyr.com/sdwus5adfhxnxgck/_s/styles.css?v=1704219436346 Requested by Host: prettyexquisite.bondlayer.com URL: https://prettyexquisite.bondlayer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.227 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8bfc23d7667f066a58eeb6ce16a40da02574dfd24117d5ea5d97aa3d7eb912c5 Request headers accept-language en-US,en;q=0.9 Referer https://prettyexquisite.bondlayer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 11:10:16 GMT x-amz-version-id tN3MyTI.H8eM4Zz4M1DQ0g28neJb2KxN content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CRS3HQEH928Y4Z9V age 60712 x-amz-server-side-encryption AES256 x-amz-id-2 dzwdj4aBBnYK6nzlmwpoDJoW7zGBqH8SuL/HlAYMvQiROLnzfzT+9AslS9WBEhUfCICm1/Hti9A= last-modified Tue, 02 Jan 2024 18:17:19 GMT server cloudflare etag W/"862b463c1c2a9bb45ce7437bed043ee5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVF1JfEnp8MXIBGGVRCmUQu9CxepJ%2F9XKebY9i5BbwlA0ujeEuUmGnKF6dbLrDD44bjMrI453WM11%2BctpnSdFrbS7Fx%2BWjaPVp9Ew9MCPFr7rk34Hz2bTiMLAXbODVqJ"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31536000 cf-ray 83facb56adee46c6-DFW
GET H2	200	styles.inline.css cdn.bndlyr.com/sdwus5adfhxnxgck/_s/	1 KB 1 KB	163ms 52ms	Stylesheet text/css	104.26.10.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bndlyr.com/sdwus5adfhxnxgck/_s/styles.inline.css?v=1704219436346 Requested by Host: prettyexquisite.bondlayer.com URL: https://prettyexquisite.bondlayer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.227 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a20f792a1b3df109e6640bc6a8c6eaa08b62aeb56f48a346229aa8e2440b8a7c Request headers accept-language en-US,en;q=0.9 Referer https://prettyexquisite.bondlayer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 11:10:16 GMT x-amz-version-id R6lJY_MFXuy2Td8vb1wNvoXb1u6dD8Rt content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CRS1DVG2A5NW6PCB age 60712 x-amz-server-side-encryption AES256 x-amz-id-2 HbVpHjUpxze3eakGzw6jRMH7mNyDLWTUy9NsPxdvQqrl5VGmjn4TGxIki5S3zzZXuSJz3ltC9To= last-modified Tue, 02 Jan 2024 18:17:19 GMT server cloudflare etag W/"0c4b9dff75a088acdbbbf3739e9cb78b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKGbwrO3Y3xrOW3lJ9%2FDnY3H32xSuF8A74VsXBpWDQmg2Liz5yeK8fLq%2B2x1BZ0msKccDeCiKULugCwc8YKaDG5fya%2BMOX7zKgQG%2BOpD9rSJJl0o4z1AUvp3jWHMbqQL"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31536000 cf-ray 83facb56adef46c6-DFW
GET H2	200	logo_trim.png cdn.bndlyr.com/sdwus5adfhxnxgck/_assets/	11 KB 11 KB	290ms 180ms	Image image/png	104.26.10.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bndlyr.com/sdwus5adfhxnxgck/_assets/logo_trim.png Requested by Host: prettyexquisite.bondlayer.com URL: https://prettyexquisite.bondlayer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.227 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3f6721998c270da7efff145ee9bb58c3a163da859bde75986e69957c5ec8167 Request headers accept-language en-US,en;q=0.9 Referer https://prettyexquisite.bondlayer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 11:10:16 GMT x-amz-meta-cache-control max-age=31536000 x-amz-version-id JsMq0SGLWrkoR8iqN32YtegW8RiqVBkY nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT x-amz-request-id CRS0ZZSJV9C2QNWT age 60712 x-amz-server-side-encryption AES256 content-length 11066 x-amz-id-2 Pk6h3uVQVgDa+XcWJGCVEkBG8LAnfeZU0sM/i0a2L7qlG5sjkajZwRu1MKSIaEAxGDzCiokZIBw= last-modified Mon, 13 Feb 2023 09:10:35 GMT server cloudflare etag "9d4859dbe17256af9dff15b61dfb59f0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quSPhfBLgnqhrQgQ%2FqpsG2XBpaI6uFIW5I%2FH7QJGQZF2S3E5rtiQTDvRYCz0KKFtUvYD18PkjKhRWuNkIbdvekfqoYsgo5Hf1XsW%2B2AkRXH56WMI2LvoMWokio%2FI0IEy"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 83facb56adf346c6-DFW
GET H2	200	logo_trim_white.png cdn.bndlyr.com/sdwus5adfhxnxgck/_assets/	24 KB 25 KB	406ms 296ms	Image image/png	104.26.10.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bndlyr.com/sdwus5adfhxnxgck/_assets/logo_trim_white.png Requested by Host: prettyexquisite.bondlayer.com URL: https://prettyexquisite.bondlayer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.227 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e489e31bb84a6e7517864f8aee883f4d62acf8633d26fff4b7cafb92f62a1f55 Request headers accept-language en-US,en;q=0.9 Referer https://prettyexquisite.bondlayer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 11:10:16 GMT x-amz-meta-cache-control max-age=31536000 x-amz-version-id 8P33dR5iPMCtnRcbkoPTb5qHEc.zAslN nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT x-amz-request-id CRS5KQ7P5M119R9V age 60712 x-amz-server-side-encryption AES256 content-length 24825 x-amz-id-2 VT1MWU5fPog3keby9eraEbcibKF8pfCl1oiy2VFpaI74qmzB6uRIFil7hUh66T4tFTlmMwNjA9I= last-modified Mon, 13 Feb 2023 11:16:59 GMT server cloudflare etag "d0bb1ef4fa444fc0a3c9eaac76c1f0cf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzmHWae9bwyxnH1XGfy06q1u1pxbvoX3bAmzKyYFBWvUVeFG89KAl7OhGNP7K%2BSKP%2FDOVQI79JX%2FlgQspQbqvsu7UpSIP9sVZEJLzlWiuJQe9Y5Lk6h0jnrEnCxvxG3F"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 83facb56adf146c6-DFW
GET H2	200	1676280551620-homebg.png cdn.bndlyr.com/sdwus5adfhxnxgck/_assets/	5 MB 5 MB	164ms 54ms	Image image/png	104.26.10.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bndlyr.com/sdwus5adfhxnxgck/_assets/1676280551620-homebg.png Requested by Host: prettyexquisite.bondlayer.com URL: https://prettyexquisite.bondlayer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.227 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab013d1739254a0b09e2bd65ab1e83ab6355f57820d27182f7109547d6fcff94 Request headers accept-language en-US,en;q=0.9 Referer https://prettyexquisite.bondlayer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 11:10:16 GMT x-amz-meta-cache-control max-age=31536000 x-amz-version-id ng.oCPvibuboNrsdxNOM9Yo.EGMvU_U9 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT x-amz-request-id CRS788MT3CCAGTKH age 60712 x-amz-server-side-encryption AES256 content-length 5008949 x-amz-id-2 EkTBGE109B8YjhRQngExyB0L42rGswFjYHahOs6bWK4ehzTi020r8OGrC6ABA0NBalGZ8nDMYrs= last-modified Mon, 13 Feb 2023 09:29:17 GMT server cloudflare etag "5871655a34751206362aa9afd16f992c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3gVfNU%2BcopJW9%2FclgjRtiLbQQGMXZgqs1fi%2FjokyKN6zzg1x%2BEE9H6LWgh2uSyFe7%2FPnBiDJoDuTfk3auFNoR%2Bg3KONoktd4nA5WO9r6jBwEA%2FzHSSqxPmVDWhEte4t"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 83facb56adf046c6-DFW
GET H2	200	boot.v202312281858.js Show response cdn.bndlyr.com/royale/	2 KB 1 KB	162ms 53ms	Script text/javascript	104.26.10.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bndlyr.com/royale/boot.v202312281858.js Requested by Host: prettyexquisite.bondlayer.com URL: https://prettyexquisite.bondlayer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.227 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b044c3ec299f1263c688a7dd59221e3e0a266ef80981790a76d642dae1db23b3 Request headers accept-language en-US,en;q=0.9 Referer https://prettyexquisite.bondlayer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 11:10:16 GMT x-amz-version-id y8CCMAaOydybIm9hoHh7360xNiiU5IsV content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id VX8DRVVSA6PC942P age 489067 x-amz-server-side-encryption AES256 x-amz-id-2 Msptf25yTcPPbxNK8SgFQ4Vi839hwtCksw2J94PnS73FzayX/Lj4V4IFPMXFAAAiZk2f9+grBNw= last-modified Thu, 28 Dec 2023 18:58:58 GMT server cloudflare etag W/"e807dcfa9797a6f510756e92afbcaa20" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewMhSAFYVqXMWKbwrJs9ye1XB5rW5EZU%2FG1OBqPL7puAH1T9luSDYt2jB%2BexaMLgJqTLZXdGpn48GQJU%2FDtrT4qF7K0Png%2FpwD6uj5kLEoOv5V0CPYPzz8YJKJq8GXT5"}],"group":"cf-nel","max_age":604800} content-type text/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 83facb56adf246c6-DFW
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	280ms 99ms	Stylesheet text/css	142.250.176.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?display=swap&family=Inter:700,400,300%7CCabin:400%7CGayathri:400 Requested by Host: cdn.bndlyr.com URL: https://cdn.bndlyr.com/sdwus5adfhxnxgck/_s/styles.css?v=1704219436346 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.176.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f10.1e100.net Software ESF / Resource Hash 76f8b7a41d9fa795241a51e57535343f65cc5149b1a06a9354ce15e4f7a6947f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cdn.bndlyr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 03 Jan 2024 11:10:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 03 Jan 2024 11:10:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 03 Jan 2024 11:10:16 GMT
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v13/	46 KB 46 KB	276ms 83ms	Font font/woff2	142.250.80.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?display=swap&family=Inter:700,400,300%7CCabin:400%7CGayathri:400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f3.1e100.net Software sffe / Resource Hash 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://prettyexquisite.bondlayer.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 04:11:47 GMT x-content-type-options nosniff age 25109 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46704 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:49:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 02 Jan 2025 04:11:47 GMT
GET H2	200	content.homepage_0.js Show response cdn.bndlyr.com/sdwus5adfhxnxgck/_s/	16 KB 7 KB	52ms 51ms	Script application/javascript	104.26.10.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bndlyr.com/sdwus5adfhxnxgck/_s/content.homepage_0.js?v=1704219441878 Requested by Host: cdn.bndlyr.com URL: https://cdn.bndlyr.com/royale/boot.v202312281858.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.227 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d38a02be58787e26413662fd0933dcd9b0d0a20cd54c17f9d4a711d9abf6fc2 Request headers accept-language en-US,en;q=0.9 Referer https://prettyexquisite.bondlayer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 11:10:16 GMT x-amz-version-id FzMkbhf8NGDs3G2aKKQmu_Qvjtjkgntv content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id RD2ABMSP7Q9M1AP9 age 60711 x-amz-server-side-encryption AES256 x-amz-id-2 Drn7qM7+LMCIxrAuo2rCGxnd458SS59tUnlHq87w5NZISTXzs1V0D4WtM2SoIGvbP33XNs+Td3I= last-modified Tue, 02 Jan 2024 18:17:22 GMT server cloudflare etag W/"19ff3c2617bb5e85af19c432c050eae1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYDyEkdB7%2BgV6N2k9MxhfjO6Ah7gFdfAyudsXFKNGA7DW0%2FhwLI0xZbcsWhX4UoyqfEE6Pc%2BS58tSoPACqebbxjLqz6VwlHNlWPclb4TlLBGq78a6cHsB3zl8xKWLtUO"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 83facb5a6fdb46c6-DFW
GET H2	200	struct.js Show response cdn.bndlyr.com/sdwus5adfhxnxgck/_s/	145 KB 21 KB	54ms 54ms	Script text/javascript	104.26.10.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bndlyr.com/sdwus5adfhxnxgck/_s/struct.js?v=1704219436346 Requested by Host: cdn.bndlyr.com URL: https://cdn.bndlyr.com/royale/boot.v202312281858.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.227 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9f7b6e545ecce72b324c351559d54300294e8a8b040819121c9c063e7ddb3c7 Request headers accept-language en-US,en;q=0.9 Referer https://prettyexquisite.bondlayer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 11:10:16 GMT x-amz-version-id SumSGMNlW4CJtLVb8o7dAgSD8OEnlCkf content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id RD237TPTHCJ2QE4V age 60711 x-amz-server-side-encryption AES256 x-amz-id-2 WvLS39nQ7KH95TuOkHw7yJdbAQNvTc4hCKG/OVZCx0a8TTNJg7QGMzGtYHuAWfKgb3YZm7l1Gcg= last-modified Tue, 02 Jan 2024 18:17:18 GMT server cloudflare etag W/"0c9ecca6656e8e85acf112a26b02533e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2bqE3%2FNsXklSd4cmcLJT8xpENUvNYVia2T9GqL2kvN8rDS3%2FqEjyq%2B6%2B8SHR%2FynoLR2ffLsVSa11xDK9keuY0RpXFYdBYmHmMNQE9IzH4ZgyvH%2BsMuCDTl8NfFtkhQ3"}],"group":"cf-nel","max_age":604800} content-type text/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 83facb5b887146c6-DFW
GET H2	200	webplayer.v202312281858.js Show response cdn.bndlyr.com/royale/	831 KB 222 KB	65ms 64ms	Script text/javascript	104.26.10.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bndlyr.com/royale/webplayer.v202312281858.js Requested by Host: cdn.bndlyr.com URL: https://cdn.bndlyr.com/royale/boot.v202312281858.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.227 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1f8a0a115cf21d2d78efb96ca3d3826c9cb010b2440138d4ab02243e81ff62e Request headers accept-language en-US,en;q=0.9 Referer https://prettyexquisite.bondlayer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 11:10:16 GMT x-amz-version-id Q0AD4jTe2u6zE65kyo3f_f4gmcLbRCLj content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id YPTZ8XBV5BM90FGD age 489055 x-amz-server-side-encryption AES256 x-amz-id-2 tZwT8DHp+pD8CeQP9LNgiLsk5M5GNPIk68067UVliRAESHilRmWCDppYC8DLus0ovink33J462o= last-modified Thu, 28 Dec 2023 18:58:58 GMT server cloudflare etag W/"f5b4183ea02c98a58494fb9833a1639c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsHO45P2J31hrPDq38tudLZk6OcpgEGETTC33XP7a%2BBE%2Bx5Uu0JJu786fnPFytECbYeJQuVChOtQJutR1%2FM3DzA98r31o9SF67DWyTL0x%2FlnzocFyy7XJLY50LUh0ept"}],"group":"cf-nel","max_age":604800} content-type text/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 83facb5bf89d46c6-DFW
GET H2	200	scripts.inline.js Show response cdn.bndlyr.com/sdwus5adfhxnxgck/_s/	154 B 551 B	53ms 52ms	Script text/javascript	104.26.10.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bndlyr.com/sdwus5adfhxnxgck/_s/scripts.inline.js?v=1704219436346 Requested by Host: cdn.bndlyr.com URL: https://cdn.bndlyr.com/royale/webplayer.v202312281858.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.227 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6e044260562fd94e456a5030daf0a2bb0802bf58c8c40c9eff9c2aaa62fd8db8 Request headers accept-language en-US,en;q=0.9 Referer https://prettyexquisite.bondlayer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 11:10:17 GMT x-amz-version-id PtB4Zpxx4v6ZYT8913M3KwJGk9FFC3.W content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id D13WVS3KTD7XBC43 age 60710 x-amz-server-side-encryption AES256 x-amz-id-2 jx+E9WANw1223ykZhCRW6tCJGJX85bOOoIHQ/Du3MWuNsUV0eOjA9peOABJtwZ+xCWlth7fXOVk= last-modified Tue, 02 Jan 2024 18:17:18 GMT server cloudflare etag W/"a16a37e5304235aaa98dfd392bc52d18" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GttBAhCdWpmgZoZhk8vbvu6glrWf%2BltFHEEURSLR0wcRzkzMUE8ZlZLtvhtGPffa095gCCMTotDz%2Fsraad5N25%2FGcl0Tfsh9uR9ySDsHe%2BRuwzny7TxVQcx8A7BlKb6L"}],"group":"cf-nel","max_age":604800} content-type text/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 83facb5d28fe46c6-DFW
GET H2	200	js Show response www.googletagmanager.com/gtag/	268 KB 90 KB	380ms 105ms	Script application/javascript	142.251.40.168 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-NFQHJ7YRW3 Requested by Host: cdn.bndlyr.com URL: https://cdn.bndlyr.com/royale/boot.v202312281858.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.168 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s81-in-f8.1e100.net Software Google Tag Manager / Resource Hash 18386cd5f9cb56ddd9fe03fdb9d12c78c4e2c2af428989492d1417ca6254e43b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://prettyexquisite.bondlayer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 11:10:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 91509 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 03 Jan 2024 11:10:17 GMT
OPTIONS H2	204	trk us-central1-bndlyr.cloudfunctions.net/likes/	0 0	271ms 71ms	Preflight text/html	216.239.36.54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-bndlyr.cloudfunctions.net/likes/trk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.36.54 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://prettyexquisite.bondlayer.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://prettyexquisite.bondlayer.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Wed, 03 Jan 2024 11:10:17 GMT function-execution-id fr6q0mcef7tg server Google Frontend vary Origin, Access-Control-Request-Headers x-cloud-trace-context e479381d45cf08930685cd9c24d6654a x-powered-by Express
POST H2	200	trk Show response us-central1-bndlyr.cloudfunctions.net/likes/	215 B 294 B	189ms 186ms	XHR application/json	216.239.36.54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-bndlyr.cloudfunctions.net/likes/trk Requested by Host: cdn.bndlyr.com URL: https://cdn.bndlyr.com/royale/webplayer.v202312281858.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.36.54 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Express Resource Hash fde9e67e8beed8e3fe7de7fc995e229a3c857d85dfdf9191d4e957da7a039232 Request headers Referer https://prettyexquisite.bondlayer.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Wed, 03 Jan 2024 11:10:17 GMT content-encoding gzip server Google Frontend x-powered-by Express etag W/"d7-FF667+T4qMRNZeZuBgigLzT0Bdw" vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://prettyexquisite.bondlayer.com x-cloud-trace-context 0e846e4d2fae2dfa432778553f1a8cc0 cache-control private function-execution-id fr6q4hzlrbho alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 120
POST H2	204	collect www.google-analytics.com/g/	0 264 B	258ms 92ms	Ping text/plain	142.250.65.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-NFQHJ7YRW3&gtm=45je3bt0v9108411844&_p=1704280216684&gcd=11l1l1l1l1&dma=0&cid=661690893.1704280218&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704280217&sct=1&seg=0&dl=https%3A%2F%2Fprettyexquisite.bondlayer.com%2F&dt=Pretty%20Exquisite%20-%20Consultoria%20de%20Imagem%20-%20Maquilhagem%20e%20Beleza%20-%20Porto%2C%20Portugal&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2277 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-NFQHJ7YRW3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f14.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://prettyexquisite.bondlayer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Wed, 03 Jan 2024 11:10:17 GMT server Golfe2 content-type text/plain access-control-allow-origin https://prettyexquisite.bondlayer.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| BndLyrScripts object| BndLyrStyles object| BndLyrConfig object| BndLyrUserScripts boolean| isB function| gtag object| dataLayer string| GOOGLE_MAPS_KEY object| BndLyrContent object| BndLyrStruct number| SwipeIndex object| lazySizes function| _ object| allowClickTimer boolean| allowClick object| React object| ReactDOM function| component object| lazySizesConfig object| BndForms function| $ function| $$ function| $bl object| STRUCT object| CONTENT object| Immutable object| bond function| forceRender function| Render function| Bootstrap object| hash number| awaitScroll object| afterHashChange object| navStack function| parseRoute function| setPrintViewport boolean| didScroll object| loadTriggers object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bondlayer.com/	1970-01-21 03:00:40	Name: _ga_NFQHJ7YRW3 Value: GS1.1.1704280217.1.0.1704280217.0.0.0
			.bondlayer.com/	1970-01-21 03:00:40	Name: _ga Value: GA1.1.661690893.1704280218

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	manifest-src *; default-src 'self' blob:; media-src * data: blob:; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: blob: data:; img-src * 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; frame-src *; connect-src https: wss:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.bndlyr.com
fonts.googleapis.com
fonts.gstatic.com
prettyexquisite.bondlayer.com
us-central1-bndlyr.cloudfunctions.net
www.google-analytics.com
www.googletagmanager.com
104.26.10.227
142.250.176.202
142.250.65.206
142.250.80.35
142.251.40.168
216.239.36.54
52.16.71.118
18386cd5f9cb56ddd9fe03fdb9d12c78c4e2c2af428989492d1417ca6254e43b
6e044260562fd94e456a5030daf0a2bb0802bf58c8c40c9eff9c2aaa62fd8db8
76f8b7a41d9fa795241a51e57535343f65cc5149b1a06a9354ce15e4f7a6947f
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8bfc23d7667f066a58eeb6ce16a40da02574dfd24117d5ea5d97aa3d7eb912c5
9d38a02be58787e26413662fd0933dcd9b0d0a20cd54c17f9d4a711d9abf6fc2
a20f792a1b3df109e6640bc6a8c6eaa08b62aeb56f48a346229aa8e2440b8a7c
a3f6721998c270da7efff145ee9bb58c3a163da859bde75986e69957c5ec8167
a9f7b6e545ecce72b324c351559d54300294e8a8b040819121c9c063e7ddb3c7
ab013d1739254a0b09e2bd65ab1e83ab6355f57820d27182f7109547d6fcff94
b044c3ec299f1263c688a7dd59221e3e0a266ef80981790a76d642dae1db23b3
c1f8a0a115cf21d2d78efb96ca3d3826c9cb010b2440138d4ab02243e81ff62e
cd9b236f57af6fca0c28fbe49644cd396b9649515862627939a319baa4483bae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e489e31bb84a6e7517864f8aee883f4d62acf8633d26fff4b7cafb92f62a1f55
fde9e67e8beed8e3fe7de7fc995e229a3c857d85dfdf9191d4e957da7a039232