www.herocosmetics.us Open in urlscan Pro
23.227.38.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.herocosmetics.us/
Effective URL:
https://www.herocosmetics.us/
Submission: On December 23 via api (December 23rd 2022, 5:04:05 am UTC) from US — Scanned from US

Summary HTTP 316 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 67 IPs in 6 countries across 84 domains to perform 316 HTTP transactions. The main IP is 23.227.38.74, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is www.herocosmetics.us. The Cisco Umbrella rank of the primary domain is 773817.
TLS certificate: Issued by R3 on October 28th 2022. Valid for: 3 months.

This is the only time www.herocosmetics.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
57	185.146.173.22 185.146.173.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.120.58.162 34.120.58.162	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 5	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
18	2606:4700:20:... 2606:4700:20::681a:44f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:220... 2600:9000:2209:3800:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
4	2600:9000:212... 2600:9000:2120:ba00:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.35.93.21 13.35.93.21	16509 (AMAZON-02) (AMAZON-02)
4	23.44.237.147 23.44.237.147	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:303... 2606:4700:3031::ac43:aad3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2607:f8b0:400... 2607:f8b0:4004:c1d::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1	23.227.38.33 23.227.38.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
10	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.144.208 172.64.144.208	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.18.37.231 104.18.37.231	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	108.138.113.246 108.138.113.246	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
1 5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1	52.3.115.198 52.3.115.198	14618 (AMAZON-AES) (AMAZON-AES)
7	2600:9000:24f... 2600:9000:24f1:d200:a:78b:4e00:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
2	2600:1400:900... 2600:1400:9000:281::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1400:900... 2600:1400:9000:2ab::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:21d... 2600:9000:21dd:600:1:d5ae:c900:21	16509 (AMAZON-02) (AMAZON-02)
1	52.219.108.202 52.219.108.202	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e4:... 2606:4700:e4::ac40:a41c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.146.173.20 185.146.173.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	38.91.101.241 38.91.101.241	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
5	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.138.106.101 108.138.106.101	16509 (AMAZON-02) (AMAZON-02)
1	146.75.36.157 146.75.36.157	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
2	2600:1400:900... 2600:1400:9000:28c::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 39	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2	192.229.163.223 192.229.163.223	15133 (EDGECAST) (EDGECAST)
3	52.6.11.66 52.6.11.66	14618 (AMAZON-AES) (AMAZON-AES)
1	3.210.215.82 3.210.215.82	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
10	146.75.38.109 146.75.38.109	54113 (FASTLY) (FASTLY)
1	18.164.96.87 18.164.96.87	16509 (AMAZON-02) (AMAZON-02)
3 3	68.67.179.153 68.67.179.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	199.187.193.166 199.187.193.166	47043 (SMARTADSE...) (SMARTADSERVER)
1 1	13.225.214.84 13.225.214.84	16509 (AMAZON-02) (AMAZON-02)
2 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 1	104.126.112.185 104.126.112.185	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	54.175.87.114 54.175.87.114	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.7.71.60 52.7.71.60	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:612... 2600:1f18:612b:4200:4221:38a7:d65:6c93	14618 (AMAZON-AES) (AMAZON-AES)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
2 2	63.251.28.233 63.251.28.233	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 1	13.35.97.222 13.35.97.222	16509 (AMAZON-02) (AMAZON-02)
1	34.195.206.195 34.195.206.195	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.6.137.170 52.6.137.170	14618 (AMAZON-AES) (AMAZON-AES)
1	54.86.6.241 54.86.6.241	14618 (AMAZON-AES) (AMAZON-AES)
1	198.54.201.131 198.54.201.131	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1 1	3.222.151.93 3.222.151.93	14618 (AMAZON-AES) (AMAZON-AES)
2 2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.206.189.9 52.206.189.9	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
1 1	52.23.75.135 52.23.75.135	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
2 2	192.35.249.137 192.35.249.137	11742 (SPOTX-IAD) (SPOTX-IAD)
1 1	54.144.126.234 54.144.126.234	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.14.240.28 3.14.240.28	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
1	52.45.90.70 52.45.90.70	14618 (AMAZON-AES) (AMAZON-AES)
2 2	13.33.60.9 13.33.60.9	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
2 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1 1	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
1 1	45.79.141.248 45.79.141.248	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
2 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	108.138.128.36 108.138.128.36	16509 (AMAZON-02) (AMAZON-02)
20	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
24	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2600:1402:b80... 2600:1402:b800:43::1730:a297	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	52.49.37.246 52.49.37.246	16509 (AMAZON-02) (AMAZON-02)
1	18.164.96.54 18.164.96.54	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
316	67

14 23.227.38.74 (Ottawa, Canada) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.herocosmetics.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 185.146.173.22 (Sweden)

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.58.162 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 162.58.120.34.bc.googleusercontent.com

shopify-gtm-suite.getelevar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::15 (United States) 1 redirects

ASN15169 (GOOGLE, US)

ssapi.herocosmetics.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:20::681a:44f (United States)

ASN13335 (CLOUDFLARENET, US)

cld.accentuate.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:3800:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2120:ba00:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.93.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-21.jfk50.r.cloudfront.net

static.myshlf.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.44.237.147 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-237-147.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:aad3 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.streetmetrics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9b (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.33 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: checkout.shopify.com

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.208 (United States)

ASN13335 (CLOUDFLARENET, US)

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.37.231 (None, )

ASN13335 (CLOUDFLARENET, US)

hero.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.113.246 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-113-246.jfk50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.115.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-115-198.compute-1.amazonaws.com

loyalty.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:24f1:d200:a:78b:4e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

creatives.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:809::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:9000:281::1d72 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:9000:2ab::1d72 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn-loyalty.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:600:1:d5ae:c900:21 (United States)

ASN16509 (AMAZON-02, US)

d275fvz7g8rvo.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.108.202 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

pc-quiz.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:a41c (United States)

ASN13335 (CLOUDFLARENET, US)

app.backinstock.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.146.173.20 (Sweden)

ASN13335 (CLOUDFLARENET, US)

geolocation-recommendations.shopifyapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.101.241 (New York, United States)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: us-ny-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

herocosmetics.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-101.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:9000:28c::1931 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 52.46.155.104 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.163.223 (United States)

ASN15133 (EDGECAST, US)

cdn-swell-assets.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.6.11.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-11-66.compute-1.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.215.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-215-82.compute-1.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 146.75.38.109 (Reston, United States)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.179.153 (Secaucus, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.166 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.84 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-84.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.112.185 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.175.87.114 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.71.60 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-71-60.compute-1.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:4221:38a7:d65:6c93 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.28.233 (United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.97.222 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-97-222.jfk50.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.206.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-206-195.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.137.170 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-137-170.compute-1.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.6.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-6-241.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.54.201.131 (United States)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-01-pub-prod-nyc.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.151.93 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-151-93.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.206.189.9 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-189-9.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.23.75.135 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-75-135.compute-1.amazonaws.com

px.surveywall-api.survata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.43 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.35.249.137 (Ashburn, United States) 2 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.126.234 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-126-234.compute-1.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.14.240.28 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-14-240-28.us-east-2.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.81.226 (Glen Cove, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.90.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-90-70.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.60.9 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-9.ewr52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.33.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 2 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.197.56 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.141.248 (Cedar Knolls, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-15.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-36.jfk50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player-telemetry.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1402:b800:43::1730:a297 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)

117vod-adaptive.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.37.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-37-246.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-54.jfk50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.247.241.14 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 1743	2 MB
39	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 273	26 KB
26	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 3310 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3303 i.vimeocdn.com — Cisco Umbrella Rank: 3218	532 KB
20	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 336	61 KB
19	herocosmetics.us 2 redirects www.herocosmetics.us — Cisco Umbrella Rank: 773817 ssapi.herocosmetics.us	197 KB
18	accentuate.io cld.accentuate.io — Cisco Umbrella Rank: 40394	427 KB
16	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 3322 hero.attn.tv creatives.attn.tv — Cisco Umbrella Rank: 5923	257 KB
13	vimeo.com vimeo.com — Cisco Umbrella Rank: 1737 player.vimeo.com — Cisco Umbrella Rank: 1896 player-telemetry.vimeo.com — Cisco Umbrella Rank: 7722	61 KB
10	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1914 ekr.zdassets.com — Cisco Umbrella Rank: 2208	438 KB
8	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 2829 static-tracking.klaviyo.com — Cisco Umbrella Rank: 3553	43 KB
7	yotpo.com loyalty.yotpo.com — Cisco Umbrella Rank: 40446 staticw2.yotpo.com — Cisco Umbrella Rank: 5603 cdn-loyalty.yotpo.com — Cisco Umbrella Rank: 11913 cdn-swell-assets.yotpo.com — Cisco Umbrella Rank: 10930 p.yotpo.com — Cisco Umbrella Rank: 5511	519 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 775	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	4 KB
5	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 948	2 KB
4	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 221	2 KB
4	akamaized.net 117vod-adaptive.akamaized.net — Cisco Umbrella Rank: 113236	799 KB
4	shopifysvc.com monorail-edge.shopifysvc.com — Cisco Umbrella Rank: 2727
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 643 script.hotjar.com — Cisco Umbrella Rank: 811 vars.hotjar.com — Cisco Umbrella Rank: 936 in.hotjar.com — Cisco Umbrella Rank: 1734	73 KB
4	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	3 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 792	99 KB
3	pubmatic.com 3 redirects image2.pubmatic.com — Cisco Umbrella Rank: 852 image6.pubmatic.com — Cisco Umbrella Rank: 716	977 B
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 279 cms.analytics.yahoo.com — Cisco Umbrella Rank: 833	1 KB
3	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419	2 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
3	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 4792	21 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 371	12 KB
3	gstatic.com fonts.gstatic.com	86 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	132 KB
2	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 1180	2 KB
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1107	1 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 335	723 B
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 411	400 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 154	639 B
2	serving-sys.com 2 redirects bs.serving-sys.com — Cisco Umbrella Rank: 1238 lm.serving-sys.com — Cisco Umbrella Rank: 1839	779 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 562	997 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 566	999 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 204	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 309 token.rubiconproject.com — Cisco Umbrella Rank: 563	1 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2234	876 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 559 usermatch.krxd.net — Cisco Umbrella Rank: 1329	358 B
2	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 595	1 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net — Cisco Umbrella Rank: 1565	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 282	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 712	22 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	203 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 409	713 B
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 920	27 KB
2	attentivemobile.com events.attentivemobile.com — Cisco Umbrella Rank: 3039	790 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	598 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	23 KB
2	getelevar.com shopify-gtm-suite.getelevar.com — Cisco Umbrella Rank: 15357	19 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 757	7 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2243	258 B
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 929	300 B
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 1852	342 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 2820	750 B
1	survata.com 1 redirects px.surveywall-api.survata.com — Cisco Umbrella Rank: 3152	749 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 977	634 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 4964	419 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2013	123 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 2438	263 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 2150	878 B
1	tremorhub.com 1 redirects amazon.partners.tremorhub.com — Cisco Umbrella Rank: 4782	398 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 512	471 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 448	642 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 532	676 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 564	724 B
1	t.co t.co — Cisco Umbrella Rank: 521	376 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1569	157 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1448	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 636	15 KB
1	zendesk.com herocosmetics.zendesk.com	1 KB
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5261	286 B
1	shopifyapps.com geolocation-recommendations.shopifyapps.com — Cisco Umbrella Rank: 9583	22 KB
1	backinstock.org app.backinstock.org — Cisco Umbrella Rank: 10123	27 KB
1	amazonaws.com pc-quiz.s3.us-east-2.amazonaws.com — Cisco Umbrella Rank: 72674	3 KB
1	cloudfront.net d275fvz7g8rvo.cloudfront.net	3 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	350 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	75 KB
1	shop.app shop.app — Cisco Umbrella Rank: 4155	2 KB
1	streetmetrics.io pixel.streetmetrics.io — Cisco Umbrella Rank: 22331	44 B
1	myshlf.us static.myshlf.us — Cisco Umbrella Rank: 71502	1 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 3422	10 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 793	39 KB
316	84

	Domain	Requested by
57	cdn.shopify.com	www.herocosmetics.us cdn.shopify.com
39	s.amazon-adsystem.com	1 redirects www.herocosmetics.us s.amazon-adsystem.com
20	js-agent.newrelic.com	player.vimeo.com
18	cld.accentuate.io	www.herocosmetics.us
16	fresnel.vimeocdn.com	f.vimeocdn.com
14	www.herocosmetics.us	1 redirects cdn.shopify.com
9	static.zdassets.com	cdn.shopify.com static.zdassets.com
8	player-telemetry.vimeo.com	f.vimeocdn.com
8	f.vimeocdn.com	player.vimeo.com
7	creatives.attn.tv	cdn.attn.tv creatives.attn.tv www.herocosmetics.us
6	static.klaviyo.com	www.herocosmetics.us static.klaviyo.com ssapi.herocosmetics.us
5	ct.pinterest.com	cdn.shopify.com s.pinimg.com
5	fonts.googleapis.com	creatives.attn.tv staticw2.yotpo.com cdn-swell-assets.yotpo.com
5	tr.snapchat.com	1 redirects sc-static.net
5	hero.attn.tv	cdn.shopify.com creatives.attn.tv
5	ssapi.herocosmetics.us	1 redirects www.herocosmetics.us ssapi.herocosmetics.us cdn.shopify.com
4	bam.nr-data.net	player.vimeo.com
4	117vod-adaptive.akamaized.net	player.vimeo.com
4	monorail-edge.shopifysvc.com	cdn.shopify.com
4	analytics.tiktok.com	cdn.shopify.com analytics.tiktok.com
4	cdn.attn.tv	www.herocosmetics.us cdn.attn.tv
3	ib.adnxs.com	3 redirects
3	mpsnare.iesnare.com	staticw2.yotpo.com mpsnare.iesnare.com
3	bat.bing.com	ssapi.herocosmetics.us bat.bing.com
3	vimeo.com	cdn.shopify.com f.vimeocdn.com
3	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	www.herocosmetics.us connect.facebook.net
2	i.vimeocdn.com
2	image6.pubmatic.com	2 redirects
2	loadus.exelator.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	eb2.3lift.com	1 redirects s.amazon-adsystem.com
2	us-u.openx.net	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	match.360yield.com	2 redirects
2	ads.stickyadstv.com	2 redirects
2	t.myvisualiq.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	x.bidswitch.net	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	cdn-swell-assets.yotpo.com	cdn-loyalty.yotpo.com cdn-swell-assets.yotpo.com
2	player.vimeo.com	cdn.shopify.com
2	s.pinimg.com	ssapi.herocosmetics.us s.pinimg.com
2	staticw2.yotpo.com	www.herocosmetics.us staticw2.yotpo.com
2	www.facebook.com	www.herocosmetics.us
2	pixel.tapad.com	2 redirects
2	sc-static.net	www.herocosmetics.us tr.snapchat.com
2	events.attentivemobile.com	cdn.attn.tv
2	static-tracking.klaviyo.com	static.klaviyo.com
2	www.google.com	www.herocosmetics.us
2	cdnjs.cloudflare.com	www.herocosmetics.us
2	shopify-gtm-suite.getelevar.com	www.herocosmetics.us
1	maxcdn.bootstrapcdn.com	cdn-swell-assets.yotpo.com
1	vc.hotjar.io	cdn.shopify.com
1	in.hotjar.com	cdn.shopify.com
1	vars.hotjar.com	static.hotjar.com
1	sync.taboola.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	token.rubiconproject.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	usermatch.krxd.net	s.amazon-adsystem.com
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	px.surveywall-api.survata.com	1 redirects
1	odr.mookie1.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.samba.tv	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	usersync.samplicio.us	s.amazon-adsystem.com
1	beacon.krxd.net	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	amazon.partners.tremorhub.com	1 redirects
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	analytics.twitter.com
1	t.co
1	alb.reddit.com
1	p.yotpo.com
1	www.redditstatic.com	ssapi.herocosmetics.us
1	static.ads-twitter.com	ssapi.herocosmetics.us
1	static.hotjar.com	ssapi.herocosmetics.us
1	googleads.g.doubleclick.net	ssapi.herocosmetics.us
1	herocosmetics.zendesk.com	static.zdassets.com
1	pro.ip-api.com	cdn.shopify.com
1	geolocation-recommendations.shopifyapps.com	www.herocosmetics.us
1	app.backinstock.org	www.herocosmetics.us
1	pc-quiz.s3.us-east-2.amazonaws.com	www.herocosmetics.us
1	d275fvz7g8rvo.cloudfront.net	www.herocosmetics.us
1	cdn-loyalty.yotpo.com	www.herocosmetics.us
1	loyalty.yotpo.com	cdn.shopify.com
1	www.google-analytics.com	www.googletagmanager.com
1	ekr.zdassets.com	cdn.shopify.com
1	www.googletagmanager.com	ssapi.herocosmetics.us
1	shop.app	cdn.shopify.com
1	stats.g.doubleclick.net	1 redirects
1	pixel.streetmetrics.io	www.herocosmetics.us
1	static.myshlf.us	www.herocosmetics.us
1	www.dwin1.com	www.herocosmetics.us
1	unpkg.com	www.herocosmetics.us
316	108

This site contains links to these domains. Also see Links.

Domain
heroskinsquad.socialmedialink.com
support.herocosmetics.us
www.instagram.com
www.facebook.com
twitter.com
www.youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
www.herocosmetics.us R3	`2022-10-28` - `2023-01-26`	3 months	crt.sh
cdn.shopify.com R3	`2022-11-14` - `2023-02-12`	3 months	crt.sh
shopify-gtm-suite.getelevar.com GTS CA 1D4	`2022-11-19` - `2023-02-17`	3 months	crt.sh
ssapi.herocosmetics.us GTS CA 1D4	`2022-11-17` - `2023-02-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
*.dwin1.com Amazon	`2022-11-03` - `2023-12-01`	a year	crt.sh
static.klaviyo.com R3	`2022-11-19` - `2023-02-17`	3 months	crt.sh
*.attn.tv Amazon	`2022-04-04` - `2023-05-02`	a year	crt.sh
static.myshlf.us Amazon	`2022-09-10` - `2023-10-09`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2022-12-15` - `2024-01-15`	a year	crt.sh
shop.app R3	`2022-11-14` - `2023-02-12`	3 months	crt.sh
static-tracking.klaviyo.com R3	`2022-11-27` - `2023-02-25`	3 months	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
attentivemobile.com Cloudflare Inc ECC CA-3	`2022-12-03` - `2023-12-03`	a year	crt.sh
attn.tv Cloudflare Inc ECC CA-3	`2022-12-03` - `2023-12-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-01` - `2022-12-30`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
*.yotpo.com Amazon	`2022-12-06` - `2024-01-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.s3.us-east-2.amazonaws.com Amazon	`2022-09-21` - `2023-08-31`	a year	crt.sh
backinstock.org Cloudflare Inc ECC CA-3	`2022-04-30` - `2023-04-30`	a year	crt.sh
geolocation-recommendations.shopifyapps.com R3	`2022-11-05` - `2023-02-03`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-25` - `2023-12-26`	a year	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2022-09-21` - `2023-09-20`	a year	crt.sh
herocosmetics.zendesk.com Cloudflare Inc ECC CA-3	`2022-05-30` - `2023-05-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2022-04-29` - `2023-05-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
yotpo.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-17` - `2023-06-18`	a year	crt.sh
monorail-edge.shopifysvc.com R3	`2022-11-22` - `2023-02-20`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.samplicio.us Amazon	`2022-03-18` - `2023-04-16`	a year	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2022-11-22` - `2023-02-20`	3 months	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-06` - `2023-06-05`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2022-11-27` - `2023-02-25`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.herocosmetics.us/
Frame ID: 1EA51B57881C5E12E961FF4F2F88D6D3
Requests: 174 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=0470dae7-028b-4609-a07a-65a3ee776aed&u_scsid=19e37363-3eb1-4282-af09-6674b7b99150&u_sclid=5acbe442-18a7-4512-92e4-38af6374b2d6
Frame ID: 65CB8A0BCC39485F2DBF360CE2D448E2
Requests: 2 HTTP requests in this frame

Frame: https://creatives.attn.tv/creatives-dynamic/multiPage/index.html
Frame ID: E48BA4EECA0DD9AAB68AD142EBB09B4F
Requests: 14 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1671553281278&pnid=140&pcid=af627b69-7ed3-48a8-9e69-ea95ba2d104e
Frame ID: BF24C390F8CEE018ACFDBF599429500F
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js
Frame ID: FC4496345380CE133474352E7CBF09D1
Requests: 9 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=500338211159375040&dcc=t
Frame ID: 15CF6312D3E9E31928AB2F306F2CDECB
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Frame ID: D45E742D1A897B6C9C02F67C73187E45
Requests: 33 HTTP requests in this frame

Frame: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Frame ID: 7FF531C7E873A6D82B0E0F73CDFCBA35
Requests: 32 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=jeJtrGA2ST2SE5H-_NoOig&dmt=3&ex-pl-n-g-hmt=mMOoTd9BSYWRILC1orkXNQ&ep=ttam_T219Ay-cPciHbT10jzSF4kGwHwCfmJ4BDTvTahzePN_cw9daqggLYBBW0FVJKsOiJ3a062Ct99C9h3bYmuQ3E967S9phqNu0-oxC-YZay-Tj204hgCky7Z6Eb1uWesAN4n4SEal5mNsEtQ0wyfyubyKItcfK5UamkFeLCri220N38XCJyVq_Fy3n-rPmmECd7g3XQWc0vymOs2t1iyFBPfvNUBb1SD40QEY6dupQdGNiwkpY09Ar64pFtJOiGXsSSJdGvirHKThtudfMigTqKutl2gzWSRvO6XDzqTE2JtlLVvRDc-DNeOCvApFWDip4Ft9FRQXt3Y7Z__wWTIjIF5yQTn8_Wp0msQbDKAQCUIR5XysMSCZq_os6zeWbxPOe77rvay-KRl8W2864LdMzUQ-KjYg4c-fBrl2E3ZXKmvc9uwGe3KyLH0GNUYYje3l73iG4ij3irGgI5gVZasJGGBv6eCMhf0KT1eTEkJ2FY_jdK8V6kB79qLsC4LMq_TRQv4btbjr_sZpB6Qi-M-3Y78qJjo2gXTZwBhtm6QjqWHJkz62HlRxDLAywK-J0dUYI5ifaqQ9Z20g5kJ7Kt_9BXUL4wEwzPniqz6oKI0
Frame ID: 6FBB6262B6F95AA0C911F57CE2100F1E
Requests: 42 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: E6C9C44289C3D9DB8B28A4C6E76C57E9
Requests: 1 HTTP requests in this frame

Frame: https://cdn-swell-assets.yotpo.com/bootstrap.min.css
Frame ID: EC11FE7DB45FABC25634E2DCCE4EE42C
Requests: 3 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 893D560F82B12A10AB48A605B956A88E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hero Cosmetics | Empowering Acne Prone Skin

Page URL History Show full URLs

http://www.herocosmetics.us/ HTTP 301
https://www.herocosmetics.us/ Page URL

Detected technologies

Shopify (Ecommerce) Expand

Overall confidence: 25%
Detected patterns

<link[^>]+=['"]//cdn\.shopify\.com

Apple Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<script id="apple-pay

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

316
Requests

88 %
HTTPS

26 %
IPv6

84
Domains

108
Subdomains

67
IPs

6
Countries

6380 kB
Transfer

15450 kB
Size

126
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://heroskinsquad.socialmedialink.com/members/sign_in?utm_source=community&utm_medium=skinsquad&utm_campaign=invite#/
Title: Join Skin Squad

Search URL Search Domain Scan URL

URL: https://support.herocosmetics.us/hc/en-us
Title: FAQ

Search URL Search Domain Scan URL

URL: https://support.herocosmetics.us/hc/en-us/articles/360053004294-What-s-your-return-policy-
Title: Returns

Search URL Search Domain Scan URL

URL: https://support.herocosmetics.us/hc/en-us/requests/new
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.instagram.com/herocosmetics/
Title: Visit our instagram site

Search URL Search Domain Scan URL

URL: https://www.facebook.com/herocosmetics/
Title: Visit our facebook site

Search URL Search Domain Scan URL

URL: https://twitter.com/herocosmetics/
Title: Visit our twitter site

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0wZCPILuEVZaTPCUutXPag
Title: Visit our youtube site

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@herocosmetics
Title: Visit our tiktok site

Search URL Search Domain Scan URL

URL: https://www.instagram.com/terrellbritten/
Title: Go to https://www.instagram.com/terrellbritten/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/lukayamilica/
Title: Go to https://www.instagram.com/lukayamilica/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/situationalskincare/
Title: Go to https://www.instagram.com/situationalskincare/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/diaryoftroubledskin/
Title: Go to https://www.instagram.com/diaryoftroubledskin/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gabstamas/
Title: Go to https://www.instagram.com/gabstamas/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/jasmm_skinjawn/
Title: Go to https://www.instagram.com/jasmm_skinjawn/

Search URL Search Domain Scan URL

URL: https://support.herocosmetics.us/
Title: FAQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.herocosmetics.us/ HTTP 301
https://www.herocosmetics.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://ssapi.herocosmetics.us/j/collect?v=1&_v=j98&aip=1&a=430110462&t=pageview&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAEKI~&jid=2065792563&gjid=1746520852&cid=368312288.1671771834&tid=UA-102753205-1&_gid=1935258582.1671771834&_fplc=0&_r=1&gtm=2ygbu0N73MWQN&z=863098412 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-102753205-1&cid=368312288.1671771834&jid=2065792563&_gid=1935258582.1671771834&gjid=1746520852&_v=j98&z=863098412 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-102753205-1&cid=368312288.1671771834&jid=2065792563&_v=j98&z=863098412

Request Chain 124

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1671771834669&u_scsid=281179b2-9ee9-4952-880b-a27dd5057a5c&u_sclid=380043be-b559-4bf7-820e-1ce15a0250b5 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1671553281278%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1671553281278%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1671553281278&pnid=140&pcid=af627b69-7ed3-48a8-9e69-ea95ba2d104e

Request Chain 152

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=500338211159375040 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=500338211159375040&dcc=t

Request Chain 189

https://ib.adnxs.com/setuid/a9?entity=188&code=6YJ0g48BTFSX6ZhzFgbP6w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3D6YJ0g48BTFSX6ZhzFgbP6w%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=6YJ0g48BTFSX6ZhzFgbP6w

Request Chain 190

https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=3q9jPvjuRZupMLac9HsHUA&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT%26id%3D%26sspid%3DSMART_USER_ID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=equativHMT&id=&sspid=1891964632233644020

Request Chain 191

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=213610604374004048145&ex=neustar.biz

Request Chain 192

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=Vws6AoQOR1STp01djM2XOQ&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=Vws6AoQOR1STp01djM2XOQ&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y6U2u0VljaDkGkXFCVs79AAA

Request Chain 193

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=ed3f673236ca8940ea7fddcb79e02868

Request Chain 194

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 195

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=s6izUK3kSAm1EQr1L-903w HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=s6izUK3kSAm1EQr1L-903w&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=s6izUK3kSAm1EQr1L-903w

Request Chain 196

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=3935ba36-0ad2-4c42-a044-50f3b6cb2cdc

Request Chain 197

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=48d1f33abfab411faaba0f469ae63639

Request Chain 198

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://s.amazon-adsystem.com/ecm3?id=y-DWa.yNVE2pFBnW8kvA6JuEtIWfZanPdTb.nD~A&status=NOT_FOUND&ex=gemini

Request Chain 199

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=96b5424e2b9784fdaf7168b8763c68c&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 200

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 202

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=b3c6c111-39c8-4260-aa35-f0c5843e747e&ex=improvedigital.com

Request Chain 205

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=107c9112aab57bdc8

Request Chain 206

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FUn4xWaQQp-RGpwcqruP2Q&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=FUn4xWaQQp-RGpwcqruP2Q

Request Chain 207

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=O_2AZfz3SDqNIQt3AGM7SA&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=96b5424e2b9784fdaf7168b8763c68c&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=O_2AZfz3SDqNIQt3AGM7SA

Request Chain 208

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=wd3svHdbTs-91rW6jzrBgQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=wd3svHdbTs-91rW6jzrBgQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64697283372261215462389917746097905163

Request Chain 209

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=jaGHWCKpSv6MM-EKhG6SNA HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10594295916759214759&gdpr=&gdpr_consent=

Request Chain 210

https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=

Request Chain 211

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=7940862722696618759

Request Chain 212

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=3411876c-827f-11ed-88d2-1d4240210503 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=34118719-827f-11ed-88d2-1d4240210503

Request Chain 213

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%220d67893a-44ef-43ff-935a-18934e709328%22,%22Time%22:%2220221223T050356.438649%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=0d67893a-44ef-43ff-935a-18934e709328

Request Chain 214

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEK6Aa3qlOxUEzz90ZvP2r-o&google_cver=1

Request Chain 216

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=03ca3ea2004c33601f5e49a6eeb19c97

Request Chain 217

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=b7540bee-7406-c3ac-1476-a5a6b1e8c2e3

Request Chain 218

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KvcBixVRx9iUSAbxcD5VwTc4cag4ZgAC

Request Chain 219

https://eb2.3lift.com/xuid?mid=8341&xuid=Ai51UlteS4GHd-ATBIsYQg&dongle=az46 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=8341&xuid=Ai51UlteS4GHd-ATBIsYQg&dongle=az46&gdpr=0&cmp_cs=&us_privacy=

Request Chain 220

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=E3A2BACFEBD50498

Request Chain 221

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=2004515635888230825&ex=appnexus.com

Request Chain 222

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=Q6UT3GKFQ8ivQeIMbqTVjQ&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=Q6UT3GKFQ8ivQeIMbqTVjQ

Request Chain 223

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=Cl-dzeJlDDQ_riIJ0uBy0w&ex=rubiconproject.com&status=ok

Request Chain 224

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=mMOoTd9BSYWRILC1orkXNQ& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 225

https://loadus.exelator.com/load/?p=204&g=8888&j=0 HTTP 302
https://loadus.exelator.com/load/?p=204&g=8888&j=0&xl8blockcheck=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=b02b257b812da39e2b95b5bc0a1965e8

Request Chain 226

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2DBC36A5638916282402D6F9A2

Request Chain 227

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=84e40dae83df162ab0c2fe0c48722456dd2e245f9fb00b7c96ec3ce79519e5df

Request Chain 228

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=5D9951D6-56ED-440D-9FFC-75B5B5105522

Request Chain 229

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=20a97569-4263-40b5-9a37-2638b36565c3-tucta9ebc3c

316 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.herocosmetics.us/
Redirect Chain

http://www.herocosmetics.us/
https://www.herocosmetics.us/

239 KB
39 KB

632ms
601ms

Document
text/html

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd905bde4488fc2ded1075d19eae6ce45f5c4873eba50635cf6aeff027bc10f4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77de8da27c0fd14f-BUF
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Fri, 23 Dec 2022 05:03:53 GMT
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Llb9ApiBIGr9%2BUyZM1Zw8Nr30n0c4o7MjHCf5mf3%2BGEhU3k1M3Hova08A2GpzRIFt9KJ3B9TTqm7vibwKarpRsx6w9vLEGLMVPzoDCvPMYQNp3X2pedmN48IO73tlDd%2FWDoTOFUy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=534, db;dur=110, parse;dur=13, render;dur=143, asn;desc="20278", edge;desc="BUF", country;desc="US" cfRequestDuration;dur=608.999968, earlyhints
strict-transport-security: max-age=7889238
vary: Accept
x-alternate-cache-key: cacheable:281c6ec3937d5382e8c509e4a7a32187
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-us-east4,us-east1,gcp-us-east1
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 5c3611be-12fc-4152-a86c-a5a5fae1901b
x-shardid: 41
x-shopid: 21814481
x-shopify-stage: production
x-sorting-hat-podid: 41
x-sorting-hat-shopid: 21814481
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 77de8da1b98ed15f-BUF
Connection: keep-alive
Content-Security-Policy: frame-ancestors *;
Content-Type: text/html; charset=utf-8
Date: Fri, 23 Dec 2022 05:03:52 GMT
Location: https://www.herocosmetics.us/
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0pg0Zx%2Fs7ruPO5ldqnMGt32rYejxFR89MfRN7Vt0s29uJ04WGN61Bldnb4fy5SFIAFlGD2wx1Gz1MPoqXbu04tDBIlGT02vUgRAUVjvqnsxWbZVoSkcy5hTD%2FWAWbSmWTPsERZO"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Server-Timing: processing;dur=15, db;dur=5, asn;desc="20278", edge;desc="BUF", country;desc="US" cfRequestDuration;dur=82.000017
Transfer-Encoding: chunked
Vary: Accept
X-Content-Type-Options: nosniff
X-Dc: gcp-us-east4,us-east1,gcp-us-east1
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Redirect-Reason: https_required
X-Request-ID: 3f927bec-903f-4c21-96dc-6e8ca07d1635
X-ShardId: 41
X-ShopId: 21814481
X-Shopify-Stage: production
X-Sorting-Hat-PodId: 41
X-Sorting-Hat-ShopId: 21814481
X-Storefront-Renderer-Rendered: 1
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 load_feature-a5f1052ed1a8af5abd2f31dfef1a6c95288a6be319e39bfd7072f5f196d63612.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 10 KB
4 KB 25ms
24ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a5f1052ed1a8af5abd2f31dfef1a6c95288a6be319e39bfd7072f5f196d63612.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5f1052ed1a8af5abd2f31dfef1a6c95288a6be319e39bfd7072f5f196d63612

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 551305
content-encoding: br
server-timing: imagery;dur=19.476, imageryFetch;dur=19.285, cfRequestDuration;dur=584.000111
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 92e7d7ed-5b9a-4ed0-8c0b-318d1c976497
last-modified: Tue, 15 Nov 2022 23:26:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WeRaD0pXnuO7dLdhzHdgWQ24u%2FXhGXa%2Fh5WKra5djKZ6TS7fb7wQEH57vvUKinbHz%2FpcXdWTPHcmwXth%2BcnfIB4Ze7a6QC5D%2F0SgYhCYVZ3QH7ltQOCIrDc0CT75Zhpuag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a5f1052ed1a8af5abd2f31dfef1a6c95288a6be319e39bfd7072f5f196d63612.js>; rel="canonical"
cf-ray: 77de8da64ae8d163-BUF

GET
H2 200 storefront-c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/ 49 KB
19 KB 29ms
27ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab.js?v=20220906

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
age: 551305
content-encoding: br
server-timing: imagery;dur=17.503, imageryFetch;dur=17.270, cfRequestDuration;dur=13.999939
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d1de5d9d-3741-43e2-8484-e0afeebe8fc2
last-modified: Tue, 25 Oct 2022 19:46:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysJiSfoGwDAWlikkwWZv9ERA2dSnEsfugqHLF0dDRLXCVE0v8Asa7OR2qIt91ymkIxdI%2FygH6aUew7ITxxU2aKiPSNwhEfQhL1KDpG4ZR4wChJSYK3Fi9vLbwWOhYJbBJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab.js>; rel="canonical"
cf-ray: 77de8da64aead163-BUF

GET
H2 200 features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 37 KB
13 KB 73ms
31ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 551305
content-encoding: br
server-timing: imagery;dur=24.330, imageryFetch;dur=24.124, cfRequestDuration;dur=17.999887
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b871eec7-70f0-420c-a3b1-11180b05735f
last-modified: Thu, 03 Nov 2022 16:01:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tcMil1qzVbsR1dGLWz0%2FxD%2FvX0t1QBqLmgzLClspDq2JJHtNJxZTOo5l0Q4SCDgeVon90iGusNSNlQxOGTnxo%2FfC0M5NUJjzIbRI0Y5pKFJOlt2R9i7XJzJB1SEPRLj2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
cf-ray: 77de8da71bcfd163-BUF

GET
H2 200 home.css
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 191 KB
29 KB 70ms
69ms Stylesheet
text/css 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/home.css?v=176736038297017244231671227287

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a54987ffb896d1bdc066c7728c46f5e1ddd1b6354f348bff1860492d1a904294

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
content-encoding: br
server-timing: imagery;dur=92.825, imageryFetch;dur=77.938, cfRequestDuration;dur=628.000021
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c97b00f1-9d3a-45bb-87a2-12c714d5d779
last-modified: Fri, 16 Dec 2022 21:48:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXnDOYjBL29208yfQ%2BxU9c6SyCKC1RDgn%2FW%2BvsQSGYjGArZuEgUwkISzXlL9%2FlgHXVA49kwQOQinJmf%2BIIIFXY6h0Wxw1QEEkoyL86x3voLAz48eCKB10SVNhXjH%2FGpKxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/home.css>; rel="canonical"
cf-ray: 77de8da64ed9d14f-BUF

GET
H2 200 events.js Show response
shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/ 18 KB
7 KB 126ms
15ms Script
application/javascript 34.120.58.162
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/events.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.58.162 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 162.58.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54de354b4d7d3eb9116966f4021f8e554ee71beb5885e2626ef5f743ce49103d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:47 GMT
content-encoding: gzip
age: 1600686
x-guploader-uploadid: ADPycds7qAUgnvZXitkDo0PzlPbAPqaoheYwrChvH2LsfgvDs5l2dW3U01lhwHv6KjCw_3TfX3nLIMq2MsWXeD6tN86HhiQ4il1_
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6992
last-modified: Wed, 05 Oct 2022 16:20:12 GMT
server: UploadServer
etag: "4728b5d15e9960ee10bec1ae71e38c2c"
vary: Origin
x-goog-generation: 1664986812557648
x-goog-hash: crc32c=Rhtnaw==, md5=Ryi10V6ZYO4QvsGuceOMLA==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 6992
accept-ranges: bytes
expires: Mon, 04 Dec 2023 16:25:47 GMT

GET
H2 200 gtm.js Show response
ssapi.herocosmetics.us/ 367 KB
120 KB 217ms
86ms Script
application/javascript 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 007db74b35d79af0c9c5836a7b99e2b4dbe06e0865b63ed52bade68f3631a36c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
content-encoding: gzip
last-modified: Fri, 23 Dec 2022 03:00:00 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-cloud-trace-context: 320d86c212db603fcd80e0a8fe11fa1d
cache-control: private, max-age=900
content-length: 122703
expires: Fri, 23 Dec 2022 05:18:33 GMT

GET
H2 200 icon-close.svg
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 538 B
820 B 92ms
52ms Image
image/svg+xml 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/icon-close.svg?v=88127350990443011671658515530

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc131657068707ac57506e3053ea092a346e7364ec91bc922b4f78921e73a9e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 493216
content-encoding: br
source-type: image/svg+xml
server-timing: imagery;dur=193.256, imageryFetch;dur=73.345, imageryProcess;dur=0.084;desc="image", cfRequestDuration;dur=32.000303
source-length: 538
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: ed23ab45-e594-40ca-abfe-f5445525a8c5
last-modified: Sun, 16 Oct 2022 13:41:55 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BR%2FXhyLECkHQMcXfjZvpmSdhD4Uo63QdMEC6TV65M1cr4cz4nE3grTwZLN5HI1T2MMgOTJ%2FGyM3Nh%2FpUKxvDh7u4Pwq2oxFygUNGeU2ZfPReoRbj%2FHhRuAVEHe%2Fx65ieA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/icon-close.svg>; rel="canonical"
cf-ray: 77de8da71f4cd14f-BUF

GET
H2 200 Shop_All_cf0a151a-ca4a-4d19-a48c-82a81074ae09.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 71 KB
72 KB 76ms
36ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Shop_All_cf0a151a-ca4a-4d19-a48c-82a81074ae09.jpg?v=1619114435

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ff879850dd3299636996a2a2ecc5ca88fd35f9fdb66e2c67a33acf0cf8db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 493216
source-type: image/jpeg
server-timing: imagery;dur=269.366, imageryFetch;dur=87.711, imageryProcess;dur=180.662;desc="image", cfRequestDuration;dur=16.000032
source-length: 870264
content-length: 72586
x-xss-protection: 1; mode=block
x-request-id: db3ac4bc-eed3-44b6-b178-331eed37bdbe
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 04:11:53 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIvA97Jf1hg%2BfF3rcJ92fEfDG9%2FJCyxynIjqWL0Sj8LuwXqQlefBHivOeKJA0lPES6rMR%2FvVsG2YNv2sL09aO1sGL%2BhlsCGEL4xWZ2MsJSC4PaKz96bPOs5k%2FMDEJ8v7OA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Shop_All_cf0a151a-ca4a-4d19-a48c-82a81074ae09.jpg>; rel="canonical"
cf-ray: 77de8da71f4dd14f-BUF

GET
H2 200 Blemish_Pastches.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 39 KB
39 KB 91ms
51ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Blemish_Pastches.jpg?v=1619114435

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36bcb881c9c03cb50d39304ccd43ad6a9cff58c89110b43bf1024c97eb1b3a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
age: 493216
server-timing: imagery;dur=217.010, imageryFetch;dur=91.685, imageryProcess;dur=124.665;desc="image", cfRequestDuration;dur=19.999981
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39806
x-xss-protection: 1; mode=block
x-request-id: e4031fdd-cfb1-43b8-92fc-75f8089d7975
last-modified: Fri, 26 Aug 2022 04:53:54 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8PdNvmGrO1dYQC%2F7AiKHOHvEUwXrxBOAHHQPoqBjfjPQpfFTeCftVmZHxZhMA4RWvS6wwpBoHercib6ciU0MU4wRfdpSkk3vt0DY5stwMbWDXWiwNqEBCSbSjvkJSxrjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Blemish_Pastches.jpg>; rel="canonical"
cf-ray: 77de8da71f4fd14f-BUF

GET
H2 200 Post_blemish_1a5b6f1a-f771-40ef-bc67-8c99e17ef145.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 12 KB
13 KB 88ms
48ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Post_blemish_1a5b6f1a-f771-40ef-bc67-8c99e17ef145.jpg?v=1668545951

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a7e4377c879baab9e0752ba41ed65235a7011840c67365fee77cb2472180071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 493216
source-type: image/jpeg
server-timing: imagery;dur=87.910, imageryFetch;dur=65.255, imageryProcess;dur=21.829;desc="image", cfRequestDuration;dur=16.000032
source-length: 17801
content-length: 12514
x-xss-protection: 1; mode=block
x-request-id: b76b3468-848d-4365-b36b-a732720995ef
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 15 Nov 2022 20:59:13 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCRNJBe13wCjBe20uxatHQ6iu1RYUN%2FEEhGIkf4%2BQbTrrvX2TkUWrQlf4vJtzlfV%2BMJPEt%2BcQP%2FYwawD4oqUF4R6TVit9KLiOb%2FwhFzVyNDwHQiqk0pQv%2Byec2eZ2KMtxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Post_blemish_1a5b6f1a-f771-40ef-bc67-8c99e17ef145.jpg>; rel="canonical"
cf-ray: 77de8da71f50d14f-BUF

GET
H2 200 Daily_Care_267c8d81-81cc-4a3a-91c6-41c197c3733e.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 43 KB
44 KB 92ms
52ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Daily_Care_267c8d81-81cc-4a3a-91c6-41c197c3733e.jpg?v=1619114435

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ba2d27af252ea2bf1e57aaad94e153cf9e6453f3c7a7d1a7ab86f3be084225c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 493216
server-timing: imagery;dur=188.069, imageryFetch;dur=79.470, imageryProcess;dur=107.995;desc="image", cfRequestDuration;dur=23.000002
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44412
x-xss-protection: 1; mode=block
x-request-id: b2fed064-219b-4a36-a8a5-4a8f70fa1ea5
last-modified: Thu, 25 Aug 2022 23:45:59 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJpb7B%2F7Qv6qzuJa5BcBBNogRWUMG5f0DeSDM3T6p9RlLKgBCfe3qMgKiJNGG2dyrfEWVI9eKRbK4UgdWtJ8kWjoGM8pYwCKur%2BACuoDJ0x8f25LLIW33f6gzZ%2BkRJGDLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Daily_Care_267c8d81-81cc-4a3a-91c6-41c197c3733e.jpg>; rel="canonical"
cf-ray: 77de8da72f58d14f-BUF

GET
H2 200 icon-chev-right.svg
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 408 B
789 B 92ms
53ms Image
image/svg+xml 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/icon-chev-right.svg?v=27316033068748304711658515529

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbe74252035fd1cda8b03e76098b49b0530e2e9470b004549f628b1e840e6694

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
age: 3832706
content-encoding: br
source-type: image/svg+xml
server-timing: imagery;dur=57.718, imageryFetch;dur=56.625, imageryProcess;dur=0.068;desc="image", cfRequestDuration;dur=23.999929
source-length: 408
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1a0fca08-9506-4e3c-ae21-050b810300a5
last-modified: Thu, 03 Nov 2022 05:45:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjaBzIyXHnIYiEfRgZhF%2Fv%2FM7be8LKKQtUzJoo9QWZkutv3ccfy1QX0BiUQmzwiuaQXcbUoWYu%2BInI5bsz328z%2BX9QfbdkGbc1nmM1nwFzOnvL9HnSTIo3fGVEX3HWf7fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/icon-chev-right.svg>; rel="canonical"
cf-ray: 77de8da72f5ad14f-BUF

GET
H2 200 icon-chev-left.svg
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 371 B
967 B 101ms
62ms Image
image/svg+xml 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/icon-chev-left.svg?v=176933005437432439841658515529

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

570c18a72f8c237ee28c78cc10ac99cece43c0b4a95aa2afd497dd70716dc5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 493216
content-encoding: br
source-type: image/svg+xml
server-timing: imagery;dur=51.336, imageryFetch;dur=49.147, imageryProcess;dur=0.076;desc="image", cfRequestDuration;dur=28.000116
source-length: 371
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: bc591c13-b50e-4fdc-9a80-1cc31342d33d
last-modified: Mon, 17 Oct 2022 03:07:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwBvraquk2Qu9vc2FRSZN7XnjRntguwcpsyci2z1DUu89tWFeX9YBbRsrD%2FqWSHM4w9rZxPkB%2BmiebDO1xcuygBvQanfniQqTFB3k3Cgm1Aw0ghiiqE1MbXVY%2BgbJmOnNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/icon-chev-left.svg>; rel="canonical"
cf-ray: 77de8da72f5bd14f-BUF

GET
H2 200 Refinery29_166x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 3 KB
4 KB 157ms
118ms Image
image/avif 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Refinery29_166x.png?v=1614418263

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87028f382373efc07160d34277f4005b477463c8ffd34e1b58b6a809f79a2108

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
server-timing: imagery;dur=375.380, imageryFetch;dur=63.163, imageryProcess;dur=278.440;desc="image", cfRequestDuration;dur=70.000172
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2976
x-xss-protection: 1; mode=block
x-request-id: aa0c78b2-bd56-4ddf-91ec-574d2535d2d7
last-modified: Wed, 21 Sep 2022 18:23:35 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXiZAxT74G%2F8XEyQr5o83VEFiCF7%2FSMTctgO42ip%2FLcbwQyCSFYSwqrnZ0%2BwB1rkMfnnc7dbKJRQFbQ4fBU4deumRkPFiHlPoATbr5uw8VWE81XyUyyesQgExL7i4RCJuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Refinery29_166x.png>; rel="canonical"
cf-ray: 77de8da72f5cd14f-BUF

GET
H2 200 Beauty-Insider_166x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 3 KB
4 KB 156ms
117ms Image
image/avif 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Beauty-Insider_166x.png?v=1614418263

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c90bb62be7e1cdd0e233d2f6efd83d8529047adf1b38cea538a77fe4e2454581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
server-timing: imagery;dur=497.788, imageryFetch;dur=92.217, imageryProcess;dur=402.580;desc="image", cfRequestDuration;dur=65.000296
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3122
x-xss-protection: 1; mode=block
x-request-id: 01713964-f4f5-4968-aeba-ae3c42623f2d
last-modified: Wed, 21 Sep 2022 18:23:36 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZ2JObthGEsilHO9bf8%2BBRvihg2%2B%2BBZxuoonI8%2BRGJwIjWPZn1kmcDhHl4QNGBEV6PBfp0J8rDFIBVs7fv0MSfPb3JEJRJ%2FogBZio52AhoGEUzvM1huhqwa%2FhupLY%2B33QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Beauty-Insider_166x.png>; rel="canonical"
cf-ray: 77de8da72f5dd14f-BUF

GET
H2 200 hypebae_166x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 3 KB
3 KB 132ms
93ms Image
image/avif 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/hypebae_166x.png?v=1614418265

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9dbc93333dc1ae2f6750e491f8e37a1b7eadc52dea4e15bfe9c7b172634132d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
source-type: image/png
server-timing: imagery;dur=292.083, imageryFetch;dur=96.247, imageryProcess;dur=194.693;desc="image", cfRequestDuration;dur=45.000315
source-length: 3291
content-length: 2739
x-xss-protection: 1; mode=block
x-request-id: 44559aa0-ae03-40b8-a0b8-2ef7f6602b69
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 19 Oct 2022 16:17:02 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJDYvlDfjryfm8ciJn0TsbkylCqF8%2FeFUKUvH588V7KOcGiDpaFeVIE8794%2BcU8b8g9rBr%2FjZ5gkBe%2FOIBeb9lCR54zz4o9sjtj1XmTlbmtYl%2Fj7r3%2BSgSzh8nxGN5g6LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/hypebae_166x.png>; rel="canonical"
cf-ray: 77de8da72f5ed14f-BUF

GET
H2 200 pink.svg
cld.accentuate.io/40419278913578/1666812319684/ 19 KB
9 KB 137ms
54ms Image
image/svg+xml 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/40419278913578/1666812319684/pink.svg?v=1666812319685&options=
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a08cf9a6e9d7af50367a6c556789451a7ae78977710e77086f30a0def9c57f3a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Oct 2022 19:25:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2061129
etag: W/"5fa68acd1ba3fbecc0a105a05937c9f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUmNj7olTEgV1YLcmcN28mwEBg9UOmsnAPGoU1aNw2ziEcPgO7a440K7rpC%2FAr8O9zkFTRmvOoAHzd%2B%2Fue0dYFs14Y4UykoqAfPhLPJhJRmmZdXtdkjOrBcGNyOzmitjIGbohPDMcVbTm3pUIGh1"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 77de8da7690ac452-EWR

GET
H2 200 SHOT_05_MODEL_SARA_LIFESTYLE_AFTER_PORTRAITS_WITH_PRODUCT_1283-_1_-1009x564-8efcd79_405x225_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/articles/ 62 KB
63 KB 155ms
117ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/articles/SHOT_05_MODEL_SARA_LIFESTYLE_AFTER_PORTRAITS_WITH_PRODUCT_1283-_1_-1009x564-8efcd79_405x225_crop_center@2x.jpg?v=1670965497

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

352b2312aebadef8fd521199c44bdf6568bbb67b1a2aecd75073ad866a86ad09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
source-type: image/jpeg
server-timing: imagery;dur=203.482, imageryFetch;dur=86.656, imageryProcess;dur=115.477;desc="image", cfRequestDuration;dur=68.000078
source-length: 440717
content-length: 63400
x-xss-protection: 1; mode=block
x-request-id: 4a6a4682-573e-4d95-b6ca-1f1ea5a0de67
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Dec 2022 21:23:05 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5bvtxqG3UtR1I6d3PKx%2Fpe1YyF5VilwKnk5m8OD6Acyid1OS3cEdREAO4575kYJfzG%2FEPsRqoP0O1EXLBChfC06iEffu7c8SKZzKLta1x1qT3hWdYSdUIUBSyGnBV7eDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/articles/SHOT_05_MODEL_SARA_LIFESTYLE_AFTER_PORTRAITS_WITH_PRODUCT_1283-_1_-1009x564-8efcd79_405x225_crop_center@2x.jpg>; rel="canonical"
cf-ray: 77de8da72f5fd14f-BUF

GET
H2 200 220112_HERO_EVERGREEN_06_MIGHTYPATCH_211-2018x1345-ff89bed_1_405x225_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/articles/ 45 KB
45 KB 150ms
112ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/articles/220112_HERO_EVERGREEN_06_MIGHTYPATCH_211-2018x1345-ff89bed_1_405x225_crop_center@2x.jpg?v=1667852297

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47ef2b0bcd09de3fc05c42be893f722320098be067ddbd88d13faa161aaa3f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
source-type: image/jpeg
server-timing: imagery;dur=300.487, imageryFetch;dur=124.349, imageryProcess;dur=174.043;desc="image", cfRequestDuration;dur=62.000036
source-length: 2387391
content-length: 45666
x-xss-protection: 1; mode=block
x-request-id: 2c7eb482-6d8f-4d08-aa7a-754ada6c991a
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 29 Nov 2022 21:00:49 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3eRS%2FyGj9H24%2B%2FrAByqiRTHWRRch78mZbJbaKJJp1dSZ4C6v39rGtKZFaGCZVwf4nDCZ1IFPB4OdZUVCXYdQa7jSsVkOf7U6KsRXhdvnA%2BRBuwUS88dqtYnCgsmxk64%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/articles/220112_HERO_EVERGREEN_06_MIGHTYPATCH_211-2018x1345-ff89bed_1_405x225_crop_center@2x.jpg>; rel="canonical"
cf-ray: 77de8da72f61d14f-BUF

GET
H2 200 KIM_REMOVAL_075-1009x564-b0ae5f6_405x225_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/articles/ 47 KB
48 KB 126ms
88ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/articles/KIM_REMOVAL_075-1009x564-b0ae5f6_405x225_crop_center@2x.jpg?v=1669752988

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7bd9f4f44a45e7e90dd2fb62151532fa50f02c78f9823f9fa83621894edda11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
source-type: image/jpeg
server-timing: imagery;dur=196.883, imageryFetch;dur=112.201, imageryProcess;dur=84.019;desc="image", cfRequestDuration;dur=41.000128
source-length: 507827
content-length: 48224
x-xss-protection: 1; mode=block
x-request-id: cad1b33e-621f-43fa-9456-f54d02e29095
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 29 Nov 2022 20:17:40 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtVicYwGKKzllzhjSVG0v5%2FcjaxMl6PHnhRvZhaxCy%2BcySxkfKWWJdzJZVl4wbrsQx5pN15XFq7dyr3xBuIrH%2BqcQ5j%2BNq6y5JO%2BfXLb2aDdKhmOGTujmlGfW1opstfE7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/articles/KIM_REMOVAL_075-1009x564-b0ae5f6_405x225_crop_center@2x.jpg>; rel="canonical"
cf-ray: 77de8da72f62d14f-BUF

GET
H2 200 skincycling-header_405x225_crop_center@2x.png
cdn.shopify.com/s/files/1/2181/4481/articles/ 53 KB
54 KB 127ms
89ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/articles/skincycling-header_405x225_crop_center@2x.png?v=1669750295

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b2228717a55ab50b08f170843e171de6a64e87f2967804c9835b3e8b57a683a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
source-type: image/png
server-timing: imagery;dur=1149.142, imageryFetch;dur=243.578, imageryProcess;dur=904.853;desc="image", cfRequestDuration;dur=42.999983
source-length: 10070097
content-length: 54504
x-xss-protection: 1; mode=block
x-request-id: 65d49226-6ff5-4ed0-9cc5-9e371524e7f2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 29 Nov 2022 19:53:00 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKWO6%2F3HRAt6cqxgKq9uLCg6RqckVGkNraOhvQBfYFZPAirTRRYVVA3Xp2DpW1KJ4U9aZsawWBfSwsNfWKww%2B2zNFAUY%2FwT%2Bm3OrHHIlJqnWupqby22ouf04UiOoIiviQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/articles/skincycling-header_405x225_crop_center@2x.png>; rel="canonical"
cf-ray: 77de8da72f64d14f-BUF

GET
H2 200 PimpleCorrect_BlogCover_405x225_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/articles/ 52 KB
52 KB 113ms
75ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/articles/PimpleCorrect_BlogCover_405x225_crop_center@2x.jpg?v=1666101990

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb05ae0e0694c65180efab5f7addef2c1366822df20d8c0eb3c56adbaf052c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 3058581
source-type: image/jpeg
server-timing: imagery;dur=524.656, imageryFetch;dur=311.984, imageryProcess;dur=211.785;desc="image", cfRequestDuration;dur=26.000023
source-length: 1441104
content-length: 52978
x-xss-protection: 1; mode=block
x-request-id: 4808d22c-67e8-4db8-9d90-5bccd4542faa
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 21 Oct 2022 15:57:38 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CDOuPMG%2FUebhzsPdkwA92Ll4GCFu%2BLTtRm39qVXp%2FNx1xe2wpXG57Z5RjBsgCnD2%2BKFf0T%2B8ASg0F1jXDwDxq2LlhDsxa2zDphN%2BT9teKUQ%2BteC0jLJReqeSm3uiZozEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/articles/PimpleCorrect_BlogCover_405x225_crop_center@2x.jpg>; rel="canonical"
cf-ray: 77de8da72f65d14f-BUF

GET
H2 200 275804512_991995628093575_3990688213722912334_n.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 92 KB
92 KB 149ms
112ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/275804512_991995628093575_3990688213722912334_n.jpg?crop=center&height=1050&v=1648137432&width=900

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6e590ad64ce2cc2ee480dce5e5bc057f240fdfbb29afdb74514b52bfb6d5578

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
server-timing: imagery;dur=341.052, imageryFetch;dur=97.847, imageryProcess;dur=242.533;desc="image", cfRequestDuration;dur=59.000015
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 93970
x-xss-protection: 1; mode=block
x-request-id: d86c9aed-d4f5-4064-a404-cbe4b0b4355a
last-modified: Wed, 21 Sep 2022 18:23:36 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2Fg53UvC3RUQSKYnq6L3VxUE43tKwrH1%2BXl%2BHtw3SHUSy%2FAw4DXiZUHUQyru0lHotaWQ74SCVN5SuOwrkSLThBxISYz%2FIy41vSX%2FNg4ppsVkvR17hKjbD3CIJwUFDkg3Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/275804512_991995628093575_3990688213722912334_n.jpg>; rel="canonical"
cf-ray: 77de8da72f66d14f-BUF

GET
H2 200 herocosmetics_275857600_329166572565050_65356543581173891_n_1.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 64 KB
64 KB 152ms
115ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_275857600_329166572565050_65356543581173891_n_1.jpg?crop=center&height=1050&v=1648137785&width=900

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71d7a40aa2044fa9a3f676862b422071a4039bfac7382830eb1ca388d2a3f5f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
server-timing: imagery;dur=334.502, imageryFetch;dur=34.609, imageryProcess;dur=298.618;desc="image", cfRequestDuration;dur=64.000130
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65368
x-xss-protection: 1; mode=block
x-request-id: 91d9d912-6c04-49ca-968e-70e235aa61df
last-modified: Wed, 21 Sep 2022 18:23:35 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ut1A0gmcqN%2FMkqooGPtvHMSJRBHQXgsBb%2Ft3CO7m2VbR3%2F1sAtWhmDOW8bJF7MKBnhB6OIduNGVByCp9uReeYj%2BllR6KrBVayPYkSGcHM9m7Claqbo5bFGN%2BNyQonHZ01A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_275857600_329166572565050_65356543581173891_n_1.jpg>; rel="canonical"
cf-ray: 77de8da72f67d14f-BUF

GET
H2 200 herocosmetics_275203304_1221289935069630_7225408283454160011_n_1.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 184 KB
184 KB 132ms
96ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_275203304_1221289935069630_7225408283454160011_n_1.jpg?crop=center&height=1050&v=1648147008&width=900

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e63b0b5797f443daa21f8a3b475838b1b70d06f11fff3c5ccb0b61d1920207e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
server-timing: imagery;dur=443.123, imageryFetch;dur=66.048, imageryProcess;dur=375.721;desc="image", cfRequestDuration;dur=47.000170
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 187938
x-xss-protection: 1; mode=block
x-request-id: 127e9372-3ec1-4b87-a367-1400ed895f3f
last-modified: Wed, 21 Sep 2022 18:24:58 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BRvFVYx%2Fop3ZI2j9Opnsny7BY7ZTZJhUoiJczmPfwiyigOxbTMR0g%2BJwCNv9osDvaYiGd9VjYVvO%2B2y7icw46GTgUgKJFG6LbszbEZsSyZsoH0JRmM6bkaG7ZfUBXhR9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_275203304_1221289935069630_7225408283454160011_n_1.jpg>; rel="canonical"
cf-ray: 77de8da72f68d14f-BUF

GET
H2 200 herocosmetics_272126301_306354371461926_3761431074551762719_n_1.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 48 KB
49 KB 152ms
116ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_272126301_306354371461926_3761431074551762719_n_1.jpg?crop=center&height=1050&v=1648146693&width=900

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92c73725d5bc1aa420d784cb8f94e47a97d88d92fb9dd35c8f4b0d0ebc10226b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
server-timing: imagery;dur=305.334, imageryFetch;dur=46.948, imageryProcess;dur=257.466;desc="image", cfRequestDuration;dur=60.000181
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49392
x-xss-protection: 1; mode=block
x-request-id: 4153826e-560c-4440-8a6e-9605b890a456
last-modified: Wed, 21 Sep 2022 18:23:35 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QviGkEZ3gxfZOTaH8G%2Bx3oOn5qLcbgl%2BT2RtRPrE%2BA5RgDZQD%2FRGHtzZliCxEJungkQMsgSCVo9csRerRUqRg4CqTN091Hz%2B8k%2FzcGHmxLlSqyGz%2FZf13lGgx%2BamcGbNiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_272126301_306354371461926_3761431074551762719_n_1.jpg>; rel="canonical"
cf-ray: 77de8da72f6bd14f-BUF

GET
H2 200 crop-1.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 140 KB
141 KB 145ms
108ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/crop-1.jpg?crop=center&height=1050&v=1648147845&width=900

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7de8f79e37b950cc12cc9960f9d13d4cbbbd233f6a5cd8c1e182f99bd35dd09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
server-timing: imagery;dur=223.001, imageryFetch;dur=30.763, imageryProcess;dur=191.708;desc="image", cfRequestDuration;dur=56.999922
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 143276
x-xss-protection: 1; mode=block
x-request-id: e8b34236-d62f-43bf-a241-693d9e4f5aa5
last-modified: Fri, 26 Aug 2022 04:31:30 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEPNNBgnIpM0YGE9vQPhAMNDK002DMpjP%2BthTCHj9UDLWberIUC3g%2FrDPSDjmjYNLebLwelWJJaC0S2%2FFsO%2F8sC8mPeGnfmL8w80XHjlZ5zjevX5PsAGNbrbPOpphoY2CA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/crop-1.jpg>; rel="canonical"
cf-ray: 77de8da72f6cd14f-BUF

GET
H2 200 herocosmetics_274865042_879901836095549_3380481613797102789_n.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 88 KB
89 KB 154ms
118ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_274865042_879901836095549_3380481613797102789_n.jpg?crop=center&height=1050&v=1648146854&width=900

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0ec2654df2dec28cab9d72cfab24d859437b31f249b6b4bc59d9524ed50a700

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
source-type: image/jpeg
server-timing: imagery;dur=262.079, imageryFetch;dur=72.342, imageryProcess;dur=188.992;desc="image", cfRequestDuration;dur=69.999933
source-length: 160789
content-length: 90572
x-xss-protection: 1; mode=block
x-request-id: 48d3f1b8-ff16-4ffa-8e47-769c441847c6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Nov 2022 19:27:32 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKCu9VXmK7nJyxPiyEfmBofhO%2BnSx%2Bisip1FDWNBlgDChuiFXu3WuLdid7kQ7NwiKMtoVXcPcvpqT0PB%2Bfd4nhgR%2BFy%2FFUzO53SUGjxzbluve8%2F5f2JWYe8UttmdeUzInQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_274865042_879901836095549_3380481613797102789_n.jpg>; rel="canonical"
cf-ray: 77de8da72f6fd14f-BUF

GET
H2 200 herocosmetics_274291210_809685763325666_7436456071077810597_n_1.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 79 KB
80 KB 152ms
116ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_274291210_809685763325666_7436456071077810597_n_1.jpg?crop=center&height=1050&v=1648146205&width=900

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d05d6e5b8847d394f0b26caba3c3c5317edcec55191be2e39ec87e415c0eb7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
server-timing: imagery;dur=327.708, imageryFetch;dur=75.274, imageryProcess;dur=251.581;desc="image", cfRequestDuration;dur=65.000057
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81264
x-xss-protection: 1; mode=block
x-request-id: f4e9349d-e781-4ba4-8306-5613711e4a76
last-modified: Wed, 21 Sep 2022 18:23:35 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6hRUuSyiXot6UPzZaRpEIh0%2BRKMSLroyTLcxAvNXhkvyvwBRN0Hqm6F4b5E3Kp9QZNJD1QFl8CSVfXa0WTukkFKgGUPc0Q%2Fp2wpClLgYlZfsGE1hlGiGNptKcAkHaBzVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_274291210_809685763325666_7436456071077810597_n_1.jpg>; rel="canonical"
cf-ray: 77de8da72f70d14f-BUF

GET
H2 200 diaryoftroubledskin-crop.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 128 KB
129 KB 142ms
106ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/diaryoftroubledskin-crop.jpg?crop=center&height=1050&v=1648147829&width=900

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8efd3c7c2ad8a6b456c3fe4ef380ca8b33a4a4af49508c6743fc92485d08e261

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
server-timing: imagery;dur=280.778, imageryFetch;dur=78.501, imageryProcess;dur=201.448;desc="image", cfRequestDuration;dur=49.000025
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 131354
x-xss-protection: 1; mode=block
x-request-id: 7c630b8a-5250-4e71-8ccf-cbd91c9a0f75
last-modified: Fri, 26 Aug 2022 01:45:03 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6joyaAf2a5oLcOez3WIqmby0nMfTwB8eorm3NDfrALvCdOVVgBhhTWWaWrp7UYrnCfOPnz6pnXOD5W%2B1aJtf1N7r1F6luEqKmV3IuPptqB7YYW7vwVpOt0mSNdfi6Z1FIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/diaryoftroubledskin-crop.jpg>; rel="canonical"
cf-ray: 77de8da72f71d14f-BUF

GET
H2 200 274893775_659954745339959_3691540086849253164_n.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 32 KB
32 KB 155ms
119ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/274893775_659954745339959_3691540086849253164_n.jpg?crop=center&height=1050&v=1648146952&width=900

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

261cc90415a3077eda2f7c769513467ad7d241fa26445bf4ffec0a14edcf1d4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
server-timing: imagery;dur=364.840, imageryFetch;dur=47.355, imageryProcess;dur=315.198;desc="image", cfRequestDuration;dur=72.999954
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32688
x-xss-protection: 1; mode=block
x-request-id: c6927cd0-560d-4ae4-9d24-c8e2c2c2c4ac
last-modified: Wed, 21 Sep 2022 18:23:35 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRf7kmKnevNbTvi0aiSPQQKc%2FGm%2FylTBne9q%2FS3dHbbRa%2Fqx1c6KKgUXusVyNYfZ2SomXOM159KmHaOUphUXRwrJX3FOGUgcAkF4ZsiNRbAK9A5fRtNJnxbgw5A3EsPQ%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/274893775_659954745339959_3691540086849253164_n.jpg>; rel="canonical"
cf-ray: 77de8da72f72d14f-BUF

GET
H2 200 herocosmetics_275496296_330599989022576_2251371116151356866_n.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 233 KB
234 KB 154ms
119ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_275496296_330599989022576_2251371116151356866_n.jpg?crop=center&height=1050&v=1648147071&width=900

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e64430d7f1d5cb609dacf1e69de8c7a1ea96ba2e8aaf7ae3fdb0066db19eff70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
server-timing: imagery;dur=320.674, imageryFetch;dur=26.670, imageryProcess;dur=292.372;desc="image", cfRequestDuration;dur=70.999861
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 239056
x-xss-protection: 1; mode=block
x-request-id: 6c434934-c90c-4452-837c-dabc35d67b71
last-modified: Wed, 21 Sep 2022 18:23:35 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2PWFq83aoxQR13LQd8TAfTIa%2F3eq3z0QHzMKA3JhPGOVImi3cQXwv3%2BUMOSlfcj06f8jxkK5yc44PEi9%2FpKdLgPqj7RJ1TkKeMifOdGF20VO1R78y32L3Uls0M2Cx%2FbuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_275496296_330599989022576_2251371116151356866_n.jpg>; rel="canonical"
cf-ray: 77de8da72f73d14f-BUF

GET
H2 200 herocosmetics_276021107_1590040644702645_5834393267442674502_n.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 159 KB
160 KB 150ms
115ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_276021107_1590040644702645_5834393267442674502_n.jpg?crop=center&height=1050&v=1648146155&width=900

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae4751396e573ac3ac5afdcf3d577a4c8c9d81bfd4bd4fb2429e5e9d65808db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
server-timing: imagery;dur=301.371, imageryFetch;dur=28.051, imageryProcess;dur=272.566;desc="image", cfRequestDuration;dur=59.000015
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 163266
x-xss-protection: 1; mode=block
x-request-id: a5184fe7-b5ee-4f15-9c6c-5966ae0f0758
last-modified: Wed, 21 Sep 2022 18:24:58 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSYMPPRWeNx%2BZjvyHClgNWsTMtddX%2Bfh79jH9TPGAsJ%2BEwu5RhGLgagfFRWizetrvIeP9Muvgk6JOMOIfAmPLHDhcMZnzm61vlZmYBSWHvasORC6Aq7UrSAfbpv6%2FWPPCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_276021107_1590040644702645_5834393267442674502_n.jpg>; rel="canonical"
cf-ray: 77de8da72f74d14f-BUF

GET
H2 200 herocosmetics_274450156_1333994780399754_6651114145079250639_n.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 109 KB
110 KB 129ms
95ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_274450156_1333994780399754_6651114145079250639_n.jpg?crop=center&height=1050&v=1648146757&width=900

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c92af1252d19c76635a97a62804d760e62efc45894210d93c123bbccb720c963

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
server-timing: imagery;dur=350.978, imageryFetch;dur=61.613, imageryProcess;dur=288.483;desc="image", cfRequestDuration;dur=46.000004
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 111712
x-xss-protection: 1; mode=block
x-request-id: 7ecdb9f5-c103-46a9-959e-5347d72ff56b
last-modified: Wed, 21 Sep 2022 18:24:58 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fq2mMJdqpQMWCHDBigMv0tYaylVEmpF2exd0Fl1i6p5YqBRJl%2BKcYLrw1%2FzvJ1EYrEVZfsZI0I0sAWI611PITv4QhL6Vy49%2FKdMhZ8%2BYKPX0rhHqyh8nTPXok%2B%2F%2FBrkEYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/herocosmetics_274450156_1333994780399754_6651114145079250639_n.jpg>; rel="canonical"
cf-ray: 77de8da72f75d14f-BUF

GET
H2 200 icon-exclamation-error.svg
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 783 B
937 B 88ms
54ms Image
image/svg+xml 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/icon-exclamation-error.svg?v=125836360076035891871658515535

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3dbb230b9c333a39405f7dc4115a91bb3dcae67f68c76ac5c81451dc2f4ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 493216
content-encoding: br
source-type: image/svg+xml
server-timing: imagery;dur=86.145, imageryFetch;dur=84.419, imageryProcess;dur=0.105;desc="image", cfRequestDuration;dur=26.000023
source-length: 783
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 4c70f95a-c577-45b8-a79f-2de6f2b8baff
last-modified: Wed, 30 Nov 2022 00:47:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LtfoMadKc0zelschqSDkFyRD8067KaZRh94KTObaPeofBEb1QB025DfbWR7f4vH8Rh4fgM3iDl1zwa5153fGzgy%2FXFmRjtMZNnqFrysV7MNQtZH1N95dmxBAlpDPQvb6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/icon-exclamation-error.svg>; rel="canonical"
cf-ray: 77de8da72f77d14f-BUF

GET
H2 200 icon-arrow-right-black.svg
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 489 B
953 B 108ms
75ms Image
image/svg+xml 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/icon-arrow-right-black.svg?v=168596361644200279161658515524

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c718e6c04604e704e210624d400222cd989eb140a8b7ff479ced4f7c116e96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 493216
content-encoding: br
source-type: image/svg+xml
server-timing: imagery;dur=63.977, imageryFetch;dur=63.278, imageryProcess;dur=0.053;desc="image", cfRequestDuration;dur=32.000065
source-length: 489
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: ced64f5e-838d-46e3-a3fd-8da2ee15be57
last-modified: Mon, 28 Nov 2022 15:11:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxzTIS4a%2FlljMaIiNdOae%2FN4ZfC4Wnm6OTwQJhZh25VqLGFqq7zTSoEq7Ns%2BY%2B%2Bv8vmVCtyq1i2vwh0KezMuEAiA0HvX3NF1kkrUvYwcG43zfmCtFL9XQdWAefDl3a%2Bdng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/icon-arrow-right-black.svg>; rel="canonical"
cf-ray: 77de8da72f78d14f-BUF

GET
H2 200 free-shipping.svg
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 445 B
809 B 87ms
55ms Image
image/svg+xml 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/free-shipping.svg?v=50331232950071775371658515501

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b3a311e463360814d373ee4ebd1f7ed7f2168953f50b409c5f0115d9bfe89e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
age: 3832706
content-encoding: br
source-type: image/svg+xml
server-timing: imagery;dur=66.968, imageryFetch;dur=65.800, imageryProcess;dur=0.111;desc="image", cfRequestDuration;dur=26.999950
source-length: 445
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 4b1d5c6d-fb66-4a01-89e1-6befa9c500f0
last-modified: Sat, 29 Oct 2022 15:28:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXU6H6alD180%2BQWpkeXqkYlUqKYY6rlt2uxHkiObgMynw4iq2l69zZUAVcTp3D0LpN4xasr3%2BDoQ5MRqMf6bG4ddm97DCYyJ4gvjuEZgYQm9uhR2GqBcnFz%2F%2FWYoTEhsBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/free-shipping.svg>; rel="canonical"
cf-ray: 77de8da72f7ad14f-BUF

GET
H2 200 icon-coin-yellow-md.svg
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 647 B
936 B 114ms
82ms Image
image/svg+xml 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/icon-coin-yellow-md.svg?v=132818892914967492141658515533

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fa4fd1e31aabb8a3ff5f8bbaae61c86fcb33566abfc08a3b9ff473eaff624d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
age: 61026
content-encoding: br
source-type: image/svg+xml
server-timing: imagery;dur=88.541, imageryFetch;dur=86.479, imageryProcess;dur=0.223;desc="image", cfRequestDuration;dur=33.999920
source-length: 647
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3a5a2b74-5134-4625-85c8-b7203186818c
last-modified: Fri, 11 Nov 2022 23:05:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38J89s8ywv8VxhSU%2Bh%2B%2BQD36XJCvaviTTs1SurIo4UujeT7hO2d9A04P28gaimpJmaP9gOpCFoYRcxof7op59zk7snemdwzZq0m5%2F6Z3RWZIN2Vc9dXxKOjPtW5bglYd%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/icon-coin-yellow-md.svg>; rel="canonical"
cf-ray: 77de8da72f7bd14f-BUF

GET
H2 200 icon-exclamation-warning.svg
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 783 B
903 B 85ms
53ms Image
image/svg+xml 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/icon-exclamation-warning.svg?v=38343817876479156491658515536

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ebbd916b6c322597da4b1ac0ef4bbbf04d00339cfc619424a99f929b69e608e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 493216
content-encoding: br
source-type: image/svg+xml
server-timing: imagery;dur=67.146, imageryFetch;dur=65.947, imageryProcess;dur=0.060;desc="image", cfRequestDuration;dur=26.000023
source-length: 783
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 154b16b0-067e-46f8-9a60-d4675c1c5696
last-modified: Wed, 30 Nov 2022 08:00:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4KiTSVTzBSS1kavRyUjzDoIq2g5dNHnt8ZdMF31hqicCw75zAI%2FFLNLIRGkRmY7ZJL8WrHN3LFzh6ipIMM2w56affIILU%2BlMZO5JJyjCz%2Fefaqfs%2FDnFim%2BgtmlYGniNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/icon-exclamation-warning.svg>; rel="canonical"
cf-ray: 77de8da72f7cd14f-BUF

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.0/ 61 KB
22 KB 70ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.6.0/gsap.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ed6cb466bd654fe36c57faacb1c88ad4e2793087431d6ffc5366961a4c978f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6180067
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22265
last-modified: Tue, 12 Jan 2021 06:17:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ffd3ef5-f398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WslzrH4ttc9oTiidzs%2BtJZtfO75bLJlMYSBGRVCc8pel1PEsEALiBOt8wrh%2Fqdas4msCXpfEGTH0msFyH92xBqKA54iQLdW9M%2B4bRxKXdnxSfCnmF5fcMatSJsv1MCzt0sOUdhpEdNd8Vy6cCt%2BAk%2BB8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77de8da6cf18d14f-BUF
expires: Wed, 13 Dec 2023 05:03:53 GMT

GET
H2 200 swiper-bundle.min.js Show response
unpkg.com/swiper@6.6.2/ 141 KB
39 KB 738ms
681ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@6.6.2/swiper-bundle.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb23842e002864729d3e39cf25f636f55d6fce297c0154dd6b54d1f5b815d671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GMYNVH41RZ7GH5WXW3D5P3N7-lga
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
server: cloudflare
etag: W/"233d7-mZelZ23GqQ/jYOpc8MQCKmqF0Cg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 77de8da71f1cd153-BUF

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/ 2 KB
1 KB 75ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3242911
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 701
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-653"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stFusq3M8KM80EQyf%2BmAwUi17ZZNlnyUiuKF69zUIgNaEf58%2FnxUCsvXnraaWyMhxeA5IKHC4z4tJBZH5D0%2FDZV7FWTJvdATzpIWPhOCaaaMXI%2F3dmhqgc2ljkdCGGUBOxynGtAxQLm2IcIXuhc22Y46"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77de8da71f40d14f-BUF
expires: Wed, 13 Dec 2023 05:03:53 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 86 KB
31 KB 93ms
50ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/jquery-3.4.1.min.js?v=160737389985263990141658515577

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
age: 3832706
content-encoding: br
server-timing: imagery;dur=105.967, imageryFetch;dur=105.784, cfRequestDuration;dur=19.999981
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6c49570e-76e0-4704-b9e7-8e6cffb40c81
last-modified: Thu, 13 Oct 2022 03:23:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDoYyduY2plBQdPoOO0fJv70MHvvCGtre4u%2ByEaOyW3vrGA6th1c%2B3vrwRN9iJjUeh5WLvFsyjX2tOOEJxCASevQDklUTmE8gbifNfeAF3topObXu3g9GRVICQbFPPSCMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/jquery-3.4.1.min.js>; rel="canonical"
cf-ray: 77de8da71f41d14f-BUF

GET
H2 200 api.jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/themes_support/ 6 KB
2 KB 92ms
49ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/api.jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 6155902
content-encoding: br
server-timing: imagery;dur=17.149, imageryFetch;dur=16.982, cfRequestDuration;dur=19.000053
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9ef5eef7-df87-4932-9fd4-5fa40238eab6
last-modified: Fri, 26 Aug 2022 03:20:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cKNYt7cahicn7UGhJCEyzJD9WQ4dA4p784YiqlDHvyo2VaPHW8lTrAABs4W3sDM5efwFqyD6juKSxJebxEd1GrTZDQ1J9Nhai5Xd506Bn3pZEn3akajjN%2BpHReDE3J%2Fag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/api.jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f.js>; rel="canonical"
cf-ray: 77de8da71f43d14f-BUF

GET
H2 200 modernizr-2.7.1.min.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 9 KB
5 KB 92ms
50ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/modernizr-2.7.1.min.js?v=97979361732255975071658515601

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

107dad5add93781ddf6c4562cc6da3dbe5b406bab97930e43df6d6c17a99af26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 551304
content-encoding: br
server-timing: imagery;dur=70.120, imageryFetch;dur=69.965, cfRequestDuration;dur=20.999908
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0104e87a-ab4a-484b-979b-804bd3d6ba5b
last-modified: Sun, 27 Nov 2022 15:36:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BkCTQqqX3NO21XCCMOq2sR6sasiXPbNnBbrBnZ%2B35OnTfFNqUlZKkmh1fuJ1CKAGb0clCGtTD%2B5hKf31ShZue43Zolwh982GXkTli5yY1ChxXgIAZjJV9uM8UMr1gHsvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/modernizr-2.7.1.min.js>; rel="canonical"
cf-ray: 77de8da71f45d14f-BUF

GET
H2 200 plugins.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 59 KB
21 KB 90ms
47ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/plugins.js?v=99302838158046610501658515616

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c1f834752683967bf996e815982a89f13ea9612fa18a72f4971644be1258148

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 105653
content-encoding: br
server-timing: imagery;dur=88.601, imageryFetch;dur=77.302, cfRequestDuration;dur=16.999960
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 03cf24b4-b9f8-486c-8a75-c17e6a86e372
last-modified: Mon, 28 Nov 2022 05:05:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0apS0bvp8DTMSBF%2FhU8qSHtUUYW7u%2BuaCtKtlyJKa45CYk0hdKJqs76eLGdf521AT5liJJN7H3VFxwtXXs00OrXZ9NKGTf7ltVzU4sJ0Ki4AhiUxMH1HDqlitRRLPIaIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/plugins.js>; rel="canonical"
cf-ray: 77de8da71f46d14f-BUF

GET
H2 200 vendorCritical.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 21 KB
9 KB 91ms
49ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/vendorCritical.js?v=102062581430303342181670283332

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d9c4f85111a1d10b4f86ffbd74c51382ea327c9992bc97c42ff9a078a60c904

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
age: 61026
content-encoding: br
server-timing: imagery;dur=42.323, imageryFetch;dur=34.750, cfRequestDuration;dur=18.000126
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: af6948c0-048e-4a77-9b17-0a0be6e36217
last-modified: Mon, 05 Dec 2022 23:35:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avQpNFNzlGGNOcE8jOO4V%2Fn%2B5F4Pi9cni03r4WNuV0Mn04nUaoS%2F1OysSnPKxzO7u7j7x4hXORTamCRiVO8BTfjnwNwKjvDGilG5ByaLG4FllnplzHamzrD4ChFJCR4y5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/vendorCritical.js>; rel="canonical"
cf-ray: 77de8da71f48d14f-BUF

GET
H2 200 mainCritical.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 92 KB
22 KB 97ms
55ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/mainCritical.js?v=74664074438506843371670286034

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2de04e74be9f4c55ad74db6b7011403222cb5796ae7b13be926f217996ed923f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
age: 551304
content-encoding: br
server-timing: imagery;dur=58.770, imageryFetch;dur=44.735, cfRequestDuration;dur=33.999920
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a75ed533-b3db-4259-913d-8b176bca0b04
last-modified: Tue, 06 Dec 2022 00:20:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rk0CSRPVRQBu24NFkCH7%2BUP1wpFSRnXNvlcVAQsnIdpg1FPUaKBFgrHYimhrjeoD4RHM%2FPtUHs6naq9CNBxNc4RjJwBHi%2BxjMZZ9IhcUh1IZJkDyrNxcFrTtU1NloXvpxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/mainCritical.js>; rel="canonical"
cf-ray: 77de8da71f49d14f-BUF

GET
H2 200 main.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 157 KB
46 KB 114ms
83ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/main.js?v=147444706580275682321670283344

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c7bccf7eba6d01aeec0a319f81fd378e6c6c082c3259bb5738a2a3d232a67a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
age: 551304
content-encoding: br
server-timing: imagery;dur=95.519, imageryFetch;dur=67.478, cfRequestDuration;dur=29.000044
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1fc9674c-d08f-4892-b1f8-9fc51b3b9cfe
last-modified: Mon, 05 Dec 2022 23:35:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9fExOUFUIpZQVyM05w8RDs1mJbQIhh6pPHfo9nyYM51E52AGA87EbzIzGXNDyvY7%2FWqG1ALoQbDsc%2BzCZQLYkRYu2%2BnAHMJoQBbCfpDnxxooMni5hmuZ2ZYuo94TmVrug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/main.js>; rel="canonical"
cf-ray: 77de8da72f7dd14f-BUF

GET
H2 200 vendorVimeo.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 19 KB
6 KB 94ms
63ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/vendorVimeo.js?v=156771078060041912431666632339

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75bc20505396e02571fd32b6e984a8c74824205d9232bf6814f2cf542127a445

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 551304
content-encoding: br
server-timing: imagery;dur=73.593, imageryFetch;dur=68.608, cfRequestDuration;dur=30.000210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c830ab02-8068-4e04-9709-ef6c2eb17c21
last-modified: Wed, 30 Nov 2022 00:47:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlrA0KgUzFFXttYTMvateKwYAgYcERzBTe7PU1aR4YmUT%2Bl9If0jKjD8sdzrfVZMqYd3LAfeI2Kvx%2FMOZpvu6BJvy8nMflC2V93Gcoddyn4fCA1fzKdMSZ3tWKZpom6h7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/vendorVimeo.js>; rel="canonical"
cf-ray: 77de8da72f7fd14f-BUF

GET
H2 200 home.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 186 KB
55 KB 112ms
81ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/home.js?v=139745653168895840811671227286

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53f4c02f21db0ad2365a255e5e5cf548eefbe07257e393925e2ce38ea98870fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
age: 507101
content-encoding: br
server-timing: imagery;dur=106.271, imageryFetch;dur=66.943, cfRequestDuration;dur=26.000261
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d09046ea-f063-455d-90bd-b726462e7eb8
last-modified: Fri, 16 Dec 2022 21:48:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t74%2Fmoxlj5l96c6NN93M0Csd8SXlTbC8KIIfBI4nZDGF7sG4YJ%2BwTJ7bIdL7H8rlem83Gg6PtR60Em1da%2BQdSETdzNGwKHVEDs%2FaJulLDUkfCi28tWakSXKaLAiZL%2FiVTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/home.js>; rel="canonical"
cf-ray: 77de8da72f81d14f-BUF

GET
H2 200 17095.js Show response
www.dwin1.com/ 34 KB
10 KB 97ms
23ms Script
application/javascript 2600:9000:2209:3800:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/17095.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:3800:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 394a48122c06d6b13a913f0e342af673a4afa87f1401742ee8f37dc32e1840b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: Vlf_co8HjbxBeuyi3xxhm7xLOSJF4_R4
content-encoding: gzip
via: 1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
date: Fri, 23 Dec 2022 05:00:02 GMT
x-amz-cf-pop: EWR53-P1
age: 269
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Dec 2022 11:19:57 GMT
server: AmazonS3
etag: W/"70482cad0625ee9f871b3ee38a1e5598"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: xshOIwkqXs_DcOAkRohEtmk8-dUeknhsHvDUjVNQ-qdQUgn9Ohwy6A==

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1 KB 130ms
14ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6aeaa1ba1cdb7f2e19db4f22b72abf3691ab99abc6a885eee4bf69a4f47b1fe5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 22832
x-cache: HIT, HIT
content-length: 920
x-served-by: cache-lga21939-LGA, cache-ewr18128-EWR
server: nginx
x-timer: S1671771834.529170,VS0,VE0
etag: W/"31d9531b974793ac241473c43c8185d1"
allow: GET, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 6

GET
H2 200 dtag.js Show response
cdn.attn.tv/hero/ 5 KB
3 KB 478ms
359ms Script
text/javascript 2600:9000:2120:ba00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/hero/dtag.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:ba00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a96c0f3d85a2dfc2c0f7a85e0fec1ccf780b3cf516c3372190138dfd22dde6a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: lfTGo4lJJi3xl5A3kiV1tkkg6axfqYn3
content-encoding: gzip
via: 1.1 d5da196526ff04114ed874cd3c0f9622.cloudfront.net (CloudFront)
date: Fri, 23 Dec 2022 05:03:54 GMT
last-modified: Thu, 13 Oct 2022 16:43:40 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
etag: W/"11a14dfc087feaedb628aa9df45dc163"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=120
x-amz-replication-status: COMPLETED
x-amz-cf-id: 5qbRQDmzwKM8oyTwBCjqohbVhITuVJpAZ3r9_QQSd3fczNKWSgu41g==

GET
H2 200 sms_aff_clicktrack.js Show response
static.myshlf.us/Affiliates/ 2 KB
1 KB 138ms
22ms Script
application/javascript 13.35.93.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myshlf.us/Affiliates/sms_aff_clicktrack.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-21.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6903d61b1cc414c444950c4aab5ceb178c35269902df7acf00057c3317098083

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 10:00:35 GMT
content-encoding: gzip
via: 1.1 6379820fbac3eca5570c58b520f7931e.cloudfront.net (CloudFront)
last-modified: Tue, 21 Dec 2021 16:46:02 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
age: 68599
etag: W/"d989db17a826565d651b1ae968c945ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Encoding, Content-Length
x-amz-cf-id: XJgbg-AfjpzuUyt09LFrllywDTwDIPW1tj3p3lDQHybDDCRzTdjDIA==

GET
H2 200 liveChat.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 14 KB
5 KB 91ms
62ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/liveChat.js?v=16147277381481935031670283326

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d7de020df5cc1901472d9d6c231bcb3dc142dd25abeea072f05bd38271a0f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
age: 551304
content-encoding: br
server-timing: imagery;dur=50.909, imageryFetch;dur=21.040, cfRequestDuration;dur=29.000044
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 4063afbc-d446-44cb-9c1b-bf3df02c478b
last-modified: Mon, 05 Dec 2022 23:35:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWNqqI8aOnf2a0o%2BfhbXZomLGfCxJN8uz7ZXkQjRRmXkRdfmUTZOBI645yZq0H5oZXA3hVa254BVj0YmJnmg5KD7RtTdbqKtx15866u6NwtGq3b1EYbLqDmnpIZopaogpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/liveChat.js>; rel="canonical"
cf-ray: 77de8da72f82d14f-BUF

GET
H2 200 trekkie.storefront.cfdeeb94260b8cba731334880e0cd9b5350eff24.min.js Show response
cdn.shopify.com/s/ 97 KB
22 KB 92ms
63ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/trekkie.storefront.cfdeeb94260b8cba731334880e0cd9b5350eff24.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10596cce5cac0968c665b820a7c3c8b9d46fc7cb41b90adf0a65d377199f36e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
age: 307470
content-encoding: br
server-timing: imagery;dur=55.565, imageryFetch;dur=55.335, cfRequestDuration;dur=27.999878
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: e15e4ce7-b9b1-43cc-8834-df1185244a9f
last-modified: Mon, 19 Dec 2022 15:39:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHT4n3PDc3ZLUgYrshgbk%2F9w4kv0IOFfpUZLjgxHUH%2FoIOw0p7Bqt2Rra%2F3tIoOXkDS8kk%2F1pxOjvEYFjS52r1PLrcamvUQAbYGHeb8IuBihBtOwyYA40cDSMkRKDqZafg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.cfdeeb94260b8cba731334880e0cd9b5350eff24.min.js>; rel="canonical"
cf-ray: 77de8da72f84d14f-BUF

GET
H2 200 shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/ 8 KB
4 KB 82ms
54ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
age: 684728
content-encoding: br
server-timing: imagery;dur=30.703, imageryFetch;dur=30.542, cfRequestDuration;dur=26.000023
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 40402333-84db-454d-b283-f74a55432bdf
last-modified: Fri, 02 Sep 2022 05:26:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b999F82B%2FJwblfC5J%2F6Lo1QWNLlZ%2Fa%2FjJ%2Fj4QtptY8qaGEusenPXuYtMHstPlh%2BAwjvVMiRggV1fOHr5lQxDXlLs1paSVz9wL%2FuENrmC7DIdET1fhSxPDgEd1YHmLF6eow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js>; rel="canonical"
cf-ray: 77de8da72f86d14f-BUF

GET
H2 200 shopify-boomerang-1.0.0.min.js Show response
cdn.shopify.com/shopifycloud/boomerang/ 58 KB
19 KB 25ms
7ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 684728
content-encoding: br
server-timing: imagery;dur=27.157, imageryFetch;dur=27.015, cfRequestDuration;dur=8.999825
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 76f6b80f-ab0d-4fe3-862a-3fcca323a82c
last-modified: Tue, 15 Nov 2022 20:15:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOY4X9%2FCRN8o13mCYVTsu87RJxbJ9msHi3OnNwexgd3wfwLAyn6pNYr7hX8HgCBl7c3BSbq2c2SdKSASTu6%2BdvDoKteJfACB5aB1gvEsUK23jMlexr%2F3uq46RSTgB8KaxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
cf-ray: 77de8da6cf1ad14f-BUF

GET
H2 200 browser.modern.js Show response
cdn.shopify.com/shopifycloud/web-pixels-manager/0.0.183/ 32 KB
12 KB 100ms
72ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/web-pixels-manager/0.0.183/browser.modern.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19a2d65e5727a1fb5fcea0f40c1eec98f74356d3714bb28e11a74ff340158db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 222392
content-encoding: br
server-timing: imagery;dur=96.573, imageryFetch;dur=96.257, cfRequestDuration;dur=29.999971
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f3841d99-f0e5-4388-96de-60d2584f17e4
last-modified: Tue, 20 Dec 2022 15:17:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVli6OWSomseaBBg079fr7K6QlQyo3BBWvspBF%2BML7mvwfaLIm6IsrDCuK2aGNsnF68rgPIbrSXUx44o%2FZWDbeiMrnWkBY7dXYzNsD9u9VoAdEQZlre%2BPfPZaCQ6UzviaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/web-pixels-manager/0.0.183/browser.modern.js>; rel="canonical"
cf-ray: 77de8da72f88d14f-BUF

GET
H2 200 FuturaPT-Book.woff2
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 40 KB
41 KB 62ms
35ms Font
font/woff2 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/FuturaPT-Book.woff2

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/home.css?v=176736038297017244231671227287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9102e7d07194ef0d231630e5acb69d75f2e44f6c48610aa0f8330fbb6fa2794b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/home.css?v=176736038297017244231671227287
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
age: 493166
server-timing: imagery;dur=61.136, imageryFetch;dur=60.918, cfRequestDuration;dur=22.000074
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41248
x-xss-protection: 1; mode=block
x-request-id: d7271748-3f31-4f14-bf2e-a63402301205
last-modified: Tue, 29 Nov 2022 09:44:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmsvvfHTn3YJ37LbBUcgtQGCJlCZDPkhbPGvz9Y7vx7%2B2Y6BkONLTwwiPyM%2F7GB%2B7e7BZdl1sjJ5L7bJUpYnvvTQ%2Fx%2FhITL%2BrhCak8zqcDShim4fEtflczIsP%2BHbXQYI0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/FuturaPT-Book.woff2>; rel="canonical"
cf-ray: 77de8da71bcdd163-BUF

GET
H3 200 FuturaPT-Demi.woff2
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 43 KB
44 KB 68ms
58ms Font
font/woff2 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/FuturaPT-Demi.woff2

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/home.css?v=176736038297017244231671227287

Protocol

Security

QUIC, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b79adf570b66bcd072b6f3ea35e760f7433030c083c686a08b6ba740f532098a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/home.css?v=176736038297017244231671227287
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
age: 493166
server-timing: imagery;dur=50.946, imageryFetch;dur=50.662, cfRequestDuration;dur=20.999908
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43869
x-xss-protection: 1; mode=block
x-request-id: 2746eaf5-2798-4561-b6c5-a9c33751104b
last-modified: Wed, 30 Nov 2022 08:00:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGNHIDuqFJCPJot%2BEbl8DePThGBq1oG3HvyIKBpCRXM71MkzYFNKsiWCAKBkUKfjzij8cNGPptaP0iq7dQklwxBDg8%2B%2FOnKoE%2BYpTN14vjBq5iO2Dg5oOmHMPjP1nirjlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/FuturaPT-Demi.woff2>; rel="canonical"
cf-ray: 77de8da71e8ed157-BUF

GET
H3 200 FuturaPT-Heavy.woff2
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 46 KB
46 KB 45ms
36ms Font
font/woff2 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/FuturaPT-Heavy.woff2

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/home.css?v=176736038297017244231671227287

Protocol

Security

QUIC, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d903a35a90276fed8d286f4de9f6ab44db076826cdb14a82d2e418aeb79b92ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/home.css?v=176736038297017244231671227287
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 493166
server-timing: imagery;dur=75.886, imageryFetch;dur=75.548, cfRequestDuration;dur=46.000004
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46800
x-xss-protection: 1; mode=block
x-request-id: 56123707-53cb-4a12-9d35-72a051b106be
last-modified: Wed, 30 Nov 2022 08:00:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAp%2F86awMdQWBOKRAsSGasQtG5CV7Ckx0Pn9Lpf6XdH%2Bt6Vn5vRCqWbUoO8N3jxp5C0Ro2p5ttgjlVZgHp0nfRLX5HhrNASbqeRBI7ru%2Fuoh02cRQBo%2BNOGDqgBFNo1ttw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/FuturaPT-Heavy.woff2>; rel="canonical"
cf-ray: 77de8da71e8cd157-BUF

POST
H3 200 produce_batch
www.herocosmetics.us/.well-known/shopify/monorail/unstable/ 0
862 B 138ms
109ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.cfdeeb94260b8cba731334880e0cd9b5350eff24.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east4,us-central1
server-timing: cfRequestDuration;dur=98.000050
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 95e8320c-fb5f-4696-92bf-212c8013c1d6
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0y%2F7rO92l6QEKwAz7vxqiUnuExZvRLnSANdGVnY3vK%2B56Oxm%2Fuju98fWieNkp%2Bl3rLKm4dLl%2FpyKoBmW9uzH2gf%2BUTU3yUNuJwsI3OIJp3cT0QkR%2B9Cshnv6b6SXlbvnpWtTYixM"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
cf-ray: 77de8da83e5ed15b-BUF
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
x-sorting-hat-podid: 41

POST
H3 200 produce_batch
www.herocosmetics.us/.well-known/shopify/monorail/unstable/ 0
893 B 94ms
72ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/web-pixels-manager/0.0.183/browser.modern.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east4,us-east1
server-timing: cfRequestDuration;dur=87.000132
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 003befd3-6471-41cf-a6c6-2737afbe154b
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PM1KvQdnatyqFLLj%2FA%2FZ4RxIrvMvLXCkoz0kOl50bafOliF7%2FyQ5yknLCnidP8VRmLSQhI60UKZ6%2BWyY3p3QI8MZbwX70JEBhWVIVqaFiF9LA0tnrJOjhetKMXzw7N3iQ1UylKu"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
cf-ray: 77de8da83e5cd15b-BUF
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
x-sorting-hat-podid: 41

POST
H3 200 produce_batch
www.herocosmetics.us/.well-known/shopify/monorail/unstable/ 0
857 B 93ms
72ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/web-pixels-manager/0.0.183/browser.modern.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east4,us-east1
server-timing: cfRequestDuration;dur=59.999943
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 8278b9da-2919-45b1-a633-2edc98ceb770
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BwQKtuudr9PbZz4%2B2b5p8vw03nJ%2BF9fx16A0t22RZuM%2FfCPlEHxSGv9rsQLT0sJ8AndIH4qJbY1w6qeYymONo8BB8brUsRpvSGkR8XCJw%2F5WsdtnzHetZ5YZiw8Zy06N3RmkeYW"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
cf-ray: 77de8da83e5dd15b-BUF
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
x-sorting-hat-podid: 41

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 127ms
40ms Script
application/javascript 23.44.237.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2R434VBHJVP7P6R4110&lib=ttq
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.cfdeeb94260b8cba731334880e0cd9b5350eff24.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.237.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-237-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: feec0f62dc8a5244e1423dbce90cbb7e1e67dacaa77bec775d916f28c4e327c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 7fa14315.718eb72
date: Fri, 23 Dec 2022 05:03:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-44-237-143.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 16,23.44.237.143
server-timing: cdn-cache; desc=MISS, edge; dur=4, origin; dur=12, inner; dur=4
content-length: 1153
pragma: no-cache
server: nginx
x-tt-logid: 20221223050353458109B3307612412490
x-cache-remote: TCP_MISS from a23-38-170-245.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.38.170.245
x-tt-trace-host: 018ade9c088af9ff703dde8fbc658637649d1e871d69304b5c94750c5329522ebb00b7b242daf4f9427bd1014213cc4c379fd9804683336b73ef9f189e15f29da11460a9e2d079860455a9d23e589ca47db0c220b022a6b40ae9e62435db3378fa9887749ffd7b4fd89d6e5d268e5b188b
expires: Fri, 23 Dec 2022 05:03:53 GMT

POST
H3 200 produce_batch
www.herocosmetics.us/.well-known/shopify/monorail/unstable/ 0
859 B 66ms
65ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.cfdeeb94260b8cba731334880e0cd9b5350eff24.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east4,us-east1
server-timing: cfRequestDuration;dur=53.999901
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 51b3bf4f-8fd7-4ba2-880b-cc3c2eb46dab
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLroxMGOT4mBtyWo%2F%2F4BnlO4oUOhtnnTWqKAII%2BudhOdEzEKNTHx%2BHP4mfKWAjo5AxSelXUzy54LhgfR6%2Bc%2B813s2d7RwvEiw1hTgDDDcQquOk0O9CWbW8e%2Flrko5IOxP87WLBc9"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
cf-ray: 77de8da85e79d15b-BUF
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
x-sorting-hat-podid: 41

POST
H3 200 produce_batch
www.herocosmetics.us/.well-known/shopify/monorail/unstable/ 0
859 B 70ms
69ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.cfdeeb94260b8cba731334880e0cd9b5350eff24.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east4,us-east1
server-timing: cfRequestDuration;dur=56.999922
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 9d45c696-10ff-4e80-bca0-e4dcf9b1340f
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szM9ClPFtmZsA1yrN5%2Fgp2yckPmM%2FNksJqjwQ6yfLqwHq4tpaIE5FwuZBh%2FvjL08LqZxJiapIu%2BeBDJmcvqpRD5U9aXs1kLkEUMkhGt8lJPWicFs%2FMBjQasDGL3zak%2F44kAy6Doz"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
cf-ray: 77de8da85e84d15b-BUF
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
x-sorting-hat-podid: 41

POST
H3 200 produce_batch
www.herocosmetics.us/.well-known/shopify/monorail/unstable/ 0
861 B 78ms
77ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.cfdeeb94260b8cba731334880e0cd9b5350eff24.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east4,us-central1
server-timing: cfRequestDuration;dur=64.999819
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 0801ba96-4210-4432-9d89-fe8103590f38
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FOWU7qod9dUL6PbBzyKDhPsSUklkGkSEitIbevNpcCRTBkNyJII80XwZpC9BvfX3uGL4%2FImRGBVvymPTlahuFgx%2FRw75rv4NuDgPgCkJW4wRIc9lz5faQYJYmY%2FFmuo9G%2FMvLc0"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
cf-ray: 77de8da85e86d15b-BUF
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
x-sorting-hat-podid: 41

GET
H2 200 analytics.js Show response
ssapi.herocosmetics.us/ 49 KB
22 KB 28ms
27ms Script
text/javascript 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssapi.herocosmetics.us/analytics.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:55:07 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Google Frontend
age: 4126
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: a826b26527b2b5c74e50be4d7cf9e6f4
cache-control: public, max-age=7200
content-length: 22555
expires: Fri, 23 Dec 2022 05:55:07 GMT

GET
H2 200 8804d440-d9dd-11eb-b8bc-0242ac130003
pixel.streetmetrics.io/pixel/ 44 B
44 B 175ms
105ms Image
image/gif 2606:4700:3031::ac43:aad3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.streetmetrics.io/pixel/8804d440-d9dd-11eb-b8bc-0242ac130003?gtmcb=168917789

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:aad3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEx%2FFpe7hxP3rdLp2dYaaVKB2tUwYaf7rpfzrLx9C%2FdUGT2f1oc1Q4qZ1K961TvuW51ClCQPi854G7gNaOwg%2BMHSx5QnX7QLcD8vcoszJJ4u5yzrLAWmnUmQJ6eveTKkJ%2B68Axs6uD0tzJd7SnTBHTnW%2Fci2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-ray: 77de8da95a898ca7-EWR

GET
H2 200 main.MWI1MTgwZGZmMg.js Show response
analytics.tiktok.com/i18n/pixel/static/ 240 KB
66 KB 26ms
26ms Script
application/javascript 23.44.237.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMg.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2R434VBHJVP7P6R4110&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.237.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-237-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 24b010578031707aaa171e8d3e14700e156a5d1b2b4050338ac87d10cb57f161

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 718ebe7
date: Fri, 23 Dec 2022 05:03:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20221220183417989C22128A9EF5CB880C
vary: Accept-Encoding
x-cache: TCP_HIT from a23-44-237-143.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01edbc3fe5e7ec5452eff57526cd7ea8539c89df1bc83eb098854d50bf9f89ed2ed77d9b4bc7ce4b21184a2f9cfb24b6b91b5d30cf3d0a16b637c50f768b42a960dc7f5ad011eb7d90854905593517a5253d00765c50c75be7550e2336ad12b6a7
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 67196

GET
H2

200

ga-audiences Show response
www.google.com/ads/
Redirect Chain

https://ssapi.herocosmetics.us/j/collect?v=1&_v=j98&aip=1&a=430110462&t=pageview&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Pron...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-102753205-1&cid=368312288.1671771834&jid=2065792563&_gid=1935258582.1671771834&gjid=1746520852&_v=j98&z=863098412
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-102753205-1&cid=368312288.1671771834&jid=2065792563&_v=j98&z=863098412

42 B
534 B

105ms
38ms

XHR
image/gif

2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-102753205-1&cid=368312288.1671771834&jid=2065792563&_v=j98&z=863098412

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 05:03:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 23 Dec 2022 05:03:53 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-102753205-1&cid=368312288.1671771834&jid=2065792563&_v=j98&z=863098412
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 366
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_13839.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 25ms
25ms Script
application/javascript 23.44.237.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_13839.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMg.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.237.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-237-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 718ec62
date: Fri, 23 Dec 2022 05:03:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202212201659338823368313A53CDA8C37
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-44-237-143.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d56d6ea08cc4dc83f25d12c16c6ba2f2172b0c0b998acc4b3bcf38067e789cf84e1caa8366f51e8b6d1a141bca57c77f95a4ee0e8fa618cf131be4b55fbd3221818724f92f17c27adf1a5a91f67fe1cfe7dcc895bb02d6c1b219ede4ebe74a60
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30793

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
553 B 49ms
49ms Ping
text/plain 23.44.237.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMg.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.237.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-237-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 05:03:54 GMT
x-akamai-request-id: 718ecc6
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20221223050353673FB0DB6EE3BC7A7C8E
x-cache: TCP_MISS from a23-44-237-143.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.44.237.143
x-tt-trace-host: 018ade9c088af9ff703dde8fbc658637641b35c8a48e42200679d30c28425638e65574732406f5de2cebc628ee8946c2c93401450af9db491dddc4fdd2484d8970618be43db7288ecaab3f15bf98ebe7820812735656287ebda49f0615c9e54fa4
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=4, origin; dur=23
content-length: 0
expires: Fri, 23 Dec 2022 05:03:54 GMT

GET
H3 200 gtm-suite.js Show response
shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/2.40.1/ 39 KB
12 KB 77ms
29ms Script
application/javascript 34.120.58.162
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/2.40.1/gtm-suite.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.58.162 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 162.58.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 12a830366ed648c938e9fd2984bfa14cdd221731a1c7569015818da8ade2ae1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 05:29:21 GMT
content-encoding: gzip
age: 603273
x-guploader-uploadid: ADPycduRvz97B-phgi-Ow448UcFeakCp_MN_dI3mxUzIR8KvQnbuQ3ttlZm8SVIHRNu0-3Cq4ahYOZ0nizaxtNE08BNNDCMVCxtr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12388
last-modified: Wed, 28 Sep 2022 11:21:59 GMT
server: UploadServer
etag: "2e294e3031f65c75dfd2852226cacae6"
vary: Origin
x-goog-generation: 1664364119132521
x-goog-hash: crc32c=uBc4CQ==, md5=LilOMDH2XHXf0oUiJsrK5g==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 12388
accept-ranges: bytes
expires: Sat, 16 Dec 2023 05:29:21 GMT

GET
H2 200 MPC_600x600.png
cld.accentuate.io/40451074916394/1669917240214/ 13 KB
14 KB 64ms
58ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/40451074916394/1669917240214/MPC_600x600.png?v=1669917240214&options=w_600,h_600
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15be3b31a001f8b2911a1ffebdce6a5ac1fb2f7566b8c6e339c91803d1a462de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Dec 2022 05:03:54 GMT
via: 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
x-twicpics-quality: 70
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 639551
x-amz-cf-pop: SFO53-P1, JFK50-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
server: cloudflare
etag: "SCOiyiyEg5BIaQoARpOgus6h6cpNmfqqaipgHGGcaBheidIoYQABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVJ"
allow: HEAD, GET, OPTIONS
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
content-type: image/webp
access-control-max-age: 3600
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-credentials: true
access-control-allow-origin: *
x-twicpics-options: resize=600x600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LRrvTVZIGlPgukEl28VAx6ci5TMJpDLEKAOMiMolKtEuMoOSnFtR0yUUO6kfWnA0uuW6SyqsOUVwX2mAzSCesj2Ms7cFssc8HYVwzzvpgBdVAQ0MZA1ULiEx0W8ZHv6H5d7OHTmYSg%3D"}],"group":"cf-nel","max_age":604800}
x-origin-cache: HIT
cf-ray: 77de8dabb843c452-EWR
access-control-allow-headers: *
x-amz-cf-id: RqPRGZEDKgoX7hKFRil82kXUzWQd6UAJGIIa8CVYV16tDoh9aLNHMA==

GET
H2 200 MPC_hover_600x600.jpg
cld.accentuate.io/40451074916394/1669917257591/ 15 KB
16 KB 62ms
56ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/40451074916394/1669917257591/MPC_hover_600x600.jpg?v=1669917257591&options=w_600,h_600
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5608047afe3c4bf276602d5ab431d87a7666a2cc224303bc22312a88d6492cf7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Dec 2022 05:03:54 GMT
via: 1.1 fdc88b576635a6d1858343ad162c44fc.cloudfront.net (CloudFront)
x-twicpics-quality: 70
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1495349
x-amz-cf-pop: SFO53-P1, JFK50-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
server: cloudflare
etag: "SCBi0iBpQFBISQoARgBQWcHpZwaNhtujhRFkZwHZuJmZpnbsE7ABQkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVJ"
allow: HEAD, GET, OPTIONS
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
content-type: image/webp
access-control-max-age: 3600
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-credentials: true
access-control-allow-origin: *
x-twicpics-options: resize=600x600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypqswYzRFTyfU8PVRXisW4xl8A8NASdS%2FVmJWsSHRlrpXECHp7pkuJww1im1siarEXrzLutWn5GlRA6Mb2nDAfadbaZD2w0gMDk2qUDZkm6BuMdu6QLmOwhbDhn5tV5dwukCVCrOJdc%3D"}],"group":"cf-nel","max_age":604800}
x-origin-cache: MISS
cf-ray: 77de8dabb84ac452-EWR
access-control-allow-headers: *
x-amz-cf-id: w2P8_rFV0MbdyOo7J4BnhNss-2d8WUPWSos-jT6S6tfg2TYFgThl7Q==

GET
H2 200 Thumbnail.png
cld.accentuate.io/40410082443306/1665603054090/ 5 KB
6 KB 40ms
34ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/40410082443306/1665603054090/Thumbnail.png?v=1665603054090&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62c126f651081b19ce1c6c116d3fed3549e8a35dbb2746eb96f0c31f70d182a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 3a80316ee74668c7049eb31054a07168.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-twicpics-quality: 70
age: 5739787
x-amz-cf-pop: SFO53-P1, JFK50-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
server: cloudflare
etag: "SCWm3iwE0pGIRgoARHKgifbemA4SqVmruYYYJSaxezuVeU7rISABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVE"
allow: HEAD, GET, OPTIONS
x-hw: 1665603057.dop032.ma1.t,1665603057.cds225.ma1.hn,1665603058.cds207.ma1.p
content-type: image/webp
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
access-control-max-age: 3600
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-credentials: true
x-rgw-object-type: Normal
x-twicpics-options: resize=600x600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfB3wQq4AOIZQvhxn9JQsDkDhNDfdCrxAbgBeDX%2B%2B%2FYmRW2Dg0GPovdqa6Ozm8nDkWQNtY82PMQWrc%2BICLd6uvRgQOGtice3E1tEJLyO31G95u7AG2jSyHucdKB7DGpQpQGNqYafpE8%3D"}],"group":"cf-nel","max_age":604800}
x-origin-cache: MISS
cf-ray: 77de8dabb84bc452-EWR
access-control-allow-headers: *
x-amz-cf-id: B-5t-eVb-PBkvAXyE70L6kaHZeTYXr00WaD-fl9W8hPHLmmxIDXsjQ==
access-control-allow-origin: *

GET
H2 200 Thumbnail_hover.jpg
cld.accentuate.io/40410082443306/1665603088687/ 26 KB
27 KB 64ms
58ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/40410082443306/1665603088687/Thumbnail_hover.jpg?v=1665603088687&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26a96740435268f27419c8831431e343526f3a9fc8529cbccecdc4d70867a88d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 3a80316ee74668c7049eb31054a07168.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-twicpics-quality: 70
age: 5739786
x-amz-cf-pop: SFO53-P1, JFK50-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
server: cloudflare
etag: "msSREFVZFUSEEAkmSFIop2NosBjLi0muirKAzjr6m&qMHwq0TGQBgUArc1GO&AXoVPlawsPKoePoQKGlTByDjHf8UW&OcHkulVTyc8RMxXzJ#XU"
allow: HEAD, GET, OPTIONS
x-hw: 1665603091.dop030.ma1.t,1665603091.cds201.ma1.hn,1665603091.cds027.ma1.p
content-type: image/webp
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
access-control-max-age: 3600
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-credentials: true
x-rgw-object-type: Normal
x-twicpics-options: resize=600x600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBf8P1fd8cvYREvbyaYXfiCk6yLfyKgkrxKW1pZf2NwjRLDABaZckcvHxz4pUQSFYuiNs4nTO8L0cWxCoJKmHyf5zBYcP8hf3zLAbIwbGu494mvUX9UdB4kk2pKQVoiFFA93CfP3gtQ%3D"}],"group":"cf-nel","max_age":604800}
x-origin-cache: MISS
cf-ray: 77de8dabb84cc452-EWR
access-control-allow-headers: *
x-amz-cf-id: 9O-P7XV6g3G1ZYRQMwUHO3ep-YSgaztnY34QCabgvOpBAKwR9sch7A==
access-control-allow-origin: *

GET
H2 200 Frame-34-(1).png
cld.accentuate.io/40386263875626/1665678622925/ 16 KB
16 KB 61ms
57ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/40386263875626/1665678622925/Frame-34-(1).png?v=1665678622925&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be60fba752a3a95d3260b9eb4a0290c70462248eb4670a08976ceba15275d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 a9a7890bd69fb04b587cd51baf217b1c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-twicpics-quality: 70
age: 5739736
x-amz-cf-pop: SFO53-P1, JFK50-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
server: cloudflare
etag: "SCWm3iwEwFRIOkoARSGQegZo4dF&hchticFvYKEtpRecih7uZAABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVE"
allow: HEAD, GET, OPTIONS
x-hw: 1665678625.dop209.ma1.t,1665678625.cds207.ma1.hn,1665678625.cds215.ma1.p
content-type: image/webp
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
access-control-max-age: 3600
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-credentials: true
x-rgw-object-type: Normal
x-twicpics-options: resize=600x600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTJkkp99faYlNSQQzTldN9Swv3P9Hoa2ZIVOf2DU42yZquYj3ka0GVIA7UB%2Bw1lCsCljTNmLYbk%2B8HwCXKxSLvtKfZNjpSF11vSCAHAF6agtLwIqZd0IpE38InahTHiBeoCkp8bCZYo%3D"}],"group":"cf-nel","max_age":604800}
x-origin-cache: MISS
cf-ray: 77de8dabb84dc452-EWR
access-control-allow-headers: *
x-amz-cf-id: nI8BWAmWAOv0KDXfcyxsRi6aLajgu06GpVU7ZbDWli68YBuSOSBlDw==
access-control-allow-origin: *

GET
H2 200 Thumbnail_hover-(1).jpg
cld.accentuate.io/40386263875626/1665678663283/ 23 KB
24 KB 62ms
58ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/40386263875626/1665678663283/Thumbnail_hover-(1).jpg?v=1665678663283&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea70115253dafc506ef27124ed7109f01ee1b374193ac7dc5b9cee03eeb8aa97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 8cdf4e2d4f4070992665477c4dbca0c0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-twicpics-quality: 70
age: 5739737
x-amz-cf-pop: SFO53-P1, JFK50-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
server: cloudflare
etag: "SCWm3iwE05RIGkoARABQaQ5WJBoBq5pjpqGn6841uAqiuVoq4AABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVE"
allow: HEAD, GET, OPTIONS
x-hw: 1665678665.dop039.ma1.t,1665678665.cds027.ma1.hn,1665678665.cds038.ma1.p
content-type: image/webp
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
access-control-max-age: 3600
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-credentials: true
x-rgw-object-type: Normal
x-twicpics-options: resize=600x600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1VNfcQLxqm%2BTieYNw%2BTjDgnioqxOeBELcEZsNZdMF%2BbCvHkB1R1AKaQb%2BsTr489UtoAEbOuy8O3iEsy8m%2BzGaIhsb9yScXz%2BIupTT%2Bu9Z6gHkfvimH%2FvVO2MsnYE9J41wMk8SlBbWQ%3D"}],"group":"cf-nel","max_age":604800}
x-origin-cache: MISS
cf-ray: 77de8dabb84ec452-EWR
access-control-allow-headers: *
x-amz-cf-id: tTmJXUJdUm-DykYXy3E19S-zQYuOEWmcPsos-nC2bfRkJkywl8he9g==
access-control-allow-origin: *

GET
H2 200 Product-Thumbnail.png
cld.accentuate.io/40383244435498/1662657757168/ 17 KB
18 KB 57ms
53ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/40383244435498/1662657757168/Product-Thumbnail.png?v=1662657757168&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ce6e86840c74dfbbdf33ece19eedb2ca3e0947b961a218c2380eb66e494e16a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 d3a2886dcf7e47b1e56baf628c69dc24.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-twicpics-quality: 70
age: 5944957
x-amz-cf-pop: SFO53-P1, JFK50-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
server: cloudflare
etag: "SCam3Swow5eISgoARRKgmoITH#GShreYSqJYnUZAuMhiRgYrEIABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVE"
allow: HEAD, GET, OPTIONS
x-hw: 1663620931.dop015.ma1.t,1663620931.cds228.ma1.hn,1663620931.cds039.ma1.p
content-type: image/webp
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
access-control-max-age: 3600
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-credentials: true
x-rgw-object-type: Normal
x-twicpics-options: resize=600x600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbR1z6ObUl%2B4YAgxl2%2FK4n5ufvFCVADrBvy5gOt5JzuPfM2XcssJcUZ%2BSTHLZhcI8mFcxIgixVpH4p2cvINpfORKyukGf9%2B30HvOc9l6BLspB00gwPt8HeBy2oELZ0RbX%2Bl5Jg%2BrZNQ%3D"}],"group":"cf-nel","max_age":604800}
x-origin-cache: HIT
cf-ray: 77de8dabb84fc452-EWR
access-control-allow-headers: *
x-amz-cf-id: QQGUnhTwCuGViuhNjn_DRhrzE_ypWJsX35A6HElgFuBzDd79KFBuTA==
access-control-allow-origin: *

GET
H2 200 Group-658.jpg
cld.accentuate.io/40383244435498/1662657776476/ 39 KB
39 KB 38ms
35ms Image
image/jpeg 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/40383244435498/1662657776476/Group-658.jpg?v=1663041040757&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b07ff94fa1dd7db283dc3ff180a06f310670a4ed723bfd5152cedcba511df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

age: 5831394
cf-bgj: imgq:85,h2pri
etag: "FDLJwxgiS8LSNKlQA3P8ICITIN0wezAjJsDiIPXPwIy0DsnlXzICwQVc1GG&AXpVLreCx9poTUEDmSkYGOH4sLsDuTavM3AzmZ5udoIs#iRD1S"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
x-hw: 1663620936.dop204.ma1.t,1663620936.cds211.ma1.hn,1663620936.cds027.ma1.p
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-headers: *
date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 45c692e896f6d5351f0f0a998ed4f588.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-twicpics-quality: 70
x-amz-cf-pop: SFO53-P1, JFK50-P2
cf-polished: degrade=85, origSize=342934
x-cache: Hit from cloudfront
x-twicpics-source: twicpics
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLvh%2FyrxjxPElBUjEetbnLWl6DHOgmzAqF2ag%2BjWNCqYYpYazkj8uIj00hwnjItEz30Lk1WVtyorsPwgdn9ag035dWFdWLDNEo9klfZq5OCEAk2IbckBe8NTgtNMUtQ9dzxn7zj7sAU%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
x-rgw-object-type: Normal
access-control-allow-credentials: true
x-origin-cache: HIT
cf-ray: 77de8dabb850c452-EWR
x-amz-cf-id: LMtrG-UtmFp8tY1C1OyX9AXshtiyhA3jv9njt5U_3EP1QbmAnUqzew==
timing-allow-origin: *

GET
H2 200 klaviyo.js
static.klaviyo.com/onsite/js/ 2 KB
1016 B 26ms
23ms Other
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6aeaa1ba1cdb7f2e19db4f22b72abf3691ab99abc6a885eee4bf69a4f47b1fe5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 22832
x-cache: HIT, HIT
content-length: 920
x-served-by: cache-lga21939-LGA, cache-ewr18128-EWR
server: nginx
x-timer: S1671771834.195299,VS0,VE0
etag: W/"31d9531b974793ac241473c43c8185d1"
allow: GET, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 7

GET
H2 200 session Show response
shop.app/pay/ 18 B
2 KB 124ms
91ms Fetch
application/json 23.227.38.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1&token=6ab22657-eb88-4a73-842b-97bafe37a04e&shop_id=21814481

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.33 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

checkout.shopify.com

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com; style-src 'self' 'unsafe-inline' blob: https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://.hcaptcha.com; connect-src 'self' https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://.hcaptcha.com; img-src 'self' https:; font-src 'self' https://cdn.shopify.com https://cdn.shopifycloud.com; object-src 'none'; frame-src 'self' https://.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' 'unsafe-inline' blob: https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com; connect-src 'self' https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com; img-src 'self' https:; font-src 'self' https://cdn.shopify.com https://cdn.shopifycloud.com; object-src 'none'; frame-src 'self' https://*.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=92.999935
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.herocosmetics.us
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Accept, Origin, Accept-Encoding
x-robots-tag: noindex
date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
p3p: CP="Not used"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18
x-xss-protection: 1; mode=block
x-request-id: 725a6571-4ee7-4a62-9bcd-8be4dd489fde
x-runtime: 0.006728
server: cloudflare
x-download-options: noopen
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSpfLEuBl8zPcAK%2FmXDQBYWwdLNl31QnoPyxKTr2BAp0yKdjNRLGHIApq0cSZM0uCabEzTD6Km%2FyJmOv6uxVIGM8%2FxNNUJYhVJy7KXXD4LAuo1QvvWf5WRJ%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 77de8dabfae8d153-BUF
x-sorting-hat-podid: -1

GET
H2 200 fender_analytics.42a910303762129b987c.js Show response
static-tracking.klaviyo.com/onsite/js/ 27 KB
11 KB 100ms
23ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.42a910303762129b987c.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55f20b9eda8fe8f548f84fdb1d55305871822fd4c047e431894513d79bd351b0

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 3uoP2mttpPOUARdp4efml6Pc5m5_bVca
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 23 Dec 2022 05:03:54 GMT
x-amz-request-id: GVJMDN3QM916A9S6
age: 22838
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 10696
x-amz-id-2: TVj4JadKocCV4h3NElq7oufjh6VUPmKs/RmMK3GsmHVEIEljMrEcW06e1Di1LhQKmT1Dja0y3h4=
x-served-by: cache-lga21954-LGA, cache-ewr18177-EWR
last-modified: Tue, 25 Oct 2022 15:47:53 GMT
server: AmazonS3
etag: "141ae207735ed4c2a3fb9ba628dca228"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 2, 18120

GET
H2 200 static.afc80bee31dc9e622dc1.js Show response
static-tracking.klaviyo.com/onsite/js/ 12 KB
5 KB 104ms
27ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.afc80bee31dc9e622dc1.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67813c96ecbb4719d73ebf150a39525b76d1f3294692a6dc8cb558dc90aab1e6

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: jO5CINofch2U3rpuRhEwzIKTUk198WIK
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 23 Dec 2022 05:03:54 GMT
x-amz-request-id: 8QKB1CHS4E49FXPS
age: 22838
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5321
x-amz-id-2: ZFZ8THkCuT87hlNdYT/1gE0cGMwUOTZwHkpxdf7ULnVqWD+3NU8uwHPgGM4vlbagxFgSA7mLY3o=
x-served-by: cache-lga21920-LGA, cache-ewr18177-EWR
last-modified: Mon, 05 Dec 2022 14:41:22 GMT
server: AmazonS3
etag: "9aa89eda5d828bf8fce2ee83e11483a0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 1, 18486

GET
H2 200 runtime.30e68e2f837e8367daad.js Show response
static.klaviyo.com/onsite/js/ 19 KB
8 KB 94ms
36ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.30e68e2f837e8367daad.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b21f45c13e91f186b5b0173adecab7eb82201bfa47935403b708c9db983e4e8e

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: eQVpQey7Zt3qGGNBX6RKuJGn8OJDpdKs
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 23 Dec 2022 05:03:54 GMT
x-amz-request-id: WW540PWV2QEPFGZB
age: 22831
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8052
x-amz-id-2: VXmlRBJUbblrFMtAkwAkQ0OAGhyQ/Jb3XHI8UyJ14W17rV9vM74fxofYXnaTQCrJDkU6912UZ3k=
x-served-by: cache-lga21943-LGA, cache-ewr18124-EWR
last-modified: Thu, 22 Dec 2022 22:43:07 GMT
server: AmazonS3
etag: "f774666fe6fdda63b86d669499953aeb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 1, 21333

GET
H2 200 sharedUtils.8e330a481a898580820e.js Show response
static.klaviyo.com/onsite/js/ 35 KB
14 KB 96ms
38ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.8e330a481a898580820e.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0b3bbc314d04833ccd1a9d2a7b3e54a7c4f241d809ce232912663cfd54b5989

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 1vaWzLXo3LJn4EPIpuaizHSYLXFCtXSR
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 23 Dec 2022 05:03:54 GMT
x-amz-request-id: 07RQ1SKYQC9BGT62
age: 22838
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 13973
x-amz-id-2: zrxt5s9eG5hLOhA2C9SGFtY+4gGIE1Dbl0eYknJz5xG94RuvESn/28nsIi4zND+20kFDzDdBZeo=
x-served-by: cache-lga21957-LGA, cache-ewr18124-EWR
last-modified: Wed, 21 Dec 2022 21:28:00 GMT
server: AmazonS3
etag: "17c5feeeb788f26ca30a007f725c3d2b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 1, 20492

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
7 KB 115ms
57ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=1f2cc95f-56d2-40f4-ac66-85995abfa13f

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/liveChat.js?v=16147277381481935031670283326

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: TFECPX72B25JEEMF
age: 35
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: lXHcRJeU/3dPSOe3VLhYdb+2i4TKns6PN9SP7xYpdhWvUzZv7vmtQuYNCHGg+oBxCXTAfYHYFFA=
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAISGVLopPqPZw95YeSS2ug1SkCd4oOCGpJ3uoZIsQUIVhxNLT5OXjFNKKPLr2wGPvg%2F7PbID4PTsvkJPzMIgCu1jDXI4fBdUMY1h4EKjx%2FRPBCKCRKOEfGbIDmb7%2Fo0s7bEfe0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 77de8dac4fbbe738-EWR

GET
H2 200 unified-tag.js Show response
cdn.attn.tv/tag/4-latest/ 88 KB
31 KB 24ms
24ms Script
application/javascript 2600:9000:2120:ba00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/hero/dtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:ba00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2f6f5e0956c629d78bd374f3a699c0ee1b7a892978fa73000220cf2a691cc6d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: CrnLkM8snQ6QBPADpzxeKMsB6a3EyvXM
content-encoding: gzip
via: 1.1 d5da196526ff04114ed874cd3c0f9622.cloudfront.net (CloudFront)
date: Fri, 23 Dec 2022 05:03:53 GMT
last-modified: Mon, 19 Dec 2022 18:02:42 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
age: 2
etag: W/"4446c749034a82161e913fd8e0fd96b2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=300
x-amz-replication-status: COMPLETED
x-amz-cf-id: 6grL21TEBcy7e-xS7Z4MFuIVLiu2VscYB3RHNFyhdnmW250VxJDlVA==

GET
H3 200 cart.js Show response
www.herocosmetics.us/ 283 B
2 KB 227ms
226ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cart.js?v=1671771834246

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ffdbe205607bc7c9933451f3db69240fc6a245954e39344dd1c234344085f7d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.herocosmetics.us/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east4,us-east1,gcp-us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=145, db;dur=120, asn;desc="20278", edge;desc="BUF", country;desc="US", cfRequestDuration;dur=213.000059
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: ca4a6751-7b96-4534-854a-22d9ba6a4ae1
x-sorting-hat-shopid: 21814481
x-shardid: 41
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 21814481
vary: Accept-Encoding, Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43WfR6XOwU0ZAFTneML7hAoqTjLNGWK3EHVIEJ8vpkcWV%2Br3YLId95ch5qxNORm1XLwt9CA8e7%2Bt%2FE%2BZJUoLOlCxzJQOa2G09p6jXvU6ajf3G3QpLISvqwo8cta%2B0%2BJPsTS0XJda"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-language: en
x-download-options: noopen
cf-ray: 77de8dac1969d15b-BUF
x-sorting-hat-podid: 41
x-cartjs-updatedat: 0

POST
H2 200 tpc
events.attentivemobile.com/ 0
522 B 97ms
53ms Ping
image/png 172.64.144.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.attentivemobile.com/tpc

Requested by

Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.144.208 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
content-type: image/png
access-control-expose-headers: Set-Cookie, X-Count, X-Token
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 77de8dacac1bd14f-BUF

GET
H3 200 cart.json Show response
www.herocosmetics.us/ 283 B
2 KB 88ms
87ms Fetch
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cart.json

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6098dc4573ef42b992dca9cd3d6d5d38f9f1d7242dea9d909822df2e4ee43bab

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east4,us-east1,gcp-us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=23, db;dur=8, asn;desc="20278", edge;desc="BUF", country;desc="US", cfRequestDuration;dur=74.000120
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a27150cc-9d6a-423a-8cd5-1d0305638d56
x-sorting-hat-shopid: 21814481
x-shardid: 41
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 21814481
vary: Accept-Encoding, Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzWBLRUn7pUDetvo30FH034bPbRJN49OZ9RAvpG8c5wnhkO5Da1tQG9CJgUdJkMKZlNbU7y9cVR%2BvGwYCu2nB4Mpa3ndnx3mcOvIVUjBhXN5EAwOFzGO1yrK2i5zaa6%2FyYMlqUNT"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
content-language: en
x-download-options: noopen
cf-ray: 77de8dac698dd15b-BUF
x-sorting-hat-podid: 41
x-cartjs-updatedat: 0

GET
H2 200 / Show response
hero.attn.tv/d/ 5 B
285 B 146ms
95ms Fetch
application/json 104.18.37.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hero.attn.tv/d/?attn_vid=3b1504b0d2d14dfaa0bbb21d382f8d39
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 5
cf-ray: 77de8dacbb91d153-BUF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 e
events.attentivemobile.com/ 0
268 B 77ms
41ms Ping
image/png 172.64.144.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.16.25_0f44fc934e&pd=https%3A%2F%2Fwww.herocosmetics.us%2F&u=3b1504b0d2d14dfaa0bbb21d382f8d39&c=hero&ceid=_ou&lt=1671771834293&tag=modern&cs=1832843638&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1671771834302
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/png
access-control-expose-headers: Set-Cookie, X-Count, X-Token
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cf-ray: 77de8dacac1cd14f-BUF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H2 200 shopify-event.gif
ssapi.herocosmetics.us/ 0
0 132ms
73ms Fetch
text/html 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssapi.herocosmetics.us/shopify-event.gif?source_url=https%253A%252F%252Fwww.herocosmetics.us%252F
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: application/json
Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
server: Google Frontend
access-control-allow-methods: *
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 5811a98e67925cad48303399e1b058ca
access-control-allow-headers: *
content-length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 79ms
23ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 23 Dec 2022 05:03:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: DCDReZWXtbHjwQCRu9yCmLQf+6jX3lfyXoQe6wxMhryv8ewLf6nEmP62SFfBu7oOQUjj5giXxtkQ/38Ovdch4Q==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 30 KB
13 KB 107ms
44ms Script
application/javascript 108.138.113.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-113-246.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4873b20f1a4561114f55aa1114e0bb530bd87e12054a8159446b4aff75c48c2b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
content-encoding: gzip
via: 1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 13268
x-amz-cf-id: 2aGtcXwqPISVv7kQ9w3jig4n83Gj4pAKRohja_U1o5YiHIKt3CPlzA==

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
993 B 28ms
27ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6aeaa1ba1cdb7f2e19db4f22b72abf3691ab99abc6a885eee4bf69a4f47b1fe5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 22832
x-cache: HIT, HIT
content-length: 920
x-served-by: cache-lga21939-LGA, cache-ewr18128-EWR
server: nginx
x-timer: S1671771834.330656,VS0,VE0
etag: W/"31d9531b974793ac241473c43c8185d1"
allow: GET, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 97ms
46ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D939QWJC76&l=dataLayer&cx=c&sign=3af9b173b452c51fabdbb0444917875b44f676617c4dc73ce064a0e4c9b18c41_20221223

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05dbba4c0da4390d07c99b71827d1b4fb3cc56c2735beaabf56c68407426c485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76354
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Dec 2022 05:03:54 GMT

GET
H2 200 hero.attn.tv.js Show response
cdn.attn.tv/growth-tag-assets/client-configs/ 0
383 B 65ms
65ms Script
text/javascript 2600:9000:2120:ba00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/growth-tag-assets/client-configs/hero.attn.tv.js
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:ba00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
via: 1.1 d5da196526ff04114ed874cd3c0f9622.cloudfront.net (CloudFront)
date: Fri, 23 Dec 2022 02:19:14 GMT
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
age: 9880
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: jeAa52uR4nJ4DRH-9gBaMG-2YJ4xXb5EFiG9HTKpCaP4_V765tHuJQ==

GET
H2 200 1f2cc95f-56d2-40f4-ac66-85995abfa13f Show response
ekr.zdassets.com/compose/ 333 B
1 KB 183ms
136ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/1f2cc95f-56d2-40f4-ac66-85995abfa13f

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

720daece3d5f5791f06a8501a77de82dfe8e001f8483e54a252a2c0ed4546759

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 77a432c93f768c2d-SEA, 77a432c93f768c2d-SEA
x-runtime: 0.003626
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"720daece3d5f5791f06a8501a77de82d"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmbuR4XfwFLZqBjeUi7SadM%2FXaACAsi7dl%2FTc%2BUiL5JtT5o2WkqKoTAS1XeczwwvBXjH8%2B4WYp6m6xNeO%2FMtL%2BmHcuaD9S7cLfpzsSY22KqXKb7dTOIClgouTyxsp475l6c%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
cf-ray: 77de8dad2f908ca8-EWR

POST
H2 200 unrenderedCreative Show response
hero.attn.tv/ 10 KB
3 KB 120ms
120ms Fetch
application/json 104.18.37.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hero.attn.tv/unrenderedCreative?v=4.16.25&r=&id=3b1504b0d2d14dfaa0bbb21d382f8d39&pv=1&l=https%3A%2F%2Fwww.herocosmetics.us%2F&w=1600&h=1200&ss_ref=ORGANIC&m=marketing&m=live-sms
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5be4cb6407605472802ae7cd3d9387d5ec3abcc26fe4cb59134ca23637226e1

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 29
cf-ray: 77de8dad1bdad153-BUF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 46ms
22ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 23 Dec 2022 05:03:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: pEEpsbpgV4f9sS+X+0S8vSGyLNZ0uMzxwGF9mzTycLexT30XPgHXGF092/2jv7kbYqp4Wbc76r21E0/WO8/J4w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 173724809895244 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 227ms
204ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/173724809895244?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42521eee84c607d6f0a3d0817f0de7306f62ddac61051fef2ae329e515f64269

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 23 Dec 2022 05:03:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: meNeP4mAUv7xTndpSoQAaipk18+N5Po/JQsdfrRhWZ438Av+HduTxWGuSS2JlZFjM4U0SG6NEzZ5K6pfrwS+Xw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 65CB 672 B
597 B 168ms
110ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=0470dae7-028b-4609-a07a-65a3ee776aed&u_scsid=19e37363-3eb1-4282-af09-6674b7b99150&u_sclid=5acbe442-18a7-4512-92e4-38af6374b2d6

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.herocosmetics.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: gzip
content-type: text/html
date: Fri, 23 Dec 2022 05:03:54 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 8

GET
H2 200 0470dae7-028b-4609-a07a-65a3ee776aed.js Show response
tr.snapchat.com/config/us/ 144 B
544 B 124ms
65ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/us/0470dae7-028b-4609-a07a-65a3ee776aed.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

32859cb3c34c68d8f442b8b0828a9665e80fc432b41c0369fa882524a8678b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.herocosmetics.us
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 p
tr.snapchat.com/ 68 B
603 B 127ms
68ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://www.herocosmetics.us
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 6
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

POST
H2 204 collect
www.google-analytics.com/g/ 0
350 B 86ms
35ms Ping
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-D939QWJC76&gtm=2oebu0&_p=430110462&cid=368312288.1671771834&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671771834&sct=1&seg=0&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&dt=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin&en=page_view&_fv=1&_ss=1&up.visitor_type=guest
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D939QWJC76&l=dataLayer&cx=c&sign=3af9b173b452c51fabdbb0444917875b44f676617c4dc73ce064a0e4c9b18c41_20221223
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 05:03:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herocosmetics.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 redemption_options Show response
loyalty.yotpo.com/api/v2/ 3 KB
2 KB 168ms
62ms XHR
application/json 52.3.115.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://loyalty.yotpo.com/api/v2/redemption_options?guid=A19H8vTS9KoU0V2U-uthxg&api_key=4QPV4PDV540793TlWEIItQtt

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.115.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-115-198.compute-1.amazonaws.com

Software

Resource Hash

35dd22adbb3af4edd1afc7ed231e640d1faac89acef89070cb15eb34555af4b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
ratelimit-reset: 6
via: kong/2.1.4
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=63072000; includeSubDomains
x-kong-proxy-latency: 1
x-ratelimit-limit-minute: 300
x-kong-upstream-latency: 32
x-ratelimit-remaining-minute: 283
ratelimit-limit: 300
x-xss-protection: 1; mode=block
x-request-id: 42df38d249ea4442d4915c84f041731c
x-runtime: 0.024917
referrer-policy: strict-origin
correlation-id: 50d50d7e-1bd2-4881-83de-339a2f17f6de
etag: W/"35dd22adbb3af4edd1afc7ed231e640d"
x-download-options: noopen
access-control-max-age: 7200
x-frame-options: ALLOWALL
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD, PATCH
access-control-allow-origin: https://www.herocosmetics.us
access-control-expose-headers
vary: Accept-Encoding, Origin
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-merchant-id,x-user-email,x-user-id,x-user-token,x-utoken,x-yotpo-token,authority,x-app-key
ratelimit-remaining: 283

GET
H2 200 index.html Show response
creatives.attn.tv/creatives-dynamic/multiPage/ Frame E48B 2 KB
1 KB 104ms
41ms Document
text/html 2600:9000:24f1:d200:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.attn.tv/creatives-dynamic/multiPage/index.html
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:d200:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f466c9faf6c5b75e2b13cd88f9dbb0822492943fdf00b16ebabcaddcad12c517

Request headers

Referer: https://www.herocosmetics.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-type: text/html
date: Fri, 23 Dec 2022 05:03:55 GMT
etag: W/"94b52944d57b152a8bf75481149d09c9"
last-modified: Wed, 07 Dec 2022 21:29:55 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
x-amz-cf-id: RD-tASUfFfjMzZ7ptjo3IQ_9J0MX5yXYE_Kq26-kZKmiEJ8FMU--3Q==
x-amz-cf-pop: JFK50-P4
x-amz-replication-status: COMPLETED
x-amz-version-id: rOgUfFn2Qm6FgIxK5qyp9FwHDqERsPDk
x-cache: RefreshHit from cloudfront

GET
H2 200 Thumbnail-hover.jpg
cld.accentuate.io/40419154001962/1666386602623/ 12 KB
13 KB 48ms
47ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/40419154001962/1666386602623/Thumbnail-hover.jpg?v=1666386602623&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cfd1950da0b54c601f7a23243f9f64becbd36512e64a630a631580c100faab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-twicpics-quality: 70
age: 5157790
x-amz-cf-pop: SFO53-P1, JFK50-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
server: cloudflare
etag: "SCSWwiQJQIGISUoARwOQuTpgYwp9Wdisqb7V6IFTuNirhlHuo0ABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVE"
allow: HEAD, GET, OPTIONS
x-hw: 1666386605.dop035.ma1.t,1666386605.cds217.ma1.hn,1666386605.cds213.ma1.p
content-type: image/webp
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
access-control-max-age: 3600
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-credentials: true
x-rgw-object-type: Normal
x-twicpics-options: resize=600x600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSwNvoC%2FblpoH0VRS1ClkX%2FfeiE6aAXP2ViW5fvFZy0LMt3rpmmqRw0zQjEZYU8w7A0KXBDWGZGhkMT5dVdGslVnEUr0HGmrnCJ0gAQdByNcM23nJDft6bDosl7Jh2QoEkch8cIbofA%3D"}],"group":"cf-nel","max_age":604800}
x-origin-cache: MISS
cf-ray: 77de8dadfbecc452-EWR
access-control-allow-headers: *
x-amz-cf-id: HwmkD5Ixpf7YdsnnZ5IYRJOxIfhdEg5Ocf_koM_oIll1Zd9EDERi-Q==
access-control-allow-origin: *

GET
H2 200 Thumbnail-hover.jpg
cld.accentuate.io/40419278913578/1666388386316/ 7 KB
8 KB 47ms
45ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/40419278913578/1666388386316/Thumbnail-hover.jpg?v=1666388386316&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f71564789d68c2b3642524ed261260f2b4b449d23f18d311af4f103bbaaf61c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 1ae294433a6f4b338a8136481c1a3232.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-twicpics-quality: 70
age: 5148179
x-amz-cf-pop: SFO53-P1, YUL62-C1
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
server: cloudflare
etag: "EMqeiNqwHEKpOmKgzhpGZimZnvlMedaFH2NRcBIFpwz6rgu1hqQBAUArc1GO&AXoVPlajmPKj2PoQKGlTByDjHf8UW&O8O8MLqml9&CG6rZ9fLi"
allow: HEAD, GET, OPTIONS
x-hw: 1666388389.dop212.ma1.t,1666388389.cds223.ma1.hn,1666388389.cds042.ma1.p
content-type: image/webp
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
access-control-max-age: 3600
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-credentials: true
x-rgw-object-type: Normal
x-twicpics-options: resize=600x600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qK%2FMrB7%2BQ3EQcj%2BHlakaTbD4gz8emseu3KoyXKh8xhnSfELCsrS7bOJwVcqwYM61b7a9iZSyi6cW7itazIzCSNlvffJSF1QyXlVWVXnxwuiFq%2FWRy1zdtHrY%2BJu8CHqg7u%2BKIbveQY%3D"}],"group":"cf-nel","max_age":604800}
x-origin-cache: MISS
cf-ray: 77de8dadfbefc452-EWR
access-control-allow-headers: *
x-amz-cf-id: wNZ_tKIX_pWVAq5M6bTstDazgZk0OwDHjvhpyLqjJlPBVFLKfYHV4g==
access-control-allow-origin: *

GET
H2 200 MPNS_hover_600x600.jpg
cld.accentuate.io/39723595399210/1643139260596/ 45 KB
46 KB 56ms
55ms Image
image/jpeg 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/39723595399210/1643139260596/MPNS_hover_600x600.jpg?v=0&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c0f3d3e27a428a3f2b4a38459f68924fbf754692f6a1deea19ba8f2ae561d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

age: 4982859
cf-bgj: imgq:85,h2pri
etag: "SCKWwmT4E5RISUoAR9Oomvok7dahuMSohhHY4spSiUurmm7rnqABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVE"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
x-hw: 1661204346.dop204.ma1.t,1661204346.cds018.ma1.shn,1661204346.dop204.ma1.t,1661204346.cds014.ma1.p
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-headers: *
date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 db82ddc02f317cd7d03bb2c60ec7cd58.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-twicpics-quality: 70
x-amz-cf-pop: SFO53-P1, BOS50-C3
cf-polished: degrade=85, origSize=380078
x-cache: Hit from cloudfront
x-twicpics-source: twicpics
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Hr5AeGSgoh5F9PxQF45wm%2FvRTvUnla2aCsNAy67jQntpB1ywEifJfQ1yhowB3Qe1%2Bfz1l4KLK9CGNCF2NlP33LzApbV2jH7TvShfiJAxeXH11%2BTyg2%2FCarI%2BOHiIQP5StwUWYAHQdE%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
x-rgw-object-type: Normal
access-control-allow-credentials: true
x-origin-cache: MISS
cf-ray: 77de8dadfbf1c452-EWR
x-amz-cf-id: Z00ujw-900qgqlu3bp_hzHewUpt1wsTUXJk0tAOC26mmDTVsopNE8A==
timing-allow-origin: *

GET
H2 200 CC-Bundle_thumbnail_hover.jpg
cld.accentuate.io/32307634536490/1643135552866/ 20 KB
21 KB 50ms
50ms Image
image/jpeg 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/32307634536490/1643135552866/CC-Bundle_thumbnail_hover.jpg?v=0&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b0fb774cc026ebb0e1542583941a34fd3de8ea289f2374ecf997fc8ac7c543d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

age: 1231279
cf-bgj: imgq:85,h2pri
etag: "SCRi0WAY0ICIeQoARAGQmjYj7lFruShXWi6s6WG0RNmgRcZv5qABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVJ"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
x-hw: 1660639410.dop018.ma1.t,1660639410.cds218.ma1.shn,1660639410.dop018.ma1.t,1660639410.cds032.ma1.p
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-headers: *
date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-twicpics-quality: 70
x-amz-cf-pop: SFO53-P1, JFK50-P2
cf-polished: degrade=85, origSize=185181
x-cache: Hit from cloudfront
x-twicpics-source: twicpics
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zoa85fRXCo5WYskQJyUjJFNcAAbGIRu%2FYQyOg0HwOAbiT%2FGFz7WWQLYHZzCRciixMqT5Z30AaKjoSvx1tjNOxlMX%2BtmTuvEVeOZfUjB%2BPFWWvWkdrkvvKjuMt4g0b1wZbWY04qfHLo%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
x-rgw-object-type: Normal
access-control-allow-credentials: true
x-origin-cache: MISS
cf-ray: 77de8dadfbf2c452-EWR
x-amz-cf-id: 5J4VZVJ_OSqj15Oul_C1VSJSITToxs2G9zskK-wIy0uI4kU0tFZ7rw==
timing-allow-origin: *

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 65CB 30 KB
13 KB 28ms
27ms Script
application/javascript 108.138.113.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=0470dae7-028b-4609-a07a-65a3ee776aed&u_scsid=19e37363-3eb1-4282-af09-6674b7b99150&u_sclid=5acbe442-18a7-4512-92e4-38af6374b2d6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-113-246.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4873b20f1a4561114f55aa1114e0bb530bd87e12054a8159446b4aff75c48c2b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 23:50:57 GMT
content-encoding: gzip
via: 1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
age: 18777
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 13268
x-amz-cf-id: 5mA2WMaLoyObEYK9ifxluf8LfvLTlVPinh1SswzejyIqVPhx5mYJ2Q==

GET
H2 200 css
fonts.googleapis.com/ Frame E48B 2 KB
1 KB 98ms
36ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed&display=swap

Requested by

Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5c0d8c6f0568e8560693747afafd5fe765d9e25f69ce330c67c148499ac1f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 05:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 04:39:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 05:03:54 GMT

GET
H2 200 vendors~main.6f4ead79.chunk.css
creatives.attn.tv/creatives-dynamic/multiPage/static/css/ Frame E48B 3 KB
2 KB 28ms
26ms Stylesheet
text/css 2600:9000:24f1:d200:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.attn.tv/creatives-dynamic/multiPage/static/css/vendors~main.6f4ead79.chunk.css
Requested by: Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:d200:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a201b919964032a52a3d2c3365bd5cafdc2acf12ed71cd2f9905627ad105fc9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 11:22:41 GMT
x-amz-version-id: 6fmJdvruUG3Bjv6jAB51kCm.7wBllYPs
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 17:15:16 GMT
server: AmazonS3
via: 1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
etag: W/"f2e89e15952289b66a3d98f0126da40a"
age: 7580474
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-id: _xJCShUaArM29pm6-1bBCfDpdEJoGkeoMhwHV4N7dqRxRP08HJLQSA==

GET
H2 200 main.dc50fff3.css
creatives.attn.tv/creatives-dynamic/multiPage/static/css/ Frame E48B 603 B
1011 B 29ms
27ms Stylesheet
text/css 2600:9000:24f1:d200:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.attn.tv/creatives-dynamic/multiPage/static/css/main.dc50fff3.css
Requested by: Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:d200:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4c8707a21faede7e4474c7b3a23aeeafddd74d1a69cbcef62f005880b5eb856

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:05:12 GMT
x-amz-version-id: 0Yqi4VeB8gDwz2XEOC_aPW611Rz29JAk
via: 1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
last-modified: Thu, 15 Sep 2022 15:05:12 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 8517523
etag: "14f13c792bab1a63bd64c0501efe669f"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 603
x-amz-cf-id: YtigDxqqdeGUZ6JLJo8EDn1kN3SQ8GjabRw6PB_lwjedJwbGcBbG_Q==

GET
H2 200 vendors~main.b490dad7.chunk.js Show response
creatives.attn.tv/creatives-dynamic/multiPage/static/js/ Frame E48B 186 KB
62 KB 32ms
30ms Script
application/javascript 2600:9000:24f1:d200:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.attn.tv/creatives-dynamic/multiPage/static/js/vendors~main.b490dad7.chunk.js
Requested by: Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:d200:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1742fab3a7f1a5f6b12082ec95ddd6e20a8af6d458257d724f9a8fb0721e71ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 21:34:30 GMT
x-amz-version-id: sAkM6YCeFyvMmOgnu2DE1ubZKur_A4aH
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 21:34:30 GMT
server: AmazonS3
via: 1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
etag: W/"78177da77fefef3710750a047a8c3e76"
age: 4865365
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-id: dIBws68tDe7DOBhI04Mwv2qMmSYRTTGIx4axd4haUOi2nLCxmipK4w==

GET
H2 200 main.ab618d5e.js Show response
creatives.attn.tv/creatives-dynamic/multiPage/static/js/ Frame E48B 263 KB
88 KB 59ms
58ms Script
application/javascript 2600:9000:24f1:d200:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.attn.tv/creatives-dynamic/multiPage/static/js/main.ab618d5e.js
Requested by: Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:d200:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edfe95afa2d0d9c0c4720583ac6f59f3a6ac4d290ecc809f928bf7da208642b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 21:29:56 GMT
x-amz-version-id: 8Oi6C7K3FOoRwmmzq2YKNOKmIT6aNZA8
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 21:29:56 GMT
server: AmazonS3
via: 1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
etag: W/"060fe596be83132df7e53885287ceef7"
age: 1323239
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-id: qKAPJ2ImKmdkW38nOwn9rFf9wC7ORAKbWwlmmw0nmE4CTE34If1dGQ==

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame BF24
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1671771834669&u_scsid=281179b2-9ee9-4952-880b-a27dd5057a5c&u_sclid=380043be-b559-4bf7-820e-1ce15a0250b5
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1671553281278%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1671553281278%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1671553281278&pnid=140&pcid=af627b69-7ed3-48a8-9e69-ea95ba2d104e

0
18 B

71ms
70ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1671553281278&pnid=140&pcid=af627b69-7ed3-48a8-9e69-ea95ba2d104e

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Fri, 23 Dec 2022 05:03:54 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 13

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 23 Dec 2022 05:03:54 GMT
location: https://tr.snapchat.com/cm/p?rand=1671553281278&pnid=140&pcid=af627b69-7ed3-48a8-9e69-ea95ba2d104e
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 87ms
22ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=173724809895244&ev=PageView&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&rl=&if=false&ts=1671771834707&sw=1600&sh=1200&ud[external_id]=99d4d0320a0f58376762c8d39ed2b07ca17c1fe698147626264c516f6c420ede&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671771834706.692153022&it=1671771834420&coo=false&eid=91b38c54-85b8-4817-ba5c-9ab5de352b36&rqm=GET

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 23 Dec 2022 05:03:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 Hero._d6051518.png
creatives.attn.tv/hero/ Frame E48B 2 KB
2 KB 53ms
53ms Image
image/png 2600:9000:24f1:d200:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.attn.tv/hero/Hero._d6051518.png
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:d200:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13fa0eded544054d76bd240d9976e4b9f797d086b1d36ce2d4913b4599403533

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: w3YzKPifA4EsvYtr5U6XGUx6STRtaAZK
date: Fri, 23 Dec 2022 05:03:55 GMT
via: 1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 22:23:42 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
etag: "007b58cb129723b00249c7e9e296e29e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1833
x-amz-cf-id: tKh9SUZ-hsEyvfdq2QthYI8eQh7E-CrI4CphRX3p1_7f0AXTKrYhPA==

GET
H2 200 Attentive_%20400x600_Desktop-min_26d8b188.jpg
creatives.attn.tv/hero/ Frame E48B 61 KB
61 KB 40ms
40ms Image
image/jpeg 2600:9000:24f1:d200:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.attn.tv/hero/Attentive_%20400x600_Desktop-min_26d8b188.jpg
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:d200:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6887a2286d88728e719a05b580184e0209b8cb5033976613d45a2f33f380a880

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/creatives-dynamic/multiPage/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: b6m8cDcEezSPSP5PWN.2hsCorqLVulQB
date: Fri, 23 Dec 2022 05:03:55 GMT
via: 1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 22:23:36 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
etag: "4d66a0549089e1c4312d8461346b54b2"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 62216
x-amz-cf-id: 8DpzHQKxLxWLOMkJK-Y_Mpos_QCnbL7d_Ajd4Lmip_rhWHY22ks1BA==

GET
H3 200 css
fonts.googleapis.com/ Frame E48B 9 KB
829 B 82ms
39ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/static/js/main.ab618d5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

753d234d418eaf200a5f4469b47767d0a178fdb837d1b51c92ed361306bc1490

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 05:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 05:03:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 05:03:54 GMT

GET
H2 200 web-widget-framework-80d26f4cc026ac520e65.js Show response
static.zdassets.com/web_widget/latest/ Frame FC44 152 KB
49 KB 61ms
60ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1f2cc95f-56d2-40f4-ac66-85995abfa13f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10e0bc796486e3eb556f27262fd40ad9cd4b34541ba022b3a44ec8816d64210

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:54 GMT
x-amz-version-id: BijG1SZtZft6iu4XfUmwnaVs.g5q2jvS
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: F6CB52DZA54ZX898
age: 611929
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: DZgozer/MPdd3QKcyEsxcyjkUqaSZBMIH3/jqlGKs5D76kkbio714jSihd4NfD9MuX3aOdQU23M=
last-modified: Wed, 14 Dec 2022 15:41:53 GMT
server: cloudflare
etag: W/"34fbbf22dcbdf81917dd5b3e02a125e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnRAvV%2B6%2B1rl59Q5d446ARTh3h6uVCKSGztfcv67vAVUjKEXfu7bI1HQfT8hvCtWAajJ5nF%2Ffj40Rw5GKe%2FzMZ8iAEQGXelodT8vDR92bqrsQJzArLkhLXs8bWa5MZ677XbKgTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 77de8db009b8e738-EWR
expires: Thu, 14 Dec 2023 15:41:52 GMT

GET
H2 200 92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v14/ Frame E48B 26 KB
26 KB 73ms
21ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://creatives.attn.tv
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 08:18:12 GMT
x-content-type-options: nosniff
age: 247543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26304
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:29:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:18:12 GMT

GET
H2 200 c4ml1n92AsfhuCq6tVsaioBd-Q.woff2
fonts.gstatic.com/s/kumbhsans/v12/ Frame E48B 30 KB
30 KB 91ms
40ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kumbhsans/v12/c4ml1n92AsfhuCq6tVsaioBd-Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b2d0cbb68f699b93854f9ecfe945428a66c439340416ee9d7fb8ee465fc727a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://creatives.attn.tv
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:57:52 GMT
x-content-type-options: nosniff
age: 201963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30224
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:05:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 20:57:52 GMT

GET
H2 200 c4ml1n92AsfhuCq6tVsaioBd-Q.woff2
fonts.gstatic.com/s/kumbhsans/v12/ Frame E48B 30 KB
30 KB 102ms
52ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kumbhsans/v12/c4ml1n92AsfhuCq6tVsaioBd-Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b2d0cbb68f699b93854f9ecfe945428a66c439340416ee9d7fb8ee465fc727a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://creatives.attn.tv
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:57:52 GMT
x-content-type-options: nosniff
age: 201963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30224
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:05:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 20:57:52 GMT

GET
H2 200 widget.js Show response
staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/ 443 KB
115 KB 128ms
41ms Script
text/javascript 2600:1400:9000:281::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.js?shop=tbate.myshopify.com

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:9000:281::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c60446989f32efc1da025fa61ee19c870ccb20cf33684a3fe17461514046eee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=14
content-length: 117240
x-xss-protection: 1; mode=block
x-request-id: 01220558c23b28c66c6aba7fef0069ed
x-runtime: 0.042610
etag: W/"f31c8dabd4ada6a3e2062e860be05137"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: public, max-age=3867
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1021 B 24ms
20ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q&shop=tbate.myshopify.com
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6aeaa1ba1cdb7f2e19db4f22b72abf3691ab99abc6a885eee4bf69a4f47b1fe5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 22833
x-cache: HIT, HIT
content-length: 920
x-served-by: cache-lga21939-LGA, cache-ewr18128-EWR
server: nginx
x-timer: S1671771835.018942,VS0,VE0
etag: W/"31d9531b974793ac241473c43c8185d1"
allow: GET, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 9

GET
H2 200 A19H8vTS9KoU0V2U-uthxg.js Show response
cdn-loyalty.yotpo.com/loader/ 1 MB
149 KB 104ms
28ms Script
text/javascript 2600:1400:9000:2ab::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-loyalty.yotpo.com/loader/A19H8vTS9KoU0V2U-uthxg.js?shop=tbate.myshopify.com

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:9000:2ab::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0e9c0d3f62edff921ee689cd45a66a5a51046add332cceebab89e2043a051dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ratelimit-reset: 1
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-permitted-cross-domain-policies: none
x-ratelimit-limit-second: 10000
x-kong-proxy-latency: 7
x-ratelimit-remaining-second: 9999
x-kong-upstream-latency: 917
date: Fri, 23 Dec 2022 05:03:55 GMT
ratelimit-limit: 10000
content-length: 151763
x-xss-protection: 1; mode=block
x-request-id: bd5f4e91a8ad99f37fe98378df612a8d
x-runtime: 0.831841
referrer-policy: strict-origin
correlation-id: 7bddd2dd-fded-497b-a4ec-410c4de40c73
etag: W/"0e9c0d3f62edff921ee689cd45a66a5a"
x-download-options: noopen
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: private, must-revalidate, max-age=0
access-control-allow-credentials: false
access-control-allow-origin: *
ratelimit-remaining: 9999
access-control-allow-headers: *

GET
H3 200 tracking_script Show response
cdn.shopify.com/proxy/335f4c414d516db4c89925c19ceb3d99535fe9e70fa66a3189949192c13886b0/bingshoppingtool-t2app-prod.trafficmanager.net/uet/ 639 B
1 KB 77ms
73ms Script
application/x-javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/proxy/335f4c414d516db4c89925c19ceb3d99535fe9e70fa66a3189949192c13886b0/bingshoppingtool-t2app-prod.trafficmanager.net/uet/tracking_script?shop=tbate.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c14c7d89d2f50cfddff9e5ab56ce377d0ca5ff385e2a6a22809235253f6e6dc5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
content-security-policy: default-src 'none'; sandbox;
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1,gcp-us-east1,us-central1
content-encoding: br
content-disposition: attachment
server-timing: cfRequestDuration;dur=1664.999962
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d916cb30-12ef-4587-bea4-543d56349d6e
last-modified: Fri, 23 Dec 2022 04:58:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7evzAa9t%2FmYxLyiQdJjRprVpRLVcD3vVz0VNKL8jD0R5nM0CwD2b2feMmwL0DmjaY68dissUPhXbT9pomulL8D%2FXgPfy%2BwOa3%2Bd%2FM0Djdaltozh3X9550MLiYzk436ppNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600
timing-allow-origin: *
cf-ray: 77de8db0ddc4d15f-BUF

GET
H2 200 online_store_script.js Show response
d275fvz7g8rvo.cloudfront.net/tbate.myshopify.com/ 3 KB
3 KB 102ms
23ms Script
text/plain 2600:9000:21dd:600:1:d5ae:c900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d275fvz7g8rvo.cloudfront.net/tbate.myshopify.com/online_store_script.js?shop=tbate.myshopify.com
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:600:1:d5ae:c900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 218d1d3dc7c9a5f392d9a4300ad39d5528f90f94519c5b4c88db24acb5c6be16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:03:02 GMT
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Fri, 11 Mar 2022 17:49:00 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 7254
etag: "aa5bd6eead5ab94bbda383b9c2a590bd"
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 3045
x-amz-cf-id: UjgICX7Svd5CX9geHG3x7JjaTn-yx4pBEacde0VMcWL1liB3lSOhbg==

GET
H/1.1 200
OK quiz-loader.min.js Show response
pc-quiz.s3.us-east-2.amazonaws.com/current/ 2 KB
3 KB 147ms
47ms Script
application/javascript 52.219.108.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pc-quiz.s3.us-east-2.amazonaws.com/current/quiz-loader.min.js?shop=tbate.myshopify.com
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.108.202 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 81ebf0e633fdfe21f33576abf495d4b1f03849ce2ff33558825ee148b48c2242

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-version-id: nolg2tGvJJ6LBBSqCobxCHVQ5vDbcxxb
Last-Modified: Tue, 22 Mar 2022 13:21:14 GMT
Server: AmazonS3
x-amz-request-id: 0J1RHZ1MR0JK25YP
ETag: "9dce8788e2ca2584dc3be449a2422b51"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2182
x-amz-id-2: 5XksuSoMdqDvJAvJkaN1OGRkDFzZbevvp7WF627W3HCA+xkiCPKlFLE7PdJiO7WTcuKCx8mePUo=

GET
H2 200 10967_1652154506.js Show response
app.backinstock.org/bis/widget/ 104 KB
27 KB 97ms
37ms Script
text/javascript 2606:4700:e4::ac40:a41c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.backinstock.org/bis/widget/10967_1652154506.js?v=6&shop=tbate.myshopify.com

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a41c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f63b10627a44bea8b1f6cd036199803a0420bbfe49db576ff1eb9acf229e1dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 1207019
content-encoding: br
p3p: CP="Not used"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 364d4c77-c210-4816-8193-227b420544f8
x-runtime: 0.113864
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 10 May 2022 03:48:26 GMT
server: cloudflare
etag: W/"29535966ce326a424b6d5bcb815891d3"
x-download-options: noopen
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yug5A5NDQbbxRDS466S6pwD7b%2BgDvD3PFoAjtBA1Ijp1IT8Pjfb3S39AGTm2Fxy8r%2BD5vTBbXzbCBuQwK%2F6AprFKFh2bblCvywmTvSKH6HrSfw%2BXKkJrkMZ5M4Y2%2B%2FxBNwI3ZKTi17EkQr7b4fFjvUsq"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=2629746
cf-ray: 77de8db13a098c33-EWR

GET
H2 200 script.js Show response
geolocation-recommendations.shopifyapps.com/locale_bar/ 94 KB
22 KB 138ms
99ms Script
text/javascript 185.146.173.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation-recommendations.shopifyapps.com/locale_bar/script.js?shop=tbate.myshopify.com

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fbefaa011d86dd14671cad611414a3487f160d359f3e06e81667ddc4107468a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.shopifycloud.com cdn.shopify.com geolocation-recommendations.shopifyapps.com; style-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com; img-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com data: ; font-src 'self' cdn.shopify.com cdn.shopifycloud.com data: ; frame-ancestors *.myshopify.com geolocation-recommendations.shopifyapps.com admin.shopify.com; object-src 'none'; media-src 'self' cdn.shopify.com cdn.shopifycloud.com; base-uri 'none'; upgrade-insecure-requests; connect-src 'self' sessions.bugsnag.com notify.bugsnag.com monorail-edge.shopifysvc.com country-service.shopifycloud.com wss://argus.shopifycloud.com shop.app cdn.shopify.com geolocation-recommendations.shopifyapps.com; frame-src 'self' shopify-geolocation-proxy.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.shopifycloud.com cdn.shopify.com geolocation-recommendations.shopifyapps.com; style-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com; img-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com data: *; font-src 'self' cdn.shopify.com cdn.shopifycloud.com data: *; frame-ancestors *.myshopify.com geolocation-recommendations.shopifyapps.com admin.shopify.com; object-src 'none'; media-src 'self' cdn.shopify.com cdn.shopifycloud.com; base-uri 'none'; upgrade-insecure-requests; connect-src 'self' sessions.bugsnag.com notify.bugsnag.com monorail-edge.shopifysvc.com country-service.shopifycloud.com wss://argus.shopifycloud.com shop.app cdn.shopify.com geolocation-recommendations.shopifyapps.com; frame-src 'self' shopify-geolocation-proxy.com
cf-cache-status: BYPASS
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=11, socket_queue;dur=3.885, util;dur=0.1, cfRequestDuration;dur=99.999905
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
x-request-id: 33efff7b-0114-429d-a1f9-95cad110d319
x-runtime: 0.011015
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"2fbefaa011d86dd14671cad611414a34"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UpdzMf2Ik0UI%2BTlW7MhSaTFPy1EpNT4ka609PIiYlEjYOYMlwxx70Huxkb4Atm5095q%2BWqEPj2EQcWHd17%2BR5RuEn00UpXEecfx7SO0z%2FPsuhHN5NUCdlFQ6uWyNFw0KryHMgKAkCcxKFO6CFqnyQy%2BePs7b%2Bot0Bv%2B5CM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, private, must-revalidate
cf-ray: 77de8db11d20d157-BUF

GET
H2 200 dtag.js Show response
cdn.attn.tv/hero/ 5 KB
3 KB 23ms
20ms Script
text/javascript 2600:9000:2120:ba00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/hero/dtag.js?shop=tbate.myshopify.com
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:ba00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a96c0f3d85a2dfc2c0f7a85e0fec1ccf780b3cf516c3372190138dfd22dde6a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: lfTGo4lJJi3xl5A3kiV1tkkg6axfqYn3
content-encoding: gzip
via: 1.1 d5da196526ff04114ed874cd3c0f9622.cloudfront.net (CloudFront)
date: Fri, 23 Dec 2022 05:03:54 GMT
last-modified: Thu, 13 Oct 2022 16:43:40 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
age: 2
etag: W/"11a14dfc087feaedb628aa9df45dc163"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=120
x-amz-replication-status: COMPLETED
x-amz-cf-id: l4v_CzwA83YefV1F1hbx8fZLy8oZqrR8D79xUpIuvwLY228qdtwwJA==

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 103 B
286 B 83ms
21ms XHR
application/json 38.91.101.241
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?fields=49167&key=nmUIK7SePDARHLU
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.101.241 New York, United States, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: us-ny-1.pro.ip-api.com
Software: /
Resource Hash: 68cecf0433d28f8f5e1d6d73d38a379ae6cbe9f73eeb84f729dd41214eef9b8f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.herocosmetics.us
Date: Fri, 23 Dec 2022 05:03:55 GMT
Content-Length: 103
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK oembed.json Show response
vimeo.com/api/ 1 KB
2 KB 154ms
105ms XHR
application/json 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/api/oembed.json?url=https%3A%2F%2Fvimeo.com%2F778141303&id=778141303&background=true&width=600&height=600&responsive=true&quality=720p

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d3a8d1a0728be4c411660905ca0410408ca9a571a05c22197db1a5341e3f5c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-varnish-cache: 0
Date: Fri, 23 Dec 2022 05:03:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Content-Encoding: gzip
Age: 0
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-vserver: webproxy-rollout-prod-varnish-4
Content-Length: 662
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
X-Served-By: cache-iad-kjyo7100174-IAD, cache-lga21959-LGA
last-modified: Fri, 23 Dec 2022 05:01:57 GMT
Server: cloudflare
X-Timer: S1671771835.081536,VS0,VE72
etag: "93030decb82a63689815add3c6e8165c629d2595"
x-backend-proxy: webproxy5
x-frame-options: sameorigin
Vary: Accept-Encoding
Content-Type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-7fd979759b-lbx9b
Accept-Ranges: bytes
CF-RAY: 77de8db13e0c8c41-EWR
access-control-allow-headers: X-Requested-With
X-Cache-Hits: 0, 0

GET
H/1.1 200
OK oembed.json Show response
vimeo.com/api/ 1 KB
2 KB 203ms
155ms XHR
application/json 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/api/oembed.json?url=https%3A%2F%2Fvimeo.com%2F778141303&id=778141303&background=true&width=1200&height=1200&responsive=true&quality=720p

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2a8ad082795a668d32900e0feafa9885db37a9716d16dd10d06d29fcef32dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-varnish-cache: 0
Date: Fri, 23 Dec 2022 05:03:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Content-Encoding: gzip
Age: 0
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-vserver: webproxy-rollout-prod-varnish-9
Content-Length: 658
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
X-Served-By: cache-iad-kjyo7100030-IAD, cache-lga21950-LGA
last-modified: Fri, 23 Dec 2022 05:01:57 GMT
Server: cloudflare
X-Timer: S1671771835.084098,VS0,VE73
etag: "93030decb82a63689815add3c6e8165c629d2595"
x-backend-proxy: webproxy10
x-frame-options: sameorigin
Vary: Accept-Encoding
Content-Type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-7fd979759b-jgjhm
Accept-Ranges: bytes
CF-RAY: 77de8db13e7f19c7-EWR
access-control-allow-headers: X-Requested-With
X-Cache-Hits: 0, 0

GET
H2 200 config Show response
herocosmetics.zendesk.com/embeddable/ Frame FC44 771 B
1 KB 121ms
58ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herocosmetics.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93ba06847719b70672f5a8ea597585ac95ab2bfe7037af7fe2ea76270608b559

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-dfc57fc64-f2qkg
x-cached: STALE
x-request-id: 77de880adaaa17ed-EWR
x-runtime: 0.002905
last-modified: Fri, 23 Dec 2022 05:01:32 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FOvpW%2Fw0zUSSbxm1KKsshhFTar2sva%2B72CSWwSO5lV5Ho5DvBYEKz3oqJGp5Sq2IQ9q6Qg4xJcM%2FWm6q5L4IM4K8DuJgiZ1Yt7wvT9xZy0YIqSZKt8rPGOquUcr7QmKLH%2BqZotHCjOT0Cc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 77de8db1994f17bd-EWR

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/775465074/ 1 KB
1 KB 106ms
50ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/775465074/?random=1671771835076&cv=11&fst=1671771835076&bg=ffffff&guid=ON&async=1&gtm=2ygbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.herocosmetics.us%2F&tiba=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin&auid=1619580107.1671771834&uaw=0&data=ecomm_pagetype%3Dhome&rfmt=3&fmt=4

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

890ff9abd973d90cb6f5a277a24c329d1e19ceffa02e5d7df92943f0a1db0d30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 893
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 101ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 23 Dec 2022 05:03:54 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A90531C835304B8BAB1C48A40B6739FA Ref B: EWR311000103025 Ref C: 2022-12-23T05:03:55Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H2 200 hotjar-1133465.js Show response
static.hotjar.com/c/ 8 KB
4 KB 149ms
58ms Script
application/javascript 108.138.106.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1133465.js?sv=7

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-101.jfk50.r.cloudfront.net

Software

Resource Hash

5d41662cd08a983100413a965c9d774662e5def55f7f2e95f11f431bba372bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 05:03:55 GMT
via: 1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 59
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/4e17e472697055175d82916b79f74ab5
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: rGtBnXu-n5wnhcYn9FdiJNoNVfaj9698w7H976KAgc4kujp_5MBoLw==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 106ms
28ms Script
application/javascript 146.75.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:08:41 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kcgs7200097-IAD

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 25 KB
8 KB 85ms
20ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "3528fd00b652f61a266eb584d96f4fcc"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7722

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 250ms
39ms Script
application/javascript 2600:1400:9000:28c::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:28c::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "8d9d0550c915347e312e24f00d311e50"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1146

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 15CF
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D29750...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D29750...

1 KB
2 KB

49ms
49ms

Document
text/html

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=500338211159375040&dcc=t

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

cb84c769a7f5e25743407e69791a4f7c835ac5a23e0149a0fd27cc963e196524

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1233
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 23 Dec 2022 05:03:55 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: BRSGDF6VVP0T0NZHZ2A1

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 23 Dec 2022 05:03:55 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=500338211159375040&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: YYN97KXQDN5P7MYM4545

GET
H2 200 collect
ssapi.herocosmetics.us/ 35 B
192 B 75ms
75ms Image
image/gif 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssapi.herocosmetics.us/collect?v=1&_v=j98&aip=1&a=430110462&t=timing&_s=2&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2470&pdt=603&dns=1&rrt=146&srt=22&tcp=30&dit=1644&clt=1688&_gst=1197&_gbt=1262&_cst=809&_cbt=1175&_u=YEBAAEABAAAAACAEKI~&jid=&gjid=&cid=368312288.1671771834&tid=UA-102753205-1&_gid=1935258582.1671771834&_fplc=0&gtm=2ygbu0N73MWQN&z=384572050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 05:03:55 GMT
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: e6f4108188a2d3e35feaf7b00eeba008
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H3 200 impression
hero.attn.tv/ Frame 0
0 110ms
94ms Preflight 104.18.37.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hero.attn.tv/impression?id=3b1504b0d2d14dfaa0bbb21d382f8d39&c=334394&pt=field_capture&prfa=77&prfb=146&prfc=674&prfd=545&su=https%3A%2F%2Fwww.herocosmetics.us%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Origin: https://creatives.attn.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-methods: PUT
access-control-allow-origin: https://creatives.attn.tv
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77de8db1ad15d15b-BUF
content-length: 0
date: Fri, 23 Dec 2022 05:03:55 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 1

PUT
H3 204 impression
hero.attn.tv/ Frame E48B 0
0 44ms
43ms Fetch 104.18.37.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hero.attn.tv/impression?id=3b1504b0d2d14dfaa0bbb21d382f8d39&c=334394&pt=field_capture&prfa=77&prfb=146&prfc=674&prfd=545&su=https%3A%2F%2Fwww.herocosmetics.us%2F
Requested by: Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/static/js/main.ab618d5e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: https://creatives.attn.tv
x-envoy-upstream-service-time: 6
cf-ray: 77de8db23d97d15b-BUF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 creative-interactions
hero.attn.tv/ Frame E48B 0
0 107ms
92ms Fetch 104.18.37.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hero.attn.tv/creative-interactions?crid=334394&coeid=_ou&vid=3b1504b0d2d14dfaa0bbb21d382f8d39&crap=EMAIL&crat=VIEW&crpi=1&ts=1671771835
Requested by: Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/static/js/main.ab618d5e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: https://creatives.attn.tv
x-envoy-upstream-service-time: 2
cf-ray: 77de8db1ad16d15b-BUF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H3 200 produce
www.herocosmetics.us/.well-known/shopify/monorail/v1/ 0
857 B 95ms
93ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/.well-known/shopify/monorail/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east4,us-central1
server-timing: cfRequestDuration;dur=81.000090
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 3de1a2e8-07e6-4089-adad-e0c28d8ad185
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZmQr%2FAz2affvgTJFuJERAmmqExs0xx1QHmrgY1hNK4ZiWAcvc9I03UuYpu3EdPxfUVa69nrvtWNzuPQNWI9QI0Su17IXnsTGOrHT%2BV5%2B4kdf97tr4ZqpMsAyUZwXY9Q%2F5gF75a%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
cf-ray: 77de8db1bd23d15b-BUF
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
x-sorting-hat-podid: 41

GET
H3 200 browsing_context_suggestions.json Show response
www.herocosmetics.us/ 132 B
1 KB 156ms
154ms Fetch
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/browsing_context_suggestions.json?source=geolocation_recommendation&country[enabled]=true&country[exclude]=US&currency[enabled]=true&currency[exclude]=USD&language[enabled]=true&language[exclude]=en&

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99ebefc6d820d1a4fc5353bdf009f7973e2254581f7917e961480a03bf4fa6f0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east4,us-east1,gcp-us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=75, db;dur=16, asn;desc="20278", edge;desc="BUF", country;desc="US", cfRequestDuration;dur=137.000084
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 47c0c1a1-9e0c-48b4-b55b-3bcdc4e592fb
x-shardid: 41
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 21814481
vary: Accept-Encoding, Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aE0WiV4Y4gCrhWl0wmyyJBTxNa5AECBLbbkoo%2FIngV7bviDYYti7qX%2B5hkgdXEEJ4d6thp97EqrI28bgJMor51bFjIDK3IJ1kCT5m65oOF85xi2Iz2JyCq8M824AR%2Fg48EH2o81"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
content-language: en
x-download-options: noopen
cf-ray: 77de8db1dd3ed15b-BUF
x-sorting-hat-podid: 41

GET
H/1.1 200
OK 778141303 Show response
player.vimeo.com/video/ Frame D45E 75 KB
28 KB 139ms
78ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/vendorVimeo.js?v=156771078060041912431666632339

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a3afc7c3abe6cb4d6614a6786d9e7ebc089773f745e09b7c9a6b6b4c880ec86

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app/ https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 77de8db24e75197c-EWR
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 23 Dec 2022 05:03:55 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: MISS
X-Cache-Hits: 0
X-Player-Backend: p
X-Served-By: cache-lga21942-LGA
X-Timer: S1671771835.262936,VS0,VE38
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
expires: Fri, 23 Dec 2022 05:11:56 GMT
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
x-backend-proxy: playproxy10
x-bapp-server: player-755b6fb99b-t64c4
x-content-type-options: nosniff
x-host: player-755b6fb99b-t64c4
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-9
x-xss-protection: 1; mode=block

GET
H3 200 analytics.js Show response
cdn.shopify.com/shopifycloud/media-analytics/v0.1/ 24 KB
9 KB 47ms
46ms Script
text/javascript 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/media-analytics/v0.1/analytics.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a5f1052ed1a8af5abd2f31dfef1a6c95288a6be319e39bfd7072f5f196d63612.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7abc5bad60f3c1a3728640864ab085439d4c492e440bdd89b2d64d613aaf2160

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
content-encoding: br
server-timing: imagery;dur=20.943, imageryFetch;dur=20.695, cfRequestDuration;dur=31.000137
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 00127537-2302-4681-a575-7e5677c98198
last-modified: Fri, 23 Dec 2022 04:08:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDy4Zz7NeMoKQSUPhokSJaosG02uAh0mgl23Cbr98%2BcwXS3zq%2F%2Bov7k0SEZZQB2AEj%2Fk5%2FdNlKbv3fia7aOIJAS4mckw3v9BzmgowrPLBG0FpUbmKqNXeS5g3ZJhz5Io6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/media-analytics/v0.1/analytics.js>; rel="canonical"
cf-ray: 77de8db1dd9ad157-BUF

GET
H2 200 app.v1.0.367.js Show response
cdn-swell-assets.yotpo.com/ 1 MB
192 KB 108ms
21ms Script
text/plain 192.229.163.223
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-swell-assets.yotpo.com/app.v1.0.367.js
Requested by: Host: cdn-loyalty.yotpo.com
URL: https://cdn-loyalty.yotpo.com/loader/A19H8vTS9KoU0V2U-uthxg.js?shop=tbate.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.223 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D25) /
Resource Hash: 6214cb4793462282dfad0cc52df8cc01ca5527d5b79e5129720a246b49aa41dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: gzip
x-amz-version-id: de8cWd89oC7MbqUVwmxAR7mmGXJPmDk4
last-modified: Thu, 24 Nov 2022 15:56:13 GMT
server: ECS (nyb/1D25)
x-amz-meta-s3cmd-attrs: uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1669305372/atime:1669305372/md5:4bd20914edff8a4d128f28b904251d06/ctime:1669305372
age: 395944
x-amz-request-id: 9W8SQWGFZMNYJ1SR
etag: "4bd20914edff8a4d128f28b904251d06+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/plain
content-length: 195984
x-amz-id-2: +hik/b4GvSn2/ckp9CtFhFW971bu6fWuLLfg7CWoBphSXXKa6xX+zIAr4NZfPcKtZJQb6zbwOFk=

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 41 KB
19 KB 106ms
30ms Script
text/javascript 52.6.11.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=true&flash=false

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.js?shop=tbate.myshopify.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.6.11.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-11-66.compute-1.amazonaws.com

Software

nginx /

Resource Hash

56fe4a56be0624df28272ea3b4bb13475e0f3c3dd903eea7e2fd4526148562b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:55 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

GET
H2 200 widget.css
staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/ 479 KB
44 KB 42ms
40ms Stylesheet
text/css 2600:1400:9000:281::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.css?widget_version=2022-07-03_07-28-28

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.js?shop=tbate.myshopify.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:9000:281::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7898396661257844856834bdb796b82122541ea0c939c89748ce150f2c0953da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=15
content-length: 44025
x-xss-protection: 1; mode=block
x-request-id: c175d7d32e60126c01e6aa8bd2d71c15
x-runtime: 0.109791
etag: W/"fbc85b6da35a08cd6e10f374284e19f6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: public, max-age=9409
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK 778141303 Show response
player.vimeo.com/video/ Frame 7FF5 75 KB
28 KB 109ms
79ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/vendorVimeo.js?v=156771078060041912431666632339

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2203ad746c9ae8e816696b751be9cff0bdc0528270c193451179296718d2ebbb

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app/ https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 77de8db2ef60197c-EWR
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 23 Dec 2022 05:03:55 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: MISS
X-Cache-Hits: 0
X-Player-Backend: p
X-Served-By: cache-lga21971-LGA
X-Timer: S1671771835.351706,VS0,VE36
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
expires: Fri, 23 Dec 2022 05:11:56 GMT
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
x-backend-proxy: playproxy10
x-bapp-server: player-755b6fb99b-t64c4
x-content-type-options: nosniff
x-host: player-755b6fb99b-t64c4
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-9
x-xss-protection: 1; mode=block

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 45ms
20ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=173724809895244&ev=Microdata&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&rl=&if=false&ts=1671771835296&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin%22%2C%22meta%3Adescription%22%3A%22Everyone%20deserves%20to%20feel%20amazing%20in%20their%20skin.%20That%E2%80%99s%20why%20we%20make%20customizable%20acne%20toolkits%20to%20handle%20any%20pimple%20challenge.%20Seriously%20effective%20solutions%20with%20powerfully%20clean%20ingredients%20for%20all%20ages%20%26%20skin%20types%20%E2%80%94%20from%20our%20cult-fave%20hydrocolloid%20Mighty%20Patch%20to%20Rescue%20Balm%2C%20Micropoint%20for%20Dark%20Spots%2C%20and%20beyond!%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Hero%20Cosmetics%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.herocosmetics.us%2F%22%2C%22og%3Atitle%22%3A%22Empowering%20Acne%20Prone%20Skin%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22Everyone%20deserves%20to%20feel%20amazing%20in%20their%20skin.%20That%E2%80%99s%20why%20we%20make%20customizable%20acne%20toolkits%20to%20handle%20any%20pimple%20challenge.%20Seriously%20effective%20solutions%20with%20powerfully%20clean%20ingredients%20for%20all%20ages%20%26%20skin%20types%20%E2%80%94%20from%20our%20cult-fave%20hydrocolloid%20Mighty%20Patch%20to%20Rescue%20Balm%2C%20Micropoint%20for%20Dark%20Spots%2C%20and%20beyond!%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2181%2F4481%2Ffiles%2Fthumbnail_1e18802f-a1b6-4468-a69b-14bc540564f3.jpg%3Fv%3D1654615915%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2181%2F4481%2Ffiles%2Fthumbnail_1e18802f-a1b6-4468-a69b-14bc540564f3.jpg%3Fv%3D1654615915%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=99d4d0320a0f58376762c8d39ed2b07ca17c1fe698147626264c516f6c420ede&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1671771834706.692153022&it=1671771834420&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 23 Dec 2022 05:03:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 web-widget-classic-81a3de7.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame FC44 13 KB
4 KB 34ms
34ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cf9835ab8da9dfe9a2eeb14c12a3a1344f9e3bb0fb90bbb343e49454de8892f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
x-amz-version-id: BI7BH2_wYlhqABgV_1RpW5mVt_EhVp77
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: F6CA3V7NF9KV3C2T
age: 611930
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: We1b8+5xHvJwX0GVh4YorQhzb6MFiJnaEFUdv2F/8YqHcP30W86siR6KWyxSVr0+AE3pz9VCICs=
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
server: cloudflare
etag: W/"0b77084bbe255e38dfc0511ed512b1b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93ZUSfhf%2BHUEeEk0f57Yn%2B54FpFavqlpr4fhV5EBnVPBVFGYOEQ%2BMWbVH6Boqf2ni5XZnKvWkIkiLtQ6yivLAH9kTIKITOTOUEye2KarrAjsgH%2BqnNVUUWrbUXMbVbsRa%2BOFhXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 77de8db2bb1ee738-EWR
expires: Thu, 14 Dec 2023 15:44:36 GMT

GET
H2 204 25097093.js Show response
bat.bing.com/p/action/ 0
119 B 59ms
58ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25097093.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 23 Dec 2022 05:03:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 51E16E1127354D99A862E284B8DA129F Ref B: EWR311000103025 Ref C: 2022-12-23T05:03:55Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 35ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25097093&Ver=2&mid=1bb5aee5-3bfd-4de1-9820-bffd76794160&sid=33651600827f11ed990f6b919bb1cfbb&vid=336539a0827f11edb12c09037220e3fd&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin&p=https%3A%2F%2Fwww.herocosmetics.us%2F&r=&lt=2493&evt=pageLoad&sv=1&rn=33887

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 23 Dec 2022 05:03:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 248326AF82B54AA08943A2F54529ED23 Ref B: EWR311000103025 Ref C: 2022-12-23T05:03:55Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hero-preloader.json Show response
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 6 KB
2 KB 35ms
35ms XHR
application/json 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/hero-preloader.json?v=65884043791133297201658515520

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2b7173f2572eea829671b659e661dfd12583a5e3a073907d6293d0b016ba13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
age: 551297
content-encoding: br
server-timing: imagery;dur=46.563, imageryFetch;dur=46.348, cfRequestDuration;dur=23.000002
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9a2b9c9d-e9d9-47d3-a44d-022c5738c6ab
last-modified: Tue, 29 Nov 2022 01:04:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VTs3iRQZjWnnCJa3yMhO87DDHNChJTUK0rCNtKKhhSxLuSZ5YqbcKKFsgTvb5%2Fj7qzY2HfmW8DVdg7l3Np2ENP1Uqeu%2BKzzuKS4E5CNnLJ17ZoPgzPZyPlZp7Z%2FXyHiDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/hero-preloader.json>; rel="canonical"
cf-ray: 77de8db2be15d157-BUF

GET
H3 200 hero-preloader.json Show response
cdn.shopify.com/s/files/1/2181/4481/t/107/assets/ 6 KB
2 KB 36ms
28ms XHR
application/json 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/hero-preloader.json?v=65884043791133297201658515520

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2b7173f2572eea829671b659e661dfd12583a5e3a073907d6293d0b016ba13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
age: 551297
content-encoding: br
server-timing: imagery;dur=46.563, imageryFetch;dur=46.348, cfRequestDuration;dur=14.000177
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9a2b9c9d-e9d9-47d3-a44d-022c5738c6ab
last-modified: Tue, 29 Nov 2022 01:04:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcAEZZtKJttuPnobBQa3MNzWgqTy9AkVQIFxwuC4YPwpZUjWO0Z2Lxhu1fp0SJVe8DY7qXTuvdAOJumvN1iaFQToQNLAtRVsfjEMWsmampDyDpNwB5gQXJ8z7V2CscDYkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/hero-preloader.json>; rel="canonical"
cf-ray: 77de8db2ce1cd157-BUF

GET
H3 200 /
www.google.com/pagead/1p-user-list/775465074/ 42 B
64 B 89ms
39ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/775465074/?random=1671771835076&cv=11&fst=1671771600000&bg=ffffff&guid=ON&async=1&gtm=2ygbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.herocosmetics.us%2F&tiba=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin&data=ecomm_pagetype%3Dhome&fmt=3&is_vtc=1&random=3155457121&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 05:03:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i
p.yotpo.com/ 35 B
279 B 102ms
30ms Image
image/gif 3.210.215.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin&se_va=WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax&cx=eyJwdl91dWlkIjozNzczMzQ4NTl9&dtm=1671771835324&tid=895864&vp=1600x1200&ds=1600x1200&vid=1&duid=cd918fb977868fa8&p=web&tv=js-0.13.2&fp=983239506&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.herocosmetics.us%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.215.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-215-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 23 Dec 2022 05:03:55 GMT
cache-control: max-age=86400, private
server: nginx
content-length: 35
expires: Sat, 24 Dec 2022 05:03:55 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 94ms
40ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1671771835350&id=t2_3jqrn4g1&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=25c8e984-abeb-4da5-bc43-9c0b5f41933e&aaid=&em=&external_id=99d4d0320a0f58376762c8d39ed2b07ca17c1fe698147626264c516f6c420ede&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_1967aea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 133ms
46ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=cc0d19ed-cdbe-425c-9a51-21062208ea1c&external_id=99d4d0320a0f58376762c8d39ed2b07ca17c1fe698147626264c516f6c420ede&integration=gtm-base&p_id=Twitter&p_user_id=0&pl_id=c9ac6b44-6569-4d3a-87c9-cf6e236be806&tw_document_href=https%3A%2F%2Fwww.herocosmetics.us%2F&tw_iframe_status=0&txn_id=o2h0n&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 5
date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 52ee48ae1a4ec1ca
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 1bcc1917e4acc38b389b5af09b6612e533f53a43606ef967b7d59d54d6831def
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
724 B 151ms
44ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=cc0d19ed-cdbe-425c-9a51-21062208ea1c&external_id=99d4d0320a0f58376762c8d39ed2b07ca17c1fe698147626264c516f6c420ede&integration=gtm-base&p_id=Twitter&p_user_id=0&pl_id=c9ac6b44-6569-4d3a-87c9-cf6e236be806&tw_document_href=https%3A%2F%2Fwww.herocosmetics.us%2F&tw_iframe_status=0&txn_id=o2h0n&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 5
date: Fri, 23 Dec 2022 05:03:54 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 018ccd42ca3a871c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 0c7696b6711586ae6878a841e248e0032e74b144dde6a8c432e227917cc775cb
content-length: 43

GET
H3 200 css
fonts.googleapis.com/ 3 KB
643 B 37ms
36ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.css?widget_version=2022-07-03_07-28-28

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://staticw2.yotpo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 04:50:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 05:03:55 GMT

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.16.5/js/ Frame D45E 476 KB
115 KB 124ms
31ms Script
application/javascript 146.75.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.16.5/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.38.109 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5ce56c25f3aa19c9ebf212d2c8531ec73518a1e254ad2872d4211d2b644d9f9c

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200029-IAD
date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: br
via: 1.1 varnish
age: 26600
x-timer: S1671771835.485069,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 117511
x-cache-hits: 3219

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.16.5/js/ Frame D45E 378 KB
90 KB 119ms
27ms Script
application/javascript 146.75.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.38.109 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5a613d64a17940bb2f9d1dd791dfcd023826c9f931706687e511888c565cd44e

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200029-IAD
date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: br
via: 1.1 varnish
age: 26600
x-timer: S1671771835.485020,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 92370
x-cache-hits: 3330

GET
H2 200 player.css
f.vimeocdn.com/p/4.16.5/css/ Frame D45E 245 KB
22 KB 120ms
27ms Stylesheet
text/css 146.75.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.16.5/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.38.109 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1b672e7932ba30dc918fc8ff58dbc3ffa85b6f47e6dfc18dfb6c3ad8596e0111

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200074-IAD
date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: br
via: 1.1 varnish
age: 26600
x-timer: S1671771835.485083,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21880
x-cache-hits: 3137

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 6FBB 6 KB
7 KB 31ms
31ms Document
text/html 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=jeJtrGA2ST2SE5H-_NoOig&dmt=3&ex-pl-n-g-hmt=mMOoTd9BSYWRILC1orkXNQ&ep=ttam_T219Ay-cPciHbT10jzSF4kGwHwCfmJ4BDTvTahzePN_cw9daqggLYBBW0FVJKsOiJ3a062Ct99C9h3bYmuQ3E967S9phqNu0-oxC-YZay-Tj204hgCky7Z6Eb1uWesAN4n4SEal5mNsEtQ0wyfyubyKItcfK5UamkFeLCri220N38XCJyVq_Fy3n-rPmmECd7g3XQWc0vymOs2t1iyFBPfvNUBb1SD40QEY6dupQdGNiwkpY09Ar64pFtJOiGXsSSJdGvirHKThtudfMigTqKutl2gzWSRvO6XDzqTE2JtlLVvRDc-DNeOCvApFWDip4Ft9FRQXt3Y7Z__wWTIjIF5yQTn8_Wp0msQbDKAQCUIR5XysMSCZq_os6zeWbxPOe77rvay-KRl8W2864LdMzUQ-KjYg4c-fBrl2E3ZXKmvc9uwGe3KyLH0GNUYYje3l73iG4ij3irGgI5gVZasJGGBv6eCMhf0KT1eTEkJ2FY_jdK8V6kB79qLsC4LMq_TRQv4btbjr_sZpB6Qi-M-3Y78qJjo2gXTZwBhtm6QjqWHJkz62HlRxDLAywK-J0dUYI5ifaqQ9Z20g5kJ7Kt_9BXUL4wEwzPniqz6oKI0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=500338211159375040&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

d947c6f0414a2b656f2bade5f8d4385e65eeb72217c471b58646f6aa2d6634ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=500338211159375040&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 6347
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 23 Dec 2022 05:03:55 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: V16S6KV89F22Z81TCY5J

GET
H2 200 modules.352fddba5b21bbfc3a08.js Show response
script.hotjar.com/ 264 KB
68 KB 105ms
24ms Script
application/javascript 18.164.96.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1133465.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-87.jfk50.r.cloudfront.net

Software

Resource Hash

6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:07:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 fa503ecd9278a874859948f3b586c782.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 75409
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68894
last-modified: Thu, 22 Dec 2022 08:06:23 GMT
etag: "3256c76707175033b83ffe82f89b32ec"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 4U4_ee-To0QYRJdloNSyjRusOIFgNrYs5vMEFmuVVH0CkAuTrz1GlA==

POST
H3 200 produce
monorail-edge.shopifysvc.com/v1/ 0
0 96ms
69ms Fetch 185.146.173.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
X-Monorail-Edge-Event-Created-At-Ms: 1671771835432
X-Monorail-Edge-Event-Sent-At-Ms: 1671771835434
accept-language: en-US,en;q=0.9
X-Monorail-Edge-Client-Message-Id: 8300340b-fe08-4831-b2a9-de2f25582540
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
server-timing: cfRequestDuration;dur=78.999996
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 06db7932-631d-4e7d-bc6c-a65d941b4e83
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiJjicMGr6kkALLk2bAiOqmysFGMajxkfPemrDob1o3S%2BD00g3MmqrWHjXhAJVq2M4uCdkGpv%2BnBajtSPOt9K9OFvNFx%2BffahBQzsFTfBp1%2FCEuV8TTeTcORRefGDWUBsNF17cz8ER%2FmVlya5%2BU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 77de8db45d8ed163-BUF

POST
H3 200 produce
monorail-edge.shopifysvc.com/v1/ 0
0 111ms
111ms Fetch 185.146.173.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
X-Monorail-Edge-Event-Created-At-Ms: 1671771835434
X-Monorail-Edge-Event-Sent-At-Ms: 1671771835434
accept-language: en-US,en;q=0.9
X-Monorail-Edge-Client-Message-Id: be9f4fbd-fe98-4e9a-9f13-8641df58d3c7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
server-timing: cfRequestDuration;dur=98.999977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 6b17e77f-9744-4c50-8292-1c75c0117ba1
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYl59uZtUqrbHakAvfXXIWE3NLc8zV9j4bzFajavFn7yiuzlPyg8aOHbt%2BeOhlR0nGYEDiMDY9XT1w98Qjvzg6PSeM7OkC7gZ2iRmTOl9U6EpHIuvXDKFEt8FAHh0eRR15dSc8BuYGTNu4DLFRc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 77de8db46d9fd163-BUF

OPTIONS
H2 200 produce
monorail-edge.shopifysvc.com/v1/ Frame 0
0 98ms
64ms Preflight 185.146.173.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms
Access-Control-Request-Method: POST
Origin: https://www.herocosmetics.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77de8db3ca1fd14f-BUF
content-length: 0
date: Fri, 23 Dec 2022 05:03:55 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHIeeQ7TjydPQEiU4bZinJPe1ohaJ%2BiCti3sregr0JWs%2FT3jbdrbWJYUSEd%2BdW61SKAPjxzKwDTEMGsvoj%2Bhx6lea7VJWGSouUE5qoAy5TxpWOSYNBVzzR%2BADqRkYQMH7VjLUzln%2BEOeetxvoLg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfRequestDuration;dur=72.000027
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-dc: gcp-us-east1,us-east1
x-request-id: f60da790-aa6d-4d9b-bc7c-100c3fb29571

OPTIONS
H2 200 produce
monorail-edge.shopifysvc.com/v1/ Frame 0
0 137ms
103ms Preflight 185.146.173.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms
Access-Control-Request-Method: POST
Origin: https://www.herocosmetics.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77de8db3ca21d14f-BUF
content-length: 0
date: Fri, 23 Dec 2022 05:03:55 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taicYM4LdK79R8Ax%2BkplfxbGhwAaYlIL0Tir75KQKS0mD9WAK5BUpEZk2LqNVvw%2FI5lNTJ8cWV7S0r42nPEvPRlTf%2FaTO1clz7r6CNG26qCH0OCgGvtrVqy9T4ZUs9mNbE%2FuGaDjAywCNtpEzBM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfRequestDuration;dur=88.999987
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-dc: gcp-us-east1,us-central1
x-request-id: 1547c8a8-e930-4ac0-b00a-9dff2bc5a627

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.16.5/js/ Frame 7FF5 476 KB
115 KB 78ms
76ms Script
application/javascript 146.75.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.16.5/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.38.109 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5ce56c25f3aa19c9ebf212d2c8531ec73518a1e254ad2872d4211d2b644d9f9c

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200029-IAD
date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: br
via: 1.1 varnish
age: 26600
x-timer: S1671771835.486819,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 117511
x-cache-hits: 3220

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.16.5/js/ Frame 7FF5 378 KB
90 KB 78ms
77ms Script
application/javascript 146.75.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.38.109 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5a613d64a17940bb2f9d1dd791dfcd023826c9f931706687e511888c565cd44e

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200029-IAD
date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: br
via: 1.1 varnish
age: 26600
x-timer: S1671771835.486870,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 92370
x-cache-hits: 3331

GET
H2 200 player.css
f.vimeocdn.com/p/4.16.5/css/ Frame 7FF5 245 KB
21 KB 35ms
34ms Stylesheet
text/css 146.75.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.16.5/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.38.109 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1b672e7932ba30dc918fc8ff58dbc3ffa85b6f47e6dfc18dfb6c3ad8596e0111

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200074-IAD
date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: br
via: 1.1 varnish
age: 26600
x-timer: S1671771835.486817,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21880
x-cache-hits: 3138

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=6YJ0g48BTFSX6ZhzFgbP6w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3D6YJ0g48BTFSX6ZhzFgbP6w%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=6YJ0g48BTFSX6ZhzFgbP6w

43 B
479 B

81ms
32ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=6YJ0g48BTFSX6ZhzFgbP6w

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=jeJtrGA2ST2SE5H-_NoOig&dmt=3&ex-pl-n-g-hmt=mMOoTd9BSYWRILC1orkXNQ&ep=ttam_T219Ay-cPciHbT10jzSF4kGwHwCfmJ4BDTvTahzePN_cw9daqggLYBBW0FVJKsOiJ3a062Ct99C9h3bYmuQ3E967S9phqNu0-oxC-YZay-Tj204hgCky7Z6Eb1uWesAN4n4SEal5mNsEtQ0wyfyubyKItcfK5UamkFeLCri220N38XCJyVq_Fy3n-rPmmECd7g3XQWc0vymOs2t1iyFBPfvNUBb1SD40QEY6dupQdGNiwkpY09Ar64pFtJOiGXsSSJdGvirHKThtudfMigTqKutl2gzWSRvO6XDzqTE2JtlLVvRDc-DNeOCvApFWDip4Ft9FRQXt3Y7Z__wWTIjIF5yQTn8_Wp0msQbDKAQCUIR5XysMSCZq_os6zeWbxPOe77rvay-KRl8W2864LdMzUQ-KjYg4c-fBrl2E3ZXKmvc9uwGe3KyLH0GNUYYje3l73iG4ij3irGgI5gVZasJGGBv6eCMhf0KT1eTEkJ2FY_jdK8V6kB79qLsC4LMq_TRQv4btbjr_sZpB6Qi-M-3Y78qJjo2gXTZwBhtm6QjqWHJkz62HlRxDLAywK-J0dUYI5ifaqQ9Z20g5kJ7Kt_9BXUL4wEwzPniqz6oKI0

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Y7ZWS0PZ8PPAJ9RTEBHN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 23 Dec 2022 05:03:55 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.249.36; 96.9.249.36; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8e1c693b-9282-4a4d-b46c-2bd33e1d1fb6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=6YJ0g48BTFSX6ZhzFgbP6w
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=3q9jPvjuRZupMLac9HsHUA&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT%26id%3D%26sspid%3DSMART_USER_ID
https://s.amazon-adsystem.com/ecm3?ex=equativHMT&id=&sspid=1891964632233644020

43 B
479 B

34ms
34ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=equativHMT&id=&sspid=1891964632233644020

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F0DDQFY4P828JSF1VZ1J
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=equativHMT&id=&sspid=1891964632233644020
pragma: no-cache
date: Fri, 23 Dec 2022 05:03:55 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=213610604374004048145&ex=neustar.biz

43 B
479 B

40ms
40ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=213610604374004048145&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TQYH0BJ0REXSYTMDWKKX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Dec 2022 05:03:55 GMT
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=213610604374004048145&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: OT0w9ZavfcLLI1kbC2y8aY_m7NkK6GB39S2a4LLVU-lW9eiXL53W9w==
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=Vws6AoQOR1STp01djM2XOQ&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=Vws6AoQOR1STp01djM2XOQ&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y6U2u0VljaDkGkXFCVs79AAA

43 B
479 B

33ms
32ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y6U2u0VljaDkGkXFCVs79AAA

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3Q0NASPKT1VQHVSHXFWX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y6U2u0VljaDkGkXFCVs79AAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=ed3f673236ca8940ea7fddcb79e02868

43 B
479 B

32ms
32ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=ed3f673236ca8940ea7fddcb79e02868

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7Q0MWVBFWH1FQPZ8HER5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=ed3f673236ca8940ea7fddcb79e02868
Date: Fri, 23 Dec 2022 05:03:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

33ms
32ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8RAHTK9NGDJ1KWRP0ZGD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Fri, 23 Dec 2022 05:03:56 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=s6izUK3kSAm1EQr1L-903w
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=s6izUK3kSAm1EQr1L-903w&verify=true
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=s6izUK3kSAm1EQr1L-903w

43 B
479 B

36ms
35ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=s6izUK3kSAm1EQr1L-903w

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EHC1B6D19259V58G69PX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=s6izUK3kSAm1EQr1L-903w
date: Fri, 23 Dec 2022 05:03:55 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=3935ba36-0ad2-4c42-a044-50f3b6cb2cdc

43 B
479 B

33ms
33ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=3935ba36-0ad2-4c42-a044-50f3b6cb2cdc

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5QTV6M58A6SWYPNS6QT4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=3935ba36-0ad2-4c42-a044-50f3b6cb2cdc
Date: Fri, 23 Dec 2022 05:03:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=48d1f33abfab411faaba0f469ae63639

43 B
479 B

79ms
33ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=48d1f33abfab411faaba0f469ae63639

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6DDWDXB34VEXJS204JKM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=48d1f33abfab411faaba0f469ae63639
date: Fri, 23 Dec 2022 05:03:55 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://s.amazon-adsystem.com/ecm3?id=y-DWa.yNVE2pFBnW8kvA6JuEtIWfZanPdTb.nD~A&status=NOT_FOUND&ex=gemini

43 B
479 B

64ms
36ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=y-DWa.yNVE2pFBnW8kvA6JuEtIWfZanPdTb.nD~A&status=NOT_FOUND&ex=gemini

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B7R25KQF4RETD2PYK3H3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 23 Dec 2022 05:03:55 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0109.pbp.bf1.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?id=y-DWa.yNVE2pFBnW8kvA6JuEtIWfZanPdTb.nD~A&status=NOT_FOUND&ex=gemini
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=96b5424e2b9784fdaf7168b8763c68c&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

52ms
52ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=96b5424e2b9784fdaf7168b8763c68c&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: C177SA0ZMHGCBJ4W68PE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:55 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=96b5424e2b9784fdaf7168b8763c68c&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671771835906054-254

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

32ms
32ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HWNQ43GSAJFTVWCJ9TJ4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 23 Dec 2022 05:03:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 922167d169fb5d47cad92d0fd0cd14aa.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=SRQ0PS4VGWC0VTCZ5E8S:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: SRQ0PS4VGWC0VTCZ5E8S
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: OgQQ9C0JOOxvfgnsiFMMo3UuukVQrk8UeezJS-iJtgt4MeB4ho985w==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 6FBB 0
338 B 110ms
25ms Image
text/plain 34.195.206.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=jeJtrGA2ST2SE5H-_NoOig&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=jeJtrGA2ST2SE5H-_NoOig&dmt=3&ex-pl-n-g-hmt=mMOoTd9BSYWRILC1orkXNQ&ep=ttam_T219Ay-cPciHbT10jzSF4kGwHwCfmJ4BDTvTahzePN_cw9daqggLYBBW0FVJKsOiJ3a062Ct99C9h3bYmuQ3E967S9phqNu0-oxC-YZay-Tj204hgCky7Z6Eb1uWesAN4n4SEal5mNsEtQ0wyfyubyKItcfK5UamkFeLCri220N38XCJyVq_Fy3n-rPmmECd7g3XQWc0vymOs2t1iyFBPfvNUBb1SD40QEY6dupQdGNiwkpY09Ar64pFtJOiGXsSSJdGvirHKThtudfMigTqKutl2gzWSRvO6XDzqTE2JtlLVvRDc-DNeOCvApFWDip4Ft9FRQXt3Y7Z__wWTIjIF5yQTn8_Wp0msQbDKAQCUIR5XysMSCZq_os6zeWbxPOe77rvay-KRl8W2864LdMzUQ-KjYg4c-fBrl2E3ZXKmvc9uwGe3KyLH0GNUYYje3l73iG4ij3irGgI5gVZasJGGBv6eCMhf0KT1eTEkJ2FY_jdK8V6kB79qLsC4LMq_TRQv4btbjr_sZpB6Qi-M-3Y78qJjo2gXTZwBhtm6QjqWHJkz62HlRxDLAywK-J0dUYI5ifaqQ9Z20g5kJ7Kt_9BXUL4wEwzPniqz6oKI0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.206.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-206-195.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n012-ash-prod.krxd.net
date: Fri, 23 Dec 2022 05:03:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1671771835
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://s.amazon-adsystem.com/ecm3?id=b3c6c111-39c8-4260-aa35-f0c5843e747e&ex=improvedigital.com

43 B
479 B

33ms
32ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=b3c6c111-39c8-4260-aa35-f0c5843e747e&ex=improvedigital.com

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XY1B2FF83C31EF91WHHJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=b3c6c111-39c8-4260-aa35-f0c5843e747e&ex=improvedigital.com
access-control-allow-origin: *
date: Fri, 23 Dec 2022 05:03:56 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 6FBB 0
263 B 110ms
27ms Image
text/plain 54.86.6.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=jeJtrGA2ST2SE5H-_NoOig&dmt=3&ex-pl-n-g-hmt=mMOoTd9BSYWRILC1orkXNQ&ep=ttam_T219Ay-cPciHbT10jzSF4kGwHwCfmJ4BDTvTahzePN_cw9daqggLYBBW0FVJKsOiJ3a062Ct99C9h3bYmuQ3E967S9phqNu0-oxC-YZay-Tj204hgCky7Z6Eb1uWesAN4n4SEal5mNsEtQ0wyfyubyKItcfK5UamkFeLCri220N38XCJyVq_Fy3n-rPmmECd7g3XQWc0vymOs2t1iyFBPfvNUBb1SD40QEY6dupQdGNiwkpY09Ar64pFtJOiGXsSSJdGvirHKThtudfMigTqKutl2gzWSRvO6XDzqTE2JtlLVvRDc-DNeOCvApFWDip4Ft9FRQXt3Y7Z__wWTIjIF5yQTn8_Wp0msQbDKAQCUIR5XysMSCZq_os6zeWbxPOe77rvay-KRl8W2864LdMzUQ-KjYg4c-fBrl2E3ZXKmvc9uwGe3KyLH0GNUYYje3l73iG4ij3irGgI5gVZasJGGBv6eCMhf0KT1eTEkJ2FY_jdK8V6kB79qLsC4LMq_TRQv4btbjr_sZpB6Qi-M-3Y78qJjo2gXTZwBhtm6QjqWHJkz62HlRxDLAywK-J0dUYI5ifaqQ9Z20g5kJ7Kt_9BXUL4wEwzPniqz6oKI0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.6.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-6-241.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Server: nginx/1.20.0
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 6FBB 0
123 B 81ms
22ms Image
text/plain 198.54.201.131
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=ckfRcfSrSL6XnYhmbiQKjQ&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT1&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.201.131 , United States, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-01-pub-prod-nyc.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-4xhjz
date: Fri, 23 Dec 2022 05:03:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=107c9112aab57bdc8

43 B
479 B

37ms
37ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=107c9112aab57bdc8

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZTGTFE0492F4FPEYWW4F
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 23 Dec 2022 05:03:56 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=107c9112aab57bdc8
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FUn4xWaQQp-RGpwcqruP2Q&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=FUn4xWaQQp-RGpwcqruP2Q

43 B
479 B

33ms
32ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=FUn4xWaQQp-RGpwcqruP2Q

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HJZEJ5DM5E7F2P3P1WH4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=FUn4xWaQQp-RGpwcqruP2Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e1bddfc34a927e97bda010c0d8a62b62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=O_2AZfz3SDqNIQt3AGM7SA&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=96b5424e2b9784fdaf7168b8763c68c&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=O_2AZfz3SDqNIQt3AGM7SA

43 B
479 B

48ms
48ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=96b5424e2b9784fdaf7168b8763c68c&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=O_2AZfz3SDqNIQt3AGM7SA

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YFNJ34Y9NR6Q23QDZ8P7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:55 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=96b5424e2b9784fdaf7168b8763c68c&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=O_2AZfz3SDqNIQt3AGM7SA
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671771835969050-152

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=wd3svHdbTs-91rW6jzrBgQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=wd3svHdbTs-91rW6jzrBgQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64697283372261215462389917746097905163

43 B
479 B

44ms
43ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64697283372261215462389917746097905163

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QPEBPHRWYJ0NZK5C2RJC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-va6-1-v044-0a50520d8.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: uxyze2xmR84=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64697283372261215462389917746097905163
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=jaGHWCKpSv6MM-EKhG6SNA
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10594295916759214759&gdpr=&gdpr_consent=

43 B
479 B

38ms
38ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10594295916759214759&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QVXRMAXJH9P0VMB8YRA8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Dec 2022 05:03:56 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10594295916759214759&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=

43 B
479 B

31ms
31ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S37GFMPAATV4AYZD7RVB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 23 Dec 2022 05:03:56 GMT
Server: nginx/1.19.2
X-Powered-By: Express
ETag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Content-Type: image/gif; charset=utf-8
Location: https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=
Referer: px.surveywall-api.survata.com, px.surveywall-api.survata.com, px.surveywall-api.survata.com
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=7940862722696618759

43 B
479 B

35ms
34ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=7940862722696618759

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XWVKANDN6PBQZNKRYZXW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Dec 2022 05:03:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=7940862722696618759
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=3411876c-827f-11ed-88d2-1d4240210503
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=34118719-827f-11ed-88d2-1d4240210503

43 B
479 B

39ms
38ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=34118719-827f-11ed-88d2-1d4240210503

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 584QS1CP1S8ZTR96B3F8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 23 Dec 2022 05:03:56 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=34118719-827f-11ed-88d2-1d4240210503
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: false
x-fe: 447
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%220d67893a-44ef-43ff-935a-18934e709328%22,%22Time%22:%2220221223T050356.438649%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=0d67893a-44ef-43ff-935a-18934e709328

43 B
479 B

34ms
33ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=0d67893a-44ef-43ff-935a-18934e709328

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V5ESECCFEKRB1FR1X805
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=0d67893a-44ef-43ff-935a-18934e709328
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEK6Aa3qlOxUEzz90ZvP2r-o&google_cver=1

43 B
479 B

35ms
35ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEK6Aa3qlOxUEzz90ZvP2r-o&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9DEGAZWEEB0VVWTFN6EB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Dec 2022 05:03:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEK6Aa3qlOxUEzz90ZvP2r-o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame 6FBB 20 B
20 B 99ms
26ms Image
text/plain 52.45.90.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=jeJtrGA2ST2SE5H-_NoOig&dmt=3&ex-pl-n-g-hmt=mMOoTd9BSYWRILC1orkXNQ&ep=ttam_T219Ay-cPciHbT10jzSF4kGwHwCfmJ4BDTvTahzePN_cw9daqggLYBBW0FVJKsOiJ3a062Ct99C9h3bYmuQ3E967S9phqNu0-oxC-YZay-Tj204hgCky7Z6Eb1uWesAN4n4SEal5mNsEtQ0wyfyubyKItcfK5UamkFeLCri220N38XCJyVq_Fy3n-rPmmECd7g3XQWc0vymOs2t1iyFBPfvNUBb1SD40QEY6dupQdGNiwkpY09Ar64pFtJOiGXsSSJdGvirHKThtudfMigTqKutl2gzWSRvO6XDzqTE2JtlLVvRDc-DNeOCvApFWDip4Ft9FRQXt3Y7Z__wWTIjIF5yQTn8_Wp0msQbDKAQCUIR5XysMSCZq_os6zeWbxPOe77rvay-KRl8W2864LdMzUQ-KjYg4c-fBrl2E3ZXKmvc9uwGe3KyLH0GNUYYje3l73iG4ij3irGgI5gVZasJGGBv6eCMhf0KT1eTEkJ2FY_jdK8V6kB79qLsC4LMq_TRQv4btbjr_sZpB6Qi-M-3Y78qJjo2gXTZwBhtm6QjqWHJkz62HlRxDLAywK-J0dUYI5ifaqQ9Z20g5kJ7Kt_9BXUL4wEwzPniqz6oKI0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.90.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-90-70.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: usermatch-a015-ash-prod.krxd.net
date: Fri, 23 Dec 2022 05:03:56 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=03ca3ea2004c33601f5e49a6eeb19c97

43 B
479 B

33ms
33ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=03ca3ea2004c33601f5e49a6eeb19c97

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7Z04D7A2F47CKE3TEYFM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=03ca3ea2004c33601f5e49a6eeb19c97
date: Fri, 23 Dec 2022 05:03:56 GMT
via: 1.1 9fbe771abcabdb4e14e7709f1f3c6e94.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
content-length: 0
x-amz-cf-id: aa48hX_CbaXuPex7xH5ZM018oa_upTLrIDnP52JMo4n92mqCPx7fhA==
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=b7540bee-7406-c3ac-1476-a5a6b1e8c2e3

43 B
479 B

36ms
35ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=b7540bee-7406-c3ac-1476-a5a6b1e8c2e3

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4Q6GHS2Z6ZXEHTYRQ7MC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 23 Dec 2022 05:03:56 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=b7540bee-7406-c3ac-1476-a5a6b1e8c2e3
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=KvcBixVRx9iUSAbxcD5VwTc4cag4ZgAC

43 B
479 B

43ms
35ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KvcBixVRx9iUSAbxcD5VwTc4cag4ZgAC

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: G551JW9X4J9FB9XFK4JH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Dec 2022 05:03:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XiwP5jQ3qy9SCRdB7u6iGKXDIvqyr9M0KeQccArdpPpFgzV77k6TXR%2B500bIzPFyAsTnolhCATdgA3D85CV9Z%2Bh4D5YwGzonywONFHxZueY4cU1ZCwNbkiEUdUku9%2B1DtSjqWev77BDJuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KvcBixVRx9iUSAbxcD5VwTc4cag4ZgAC
cache-control: no-cache
cf-ray: 77de8dba09a4eff9-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 6FBB
Redirect Chain

https://eb2.3lift.com/xuid?mid=8341&xuid=Ai51UlteS4GHd-ATBIsYQg&dongle=az46
https://eb2.3lift.com/xuid?ld=1&mid=8341&xuid=Ai51UlteS4GHd-ATBIsYQg&dongle=az46&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

32ms
31ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=8341&xuid=Ai51UlteS4GHd-ATBIsYQg&dongle=az46&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=jeJtrGA2ST2SE5H-_NoOig&dmt=3&ex-pl-n-g-hmt=mMOoTd9BSYWRILC1orkXNQ&ep=ttam_T219Ay-cPciHbT10jzSF4kGwHwCfmJ4BDTvTahzePN_cw9daqggLYBBW0FVJKsOiJ3a062Ct99C9h3bYmuQ3E967S9phqNu0-oxC-YZay-Tj204hgCky7Z6Eb1uWesAN4n4SEal5mNsEtQ0wyfyubyKItcfK5UamkFeLCri220N38XCJyVq_Fy3n-rPmmECd7g3XQWc0vymOs2t1iyFBPfvNUBb1SD40QEY6dupQdGNiwkpY09Ar64pFtJOiGXsSSJdGvirHKThtudfMigTqKutl2gzWSRvO6XDzqTE2JtlLVvRDc-DNeOCvApFWDip4Ft9FRQXt3Y7Z__wWTIjIF5yQTn8_Wp0msQbDKAQCUIR5XysMSCZq_os6zeWbxPOe77rvay-KRl8W2864LdMzUQ-KjYg4c-fBrl2E3ZXKmvc9uwGe3KyLH0GNUYYje3l73iG4ij3irGgI5gVZasJGGBv6eCMhf0KT1eTEkJ2FY_jdK8V6kB79qLsC4LMq_TRQv4btbjr_sZpB6Qi-M-3Y78qJjo2gXTZwBhtm6QjqWHJkz62HlRxDLAywK-J0dUYI5ifaqQ9Z20g5kJ7Kt_9BXUL4wEwzPniqz6oKI0
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 23 Dec 2022 05:03:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=8341&xuid=Ai51UlteS4GHd-ATBIsYQg&dongle=az46&gdpr=0&cmp_cs=&us_privacy=
date: Fri, 23 Dec 2022 05:03:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=E3A2BACFEBD50498

43 B
479 B

39ms
38ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=E3A2BACFEBD50498

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S864MQ1FM6JQZ9A7QE32
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Frontend-ID: 14
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=E3A2BACFEBD50498
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=2004515635888230825&ex=appnexus.com

43 B
479 B

35ms
33ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=2004515635888230825&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1EB2ZTD3HZVAV0VHYA5S
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 23 Dec 2022 05:03:56 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.249.36; 96.9.249.36; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a9c0fb9f-29e0-4fef-9a15-743ac0e92c3a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=2004515635888230825&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=Q6UT3GKFQ8ivQeIMbqTVjQ&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=Q6UT3GKFQ8ivQeIMbqTVjQ

43 B
479 B

34ms
32ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=Q6UT3GKFQ8ivQeIMbqTVjQ

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: K8YK8ZEQ20WRQ49CTMGT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=Q6UT3GKFQ8ivQeIMbqTVjQ
date: Fri, 23 Dec 2022 05:03:56 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=Cl-dzeJlDDQ_riIJ0uBy0w&ex=rubiconproject.com&status=ok

43 B
479 B

43ms
42ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=Cl-dzeJlDDQ_riIJ0uBy0w&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PKW1W17A8SGKBW6ZF6D9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=Cl-dzeJlDDQ_riIJ0uBy0w&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 83041abbe8494cb29eff3083edd6dff6
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=mMOoTd9BSYWRILC1orkXNQ&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

30ms
29ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CZCEN4HGRGBVS1TZBBH8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Dec 2022 05:03:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://loadus.exelator.com/load/?p=204&g=8888&j=0
https://loadus.exelator.com/load/?p=204&g=8888&j=0&xl8blockcheck=1
https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=b02b257b812da39e2b95b5bc0a1965e8

43 B
479 B

37ms
36ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=b02b257b812da39e2b95b5bc0a1965e8

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7K2E5XCYZ3RE6E77FMAC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 23 Dec 2022 05:03:56 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=b02b257b812da39e2b95b5bc0a1965e8
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2DBC36A5638916282402D6F9A2

43 B
479 B

33ms
33ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2DBC36A5638916282402D6F9A2

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6DYHK5H0XK3W6GG7M5FB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 23 Dec 2022 05:03:56 GMT
Server: openresty/1.15.8.2
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2DBC36A5638916282402D6F9A2
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection: keep-alive
Content-Length: 151
Expires: Fri, 23 Dec 2022 05:03:55 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=84e40dae83df162ab0c2fe0c48722456dd2e245f9fb00b7c96ec3ce79519e5df

43 B
479 B

40ms
40ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=84e40dae83df162ab0c2fe0c48722456dd2e245f9fb00b7c96ec3ce79519e5df

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BG7S79M9H4FJKCXQX4ME
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Dec 2022 05:03:56 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=84e40dae83df162ab0c2fe0c48722456dd2e245f9fb00b7c96ec3ce79519e5df
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=5D9951D6-56ED-440D-9FFC-75B5B5105522

43 B
479 B

39ms
39ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=5D9951D6-56ED-440D-9FFC-75B5B5105522

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2J96WHX76VC8RC8238QR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=5D9951D6-56ED-440D-9FFC-75B5B5105522
date: Fri, 23 Dec 2022 05:03:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6FBB
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=20a97569-4263-40b5-9a37-2638b36565c3-tucta9ebc3c

43 B
479 B

40ms
40ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=20a97569-4263-40b5-9a37-2638b36565c3-tucta9ebc3c

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 05:03:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CD6QC9V5PR1AD6ZNSMDQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=20a97569-4263-40b5-9a37-2638b36565c3-tucta9ebc3c
date: Fri, 23 Dec 2022 05:03:56 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 23352

GET
H2 200 web-widget-8165-81a3de7.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame FC44 663 KB
190 KB 71ms
70ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-81a3de7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
x-amz-version-id: kU1YYFzxaCl55Jp2ZazHPuUZRF69EWpK
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: F6CF3MN26C1XB9P3
age: 611929
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Ys+eYwYBOziZsXVEIlrSWvtqMWIX3BUDiU0MKiGIle8DCbj2uPRaLoKjAWygn3K0xbUQ9jq9URg=
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
server: cloudflare
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8q%2Ff1yRLDHIdCtHanNPTOodOv18VuvXeQx7oBWaahz5tL%2BArEgdAzc0U3ilRYBRsgs%2F7ijcrJ%2F30o6%2BDoyXKbcajMp2l7WjFEoPwSojpY9oHRq7Y%2BAOFVr97OVYINbZZ6JHs%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 77de8db40bdae738-EWR
expires: Thu, 14 Dec 2023 15:44:36 GMT

GET
H2 200 web-widget-5324-81a3de7.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame FC44 492 KB
108 KB 44ms
44ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-81a3de7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

217a6c6c8470831abbd71e72221d471f4bdc16787537a206d2fb69fa43a60238

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
x-amz-version-id: CY5KQGuue_uwVKm8gYgHUkbI5bFfwkO_
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: FXYHKVNXG2TJQ44S
age: 611929
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: tNX0CH+OJqvbM6it8pbxnn624wTzbpF4PsdaPpWNK96HxhOj9RgNXAbM03m0fQlBR4pKwJ1ZJjI=
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
server: cloudflare
etag: W/"c296a94da281fc44d57ec8f4e4cfb0fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIDnD6GZ51m0f95jP%2F1t%2FtWYDvPbpnAKEVKGsEamTZVieYEywgrQ8OZYHlranHhyqFGzukzEMgkOqUniCGsZax0na0P%2BKVpaHD2vGqZUYnoabsx5zKAzsFhU908rLKTB61PnNCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 77de8db40bdbe738-EWR
expires: Thu, 14 Dec 2023 15:44:36 GMT

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame E6C9 2 KB
1 KB 109ms
30ms Document
text/html 108.138.128.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1133465.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.128.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-128-36.jfk50.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.herocosmetics.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2562829
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 534f7e815b25f5cd40ef32ea39fc9a8c.cloudfront.net (CloudFront)
x-amz-cf-id: II2j0L9gVzleEDLnzHb3pMNaHUhCL98mydWV-mL8_jcygDMbxB3MgA==
x-amz-cf-pop: JFK50-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 main.9a94ee76.js Show response
s.pinimg.com/ct/lib/ 58 KB
21 KB 49ms
48ms Script
application/javascript 2600:1400:9000:28c::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:28c::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "e43867aadc515024dd460d8611098a12"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20728

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.5.0/ 505 B
924 B 29ms
29ms Script
text/javascript 52.6.11.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.5.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=true&flash=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.6.11.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-11-66.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a16c62fa23c3f16115e2035a04f744de1f9ba16d54f97d07f9e1faea16fab834

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 05:03:55 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Sat, 23 Dec 2023 05:03:55 GMT

GET
H3 200 cart.js Show response
www.herocosmetics.us/ 283 B
2 KB 91ms
91ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cart.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6aab443902639d1372e344c507374420a6d9e1a98c67fd6d429f1c95e997688

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.herocosmetics.us/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east4,us-east1,gcp-us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=22, db;dur=7, asn;desc="20278", edge;desc="BUF", country;desc="US", cfRequestDuration;dur=78.000069
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1f773e67-33de-4c13-89c6-298cb11f0ac6
x-sorting-hat-shopid: 21814481
x-shardid: 41
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 21814481
vary: Accept-Encoding, Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNbb3rGbGJAYZxLLU51XGq%2B1SZQUzSGo15bEA3tzxkN2jYSckJ%2BBemVu%2Buhc2c2nXSz%2BhHM25kmgj0gLpTJ6ogA%2BSTcA%2BFmbLVbaWW%2FkT1K%2BhP%2B0Ciro3TPF%2FdEkIUow%2B29knQ%2FR"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-language: en
x-download-options: noopen
cf-ray: 77de8db4efe8d15b-BUF
x-sorting-hat-podid: 41
x-cartjs-updatedat: 0

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 27ms
26ms Media
audio/mpeg 52.6.11.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.2668962402540638

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.6.11.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-11-66.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c0f050b452d1484a6a46a113a2dba1f55bb95f73091283f5b247bffd7542b1eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.herocosmetics.us/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Fri, 23 Dec 2022 05:03:55 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 552.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame D45E 21 KB
6 KB 77ms
22ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:55 GMT
x-amz-request-id: 6WVJENPQDRH49SZW
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5890
x-amz-id-2: AWWn4sr5T4SMrYy3qeljj1MMfEiFiXJHbrXNNU27ATxmaysVqZSsvt8g5y5mUcx0kDSEaK/jpxI=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1671771836.750704,VS0,VE0
etag: "777ac0df4dba632ad1b2955c88dd51ac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3612

GET
H2 200 552.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 7FF5 21 KB
6 KB 56ms
21ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:55 GMT
x-amz-request-id: 6WVJENPQDRH49SZW
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5890
x-amz-id-2: AWWn4sr5T4SMrYy3qeljj1MMfEiFiXJHbrXNNU27ATxmaysVqZSsvt8g5y5mUcx0kDSEaK/jpxI=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1671771836.750705,VS0,VE0
etag: "777ac0df4dba632ad1b2955c88dd51ac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3612

GET
H3 200 loggedincustomer Show response
www.herocosmetics.us/apps/ 3 B
2 KB 175ms
175ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/apps/loggedincustomer

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.herocosmetics.us/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east4,gcp-us-east4,us-east1,gcp-us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: cfRequestDuration;dur=161.000013, earlyhints
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 8b04255d-eb7c-442f-8b47-06c889cdd24a
x-shardid: 41
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 21814481
vary: Accept-Encoding, Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVn5TBMFizb3r6PFx8pHi3HojjMbL5LXYKehr2yAMEkl3BHjyAD%2BiXYiE09U8ZHlIauZgQbSMvnaQnqexfVGJq3vgqQgdL4OLE90IexPpjSJHGy8%2Bm91Zb4YOhkH5YdaklxeCVyY"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
content-language: en
x-download-options: noopen
cf-ray: 77de8db5b89ed15b-BUF
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 41

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame D45E 2 KB
1 KB 28ms
28ms Script
application/javascript 146.75.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.38.109 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200074-IAD
date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: gzip
via: 1.1 varnish
age: 387996
x-timer: S1671771836.834596,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 997
x-cache-hits: 36567

POST
H2 200 player-test-impression
fresnel.vimeocdn.com/add/ Frame D45E 0
142 B 87ms
40ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:55 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 1561685194-8f823ba63afba02fd50d7d85ae8c052db00d6f721181f38f3c266eb7608a785b-d
i.vimeocdn.com/video/ Frame D45E 51 KB
51 KB 38ms
31ms Image
image/avif 146.75.38.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1561685194-8f823ba63afba02fd50d7d85ae8c052db00d6f721181f38f3c266eb7608a785b-d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.38.109 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 090137bf276a53c9b505a3f6358743a026f9ab1d806f6731eebdc2a8ef7d07dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1517366
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 52213
viewmaster-server: viewmaster-us-central1-mzx6
x-served-by: cache-dfw-kdfw8210107-DFW, cache-iad-kcgs7200074-IAD
x-timer: S1671771836.887427,VS0,VE4
etag: ebc50122f71954e9020c4dcdde6b0364
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 13, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame D45E 0
40 B 78ms
41ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=f512dcc269d9a490b41c4f1cc353b320b8ea5a6b1671771835
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:55 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 7FF5 2 KB
1 KB 33ms
32ms Script
application/javascript 146.75.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.38.109 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200074-IAD
date: Fri, 23 Dec 2022 05:03:55 GMT
content-encoding: gzip
via: 1.1 varnish
age: 387996
x-timer: S1671771836.921084,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 997
x-cache-hits: 36568

POST
H2 200 player-test-impression
fresnel.vimeocdn.com/add/ Frame 7FF5 0
40 B 41ms
40ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:55 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 1561685194-8f823ba63afba02fd50d7d85ae8c052db00d6f721181f38f3c266eb7608a785b-d
i.vimeocdn.com/video/ Frame 7FF5 24 KB
24 KB 39ms
39ms Image
image/avif 146.75.38.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1561685194-8f823ba63afba02fd50d7d85ae8c052db00d6f721181f38f3c266eb7608a785b-d?mw=700&mh=700
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.38.109 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0620daeb5b45d7a66c3f8f6944453a804e8d37c47a3f7885689ed47ec26716b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:55 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1468914
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 24576
viewmaster-server: viewmaster-us-east1-kc4g
x-served-by: cache-dfw-kdfw8210101-DFW, cache-iad-kcgs7200074-IAD
x-timer: S1671771836.943530,VS0,VE1
etag: b12fa1fb4567e7ed0109a58ea6019aea
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 20, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 7FF5 0
40 B 39ms
38ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=0df0dd5520ae0f7cee202563cdd71a72bc846d771671771835
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:55 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame D45E 0
40 B 39ms
38ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=f512dcc269d9a490b41c4f1cc353b320b8ea5a6b1671771835
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:55 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 play
player-telemetry.vimeo.com/player-events/log/ Frame D45E 0
60 B 47ms
38ms Ping
text/html 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/play
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:55 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK master.json Show response
117vod-adaptive.akamaized.net/exp=1671775735~acl=%2F89b085ab-b3ec-41d5-80b2-5a2c3a786354%2F%2A~hmac=9fea8a82889295b13c93d8bc6e2fa1a7e6e0b5f21813b77d85e7f011c30f6b6a/89b085ab-b3ec-41d5-80b2-5a2c3a78... Frame D45E 8 KB
2 KB 170ms
37ms XHR
application/json 2600:1402:b800:43::1730:a297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://117vod-adaptive.akamaized.net/exp=1671775735~acl=%2F89b085ab-b3ec-41d5-80b2-5a2c3a786354%2F%2A~hmac=9fea8a82889295b13c93d8bc6e2fa1a7e6e0b5f21813b77d85e7f011c30f6b6a/89b085ab-b3ec-41d5-80b2-5a2c3a786354/sep/video/a70ac133,bd106ded,97a2d8d6,67a22b5e,167b71f2/master.json?query_string_ranges=1&base64_init=1
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:1402:b800:43::1730:a297 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fd9c9a58705b4dadb00de42aaa52d48af175ce741227450df337af2fac0774a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 05:03:56 GMT
Content-Encoding: gzip
X-VIM-CACHEBC: EP:H11,E:h
origin-retrieved-hour: 1670263200
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1687
AK-REFERENCE-ID: 0.577a2b17.1671771836.2568613f
ETag: W/"523048e7f5ca9550505f2d8ea6d587e7"
Access-Control-Max-Age: 86400
Vary: Accept-Encoding
Aka-c-hit: cache-hit
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=30028693
Akamai-Edge-IP: 2600:1402:b800:43::1730:a297
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
766 B 110ms
30ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613867077094&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1671771835950&dep=2%2CPAGE_LOAD
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 501294284b0917449730c3743be6e3610c15b15904d7e502e8d1523a83d6aafb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pin-unauth: dWlkPVpqVmtPREF4WmpBdE5EazRNaTAwTURGakxXRmpNR0V0WXpBMFl6VmxObUZtTVdZeQ
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Fri, 23 Dec 2022 05:03:56 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.herocosmetics.us
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-pinterest-rid: 8992626147666060
content-length: 382
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
495 B 110ms
31ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613867077094&cb=1671771835951&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 501294284b0917449730c3743be6e3610c15b15904d7e502e8d1523a83d6aafb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pin-unauth: dWlkPVpXTTROMlkyWldFdE1tSm1PQzAwWlRobExXRTRNMk10WVdGa05tVTRPREV4TURZMg
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Fri, 23 Dec 2022 05:03:56 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.herocosmetics.us
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-pinterest-rid: 8275445194159643
content-length: 382
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 en-us-json-81a3de7.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame FC44 25 KB
6 KB 37ms
36ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-81a3de7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94e4c3b6896b0a02d7f59fec061ad80600f4487a0003effb51ac476ab964f0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-version-id: w19VoZjQsh3pKdlpVeLbZ8rEmUXDsh_h
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: FXYXY4TV8DHBRBRP
age: 611930
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: IlYt8cct3+FHVgRnlbeN1NF3DODDmR2Zi/Na4Mb/F4Egg1EQ4CGcPwT4X/SgZQYA78S6Kqyn/eU=
last-modified: Wed, 14 Dec 2022 15:44:38 GMT
server: cloudflare
etag: W/"10d9a30eac6ed106c66673278428cd9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sugsWlF4a37glHnGBHC24dCAmmJond7mAPYge5wj9BnwLyJfapk1BRIblyK38XSTNeT5DP7n8TDCRhhhEqbTzAraR%2B%2FGLy3HgLSTs4KaCIM3q%2FXOYsssqVv3U0Rv02ntasNupbI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 77de8db77e38e738-EWR
expires: Thu, 14 Dec 2023 15:44:37 GMT

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame 7FF5 0
11 B 94ms
42ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=0df0dd5520ae0f7cee202563cdd71a72bc846d771671771835
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:56 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 play
player-telemetry.vimeo.com/player-events/log/ Frame 7FF5 0
12 B 125ms
40ms Ping
text/html 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/play
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:56 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK master.json Show response
117vod-adaptive.akamaized.net/exp=1671775735~acl=%2F89b085ab-b3ec-41d5-80b2-5a2c3a786354%2F%2A~hmac=9fea8a82889295b13c93d8bc6e2fa1a7e6e0b5f21813b77d85e7f011c30f6b6a/89b085ab-b3ec-41d5-80b2-5a2c3a78... Frame 7FF5 8 KB
2 KB 43ms
43ms XHR
application/json 2600:1402:b800:43::1730:a297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://117vod-adaptive.akamaized.net/exp=1671775735~acl=%2F89b085ab-b3ec-41d5-80b2-5a2c3a786354%2F%2A~hmac=9fea8a82889295b13c93d8bc6e2fa1a7e6e0b5f21813b77d85e7f011c30f6b6a/89b085ab-b3ec-41d5-80b2-5a2c3a786354/sep/video/a70ac133,bd106ded,97a2d8d6,67a22b5e,167b71f2/master.json?query_string_ranges=1&base64_init=1
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:1402:b800:43::1730:a297 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fd9c9a58705b4dadb00de42aaa52d48af175ce741227450df337af2fac0774a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 05:03:56 GMT
Content-Encoding: gzip
X-VIM-CACHEBC: EP:H11,E:h
origin-retrieved-hour: 1670263200
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1687
AK-REFERENCE-ID: 0.577a2b17.1671771836.25686140
ETag: W/"523048e7f5ca9550505f2d8ea6d587e7"
Access-Control-Max-Age: 86400
Vary: Accept-Encoding
Aka-c-hit: cache-hit
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=30028693
Akamai-Edge-IP: 2600:1402:b800:43::1730:a297
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1133465/ 148 B
322 B 318ms
102ms XHR
application/json 52.49.37.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1133465/visit-data?sv=7
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-37-246.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 23 Dec 2022 05:03:56 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 1133465 Show response
vc.hotjar.io/sessions/ 0
258 B 163ms
85ms XHR
text/plain 18.164.96.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1133465?s=0.25&r=0.08907849584544003
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-54.jfk50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:56 GMT
via: 1.1 9750f5ee94b45ad0faba87b3fac2aad6.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: kWzP1ltLgo0cxL4UedemDmvVeTRqYITqPUfJDMGLrM_4lrS3PuwA0w==

GET
H2 200 290.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame D45E 8 KB
4 KB 22ms
22ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/290.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVMKZD3FVRY3E5Z
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3424
x-amz-id-2: 3JMcrqcB3n1lyWkms95Fkhp0UCgdQNd5ExAQbW5jB2W/WyiimDq87m5dD1tmUXEzXJXlCb6OETc=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.153553,VS0,VE0
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3589

GET
H2 200 368.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame D45E 3 KB
2 KB 47ms
47ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/368.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVR992TYTJJCM7K
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1443
x-amz-id-2: S+TKbhFJNbMqZAXGchl6k2W2OJbhYYZq45/adeBTgi6uhtJUn41K0n3s8A/+20hsVPiwD0DetYM=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.153957,VS0,VE0
etag: "16b4f3676c3859e1378a2ccdebbad675"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3591

GET
H2 200 768.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame D45E 5 KB
2 KB 47ms
47ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/768.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVY3Y765E3N3PG8
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: icNlQ9ORkLo+Hr/gICv+Y0zzJlk/azeAlLa+L/A+zhg87m3jmxkSE39+g33nplAX+Kmt4ZSR/Ek=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.154689,VS0,VE0
etag: "d6cc8b42eda6fd7734014b03b87b5787"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3575

GET
H2 200 775.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame D45E 1 KB
919 B 48ms
47ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/775.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVKFMTG9N3F4E5E
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 632
x-amz-id-2: G3fgmTjJHIXNAfRvsKNbDQa3aatix/JBYq/dIAVt2VLhxgqST/Z/h6CYpKlfBMsfi/4CmSOrm4Q=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.155237,VS0,VE0
etag: "1dfdb74c0491489bf04c6deadb56add2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3591

GET
H2 200 39.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame D45E 7 KB
3 KB 48ms
47ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/39.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eecee666ee54c49c3fa83323e1f0fc76cf8cb28e94bca8f1a74c90b46309416

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVQ1Q6PQYDKR2VC
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2755
x-amz-id-2: QK34BJxK/M6fT4xLozFdKJKdfOsgSDFJ8l9Vf+BodLSWzephG1q8VOUGwhIkijLgayLpZx0Oa4Y=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.156403,VS0,VE0
etag: "0448380a8f2cd0426bbdf04dd45b5408"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2572

GET
H2 200 0.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame D45E 5 KB
3 KB 50ms
49ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/0.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 556ab4c31631686b7f6f5d716452b07212dea63ed810010d1873b91f4478c683

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVJ6N7R923ZNNWS
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2349
x-amz-id-2: NG5fjfNRjNPgV5KHJPjQqZnJp79tJ4zKzBPGV0b8CeNl+GuJGVt9PLFlsDLIGLFR6yclNwi2wZU=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.159156,VS0,VE0
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2569

GET
H2 200 571.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame D45E 2 KB
1 KB 49ms
49ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/571.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1f76e602d084a84b969d3d0ec2ab7b05fa05202bdf9a32ee21f5a3597698c48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVS0621DCDEME5Y
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1108
x-amz-id-2: G9fXwFlwfdYihptGgiBBmJ7EP246k1R69nuHgMg2CNDXtMTWMEPTbIHaBzhVjosSv18PbtnRBVQ=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.159121,VS0,VE0
etag: "04b00905b32fd8d29459545bc125cff6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2570

GET
H2 200 820.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame D45E 7 KB
3 KB 47ms
47ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/820.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a913b760ef4daa94e27bdb4e4d09659e53f3aaab195ff06ff0e36ed925d17e17

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVGPX1STPETD3BG
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2979
x-amz-id-2: eOXJbcasOeJQ8oY3d01CEqlqo+4Pl2VurU8q0li7QSmbUoCXu22PuA9JB3hPWtyTaxocYErojps=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.159108,VS0,VE0
etag: "897a1a72a47e4f4a24c05aec49af638f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2569

GET
H2 200 790.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame D45E 17 KB
6 KB 48ms
47ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/790.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ce298e325c14e8fbfe8c7bf94be0b3c295e81d127634377bdc0b90002bec29b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVWPPM1DSGWWRS0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6064
x-amz-id-2: bqtbe5I2cN/xuBciAhh7KYNfC3+NV/JZmixmjpglgBwCQ9pEaBdHEtqnAvYq72pDmUd/tQeoz1M=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1671771836.159099,VS0,VE0
etag: "af8c077a247e90dff929d7af81c94f57"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2041

GET
H2 200 290.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 7FF5 8 KB
4 KB 48ms
47ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/290.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVMKZD3FVRY3E5Z
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3424
x-amz-id-2: 3JMcrqcB3n1lyWkms95Fkhp0UCgdQNd5ExAQbW5jB2W/WyiimDq87m5dD1tmUXEzXJXlCb6OETc=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.160661,VS0,VE0
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3590

GET
H2 200 368.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 7FF5 3 KB
2 KB 53ms
52ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/368.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVR992TYTJJCM7K
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1443
x-amz-id-2: S+TKbhFJNbMqZAXGchl6k2W2OJbhYYZq45/adeBTgi6uhtJUn41K0n3s8A/+20hsVPiwD0DetYM=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.175127,VS0,VE0
etag: "16b4f3676c3859e1378a2ccdebbad675"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3592

GET
H2 200 768.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 7FF5 5 KB
2 KB 51ms
50ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/768.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVY3Y765E3N3PG8
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: icNlQ9ORkLo+Hr/gICv+Y0zzJlk/azeAlLa+L/A+zhg87m3jmxkSE39+g33nplAX+Kmt4ZSR/Ek=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.175121,VS0,VE0
etag: "d6cc8b42eda6fd7734014b03b87b5787"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3576

GET
H2 200 775.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 7FF5 1 KB
837 B 51ms
50ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/775.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVKFMTG9N3F4E5E
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 632
x-amz-id-2: G3fgmTjJHIXNAfRvsKNbDQa3aatix/JBYq/dIAVt2VLhxgqST/Z/h6CYpKlfBMsfi/4CmSOrm4Q=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.175107,VS0,VE0
etag: "1dfdb74c0491489bf04c6deadb56add2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3592

GET
H2 200 39.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 7FF5 7 KB
3 KB 51ms
50ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/39.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eecee666ee54c49c3fa83323e1f0fc76cf8cb28e94bca8f1a74c90b46309416

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVQ1Q6PQYDKR2VC
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2755
x-amz-id-2: QK34BJxK/M6fT4xLozFdKJKdfOsgSDFJ8l9Vf+BodLSWzephG1q8VOUGwhIkijLgayLpZx0Oa4Y=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.175099,VS0,VE0
etag: "0448380a8f2cd0426bbdf04dd45b5408"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2573

GET
H2 200 0.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 7FF5 5 KB
2 KB 47ms
46ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/0.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 556ab4c31631686b7f6f5d716452b07212dea63ed810010d1873b91f4478c683

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVJ6N7R923ZNNWS
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2349
x-amz-id-2: NG5fjfNRjNPgV5KHJPjQqZnJp79tJ4zKzBPGV0b8CeNl+GuJGVt9PLFlsDLIGLFR6yclNwi2wZU=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.175065,VS0,VE0
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2570

GET
H2 200 571.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 7FF5 2 KB
1 KB 46ms
45ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/571.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1f76e602d084a84b969d3d0ec2ab7b05fa05202bdf9a32ee21f5a3597698c48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVS0621DCDEME5Y
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1108
x-amz-id-2: G9fXwFlwfdYihptGgiBBmJ7EP246k1R69nuHgMg2CNDXtMTWMEPTbIHaBzhVjosSv18PbtnRBVQ=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.175051,VS0,VE0
etag: "04b00905b32fd8d29459545bc125cff6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2571

GET
H2 200 820.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 7FF5 7 KB
3 KB 46ms
45ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/820.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a913b760ef4daa94e27bdb4e4d09659e53f3aaab195ff06ff0e36ed925d17e17

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVGPX1STPETD3BG
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2979
x-amz-id-2: eOXJbcasOeJQ8oY3d01CEqlqo+4Pl2VurU8q0li7QSmbUoCXu22PuA9JB3hPWtyTaxocYErojps=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671771836.175025,VS0,VE0
etag: "897a1a72a47e4f4a24c05aec49af638f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2570

GET
H2 200 790.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 7FF5 17 KB
6 KB 50ms
49ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/790.2d6a2503-1220.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ce298e325c14e8fbfe8c7bf94be0b3c295e81d127634377bdc0b90002bec29b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-encoding: gzip
via: 1.1 varnish
date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-request-id: 6WVWPPM1DSGWWRS0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6064
x-amz-id-2: bqtbe5I2cN/xuBciAhh7KYNfC3+NV/JZmixmjpglgBwCQ9pEaBdHEtqnAvYq72pDmUd/tQeoz1M=
x-served-by: cache-ewr18176-EWR
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1671771836.175031,VS0,VE0
etag: "af8c077a247e90dff929d7af81c94f57"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2042

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
96 B 49ms
47ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613867077094&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.herocosmetics.us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%229a94ee76%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1671771836160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 05:03:56 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1632716523943158
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bootstrap.min.css
cdn-swell-assets.yotpo.com/ Frame EC11 128 KB
17 KB 27ms
26ms Stylesheet
text/css 192.229.163.223
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-swell-assets.yotpo.com/bootstrap.min.css
Requested by: Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.367.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.223 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D32) /
Resource Hash: d85fdb38867dbfd85d49d3711045f03ba72cccfc3217003f911b34d18a05d580

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:56 GMT
content-encoding: gzip
x-amz-version-id: null
last-modified: Sat, 03 Nov 2018 07:07:15 GMT
server: ECS (nyb/1D32)
age: 109799846
x-amz-request-id: B9A1295A77B201BC
etag: "ac7e8e8ff20e7d843326d71a28ecb087+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=315360000
content-length: 16944
x-amz-id-2: k7+hcvPur50IyBStgAX39sAwQW26LyNVgNPpte9nriOE+CfQsN4jg7q6xBKpbuik4O2OXhISSZY=

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame EC11 30 KB
7 KB 64ms
19ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.367.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 871
age: 3607019
cdn-cachedat: 07/07/2022 17:49:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 53050069f7634df6ba0426ea6471d136
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 77de8db87fc1d163-BUF
cdn-requestpullsuccess: True

GET
H3 200 css
fonts.googleapis.com/ 8 KB
712 B 38ms
38ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:300,400,700,bold,normal

Requested by

Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.367.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 05:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 03:30:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 05:03:56 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 893D 565 B
400 B 32ms
32ms Document
text/html 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www.herocosmetics.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 23 Dec 2022 05:03:56 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1745934020992129

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame D45E 0
11 B 42ms
41ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=f512dcc269d9a490b41c4f1cc353b320b8ea5a6b1671771835
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:56 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK bd106ded.mp4 Show response
117vod-adaptive.akamaized.net/exp=1671775735~acl=%2F89b085ab-b3ec-41d5-80b2-5a2c3a786354%2F%2A~hmac=9fea8a82889295b13c93d8bc6e2fa1a7e6e0b5f21813b77d85e7f011c30f6b6a/89b085ab-b3ec-41d5-80b2-5a2c3a78... Frame D45E 396 KB
397 KB 41ms
40ms XHR
video/mp4 2600:1402:b800:43::1730:a297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://117vod-adaptive.akamaized.net/exp=1671775735~acl=%2F89b085ab-b3ec-41d5-80b2-5a2c3a786354%2F%2A~hmac=9fea8a82889295b13c93d8bc6e2fa1a7e6e0b5f21813b77d85e7f011c30f6b6a/89b085ab-b3ec-41d5-80b2-5a2c3a786354/parcel/video/bd106ded.mp4?r=dXMtZWFzdDE%3D&range=876-406408
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:1402:b800:43::1730:a297 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 02659dd33e785df391bbfd666c8a56e059c732be4de8da85d4ede70f863cfa1e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 05:03:56 GMT
X-VIM-CACHEBC: EP:H11,E:h
origin-retrieved-hour: 1670252400
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 405533
AK-REFERENCE-ID: 0.577a2b17.1671771836.25686150
Last-Modified: Mon, 05 Dec 2022 15:28:13 GMT
Server: parcel
ETag: "-CNjRn6/l4vsCEAE="
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=30018578
Akamai-Edge-IP: 2600:1402:b800:43::1730:a297
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame D45E 0
895 B 224ms
180ms Ping
text/plain 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=f512dcc269d9a490b41c4f1cc353b320b8ea5a6b1671771835

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Thu, 22 Dec 2022 17:03:56 GMT
Date: Fri, 23 Dec 2022 05:03:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kjyo7100062-IAD, cache-lga21957-LGA
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1671771836.422680,VS0,VE147
x-backend-proxy: webproxy1
x-frame-options: sameorigin
Vary: User-Agent
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-7fd979759b-bwt59
Accept-Ranges: bytes
CF-RAY: 77de8db99dca1835-EWR
X-Cache-Hits: 0, 0

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame 7FF5 0
11 B 40ms
39ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=0df0dd5520ae0f7cee202563cdd71a72bc846d771671771835
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:56 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK bd106ded.mp4 Show response
117vod-adaptive.akamaized.net/exp=1671775735~acl=%2F89b085ab-b3ec-41d5-80b2-5a2c3a786354%2F%2A~hmac=9fea8a82889295b13c93d8bc6e2fa1a7e6e0b5f21813b77d85e7f011c30f6b6a/89b085ab-b3ec-41d5-80b2-5a2c3a78... Frame 7FF5 396 KB
397 KB 113ms
40ms XHR
video/mp4 2600:1402:b800:43::1730:a297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://117vod-adaptive.akamaized.net/exp=1671775735~acl=%2F89b085ab-b3ec-41d5-80b2-5a2c3a786354%2F%2A~hmac=9fea8a82889295b13c93d8bc6e2fa1a7e6e0b5f21813b77d85e7f011c30f6b6a/89b085ab-b3ec-41d5-80b2-5a2c3a786354/parcel/video/bd106ded.mp4?r=dXMtZWFzdDE%3D&range=876-406408
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:1402:b800:43::1730:a297 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 02659dd33e785df391bbfd666c8a56e059c732be4de8da85d4ede70f863cfa1e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 05:03:56 GMT
X-VIM-CACHEBC: EP:H11,E:h
origin-retrieved-hour: 1670252400
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 405533
AK-REFERENCE-ID: 0.577a2b17.1671771836.256861d0
Last-Modified: Mon, 05 Dec 2022 15:28:13 GMT
Server: parcel
ETag: "-CNjRn6/l4vsCEAE="
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=30018578
Akamai-Edge-IP: 2600:1402:b800:43::1730:a297
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H3 200 css
fonts.googleapis.com/ Frame EC11 8 KB
712 B 36ms
36ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:300,400,700,bold,normal

Requested by

Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.367.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 05:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 03:50:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 05:03:56 GMT

GET
H2 200 Thumbnail_2-(1).png
cld.accentuate.io/40419154001962/1666386562505/ 54 KB
55 KB 41ms
38ms Image
image/png 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/40419154001962/1666386562505/Thumbnail_2-(1).png?v=1668031704888&options=w_600,h_600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294b3f1aed26331f3530030be1579f1c091ffe39d906e40f26c446ab87c95d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

age: 3680262
cf-bgj: imgq:85,h2pri
etag: "SCOW0ml4jFeIGgoAR&Jgeg6kZs5BeMqmuh4nJWYEhihbekIsJoABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVE"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
x-hw: 1668031708.dop027.ma1.t,1668031708.cds203.ma1.hn,1668031708.cds037.ma1.p
content-type: image/png
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-headers: *
date: Fri, 23 Dec 2022 05:03:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 56e001f87fa53501872a21f09bb07046.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-twicpics-quality: 70
x-amz-cf-pop: SFO5-C1, JFK50-P2
cf-polished: origSize=49977
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywsFhrjVw0OEbgAbjqw8QnfGDKNyWzXV%2Fqd6W%2Fhrxi4TF5rA99EyHIT6FJqhWMZFDYNc32KjGzaBU7W%2B8mboSC%2FdVnLqVEQa91oY1o2wsC5uHtR%2BbiImgWQSPmm4%2Bf3Gn5XEtpfHnAk%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
x-rgw-object-type: Normal
access-control-allow-credentials: true
x-origin-cache: MISS
cf-ray: 77de8db99dedc452-EWR
x-amz-cf-id: TVVj5LZT9c1fZ7X5ROkhhKe9sw_UD4yFAdBTVUpYc0wE3iNtw4vDSA==
timing-allow-origin: *

GET
H2 200 Thumbnail.png
cld.accentuate.io/40419278913578/1666388304700/ 15 KB
16 KB 39ms
36ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/40419278913578/1666388304700/Thumbnail.png?v=1666388304700&options=w_600,h_600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc958d6f1601eb74eba413562eb663ce546e5e7ac885e4c88ed8323f597aa02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Dec 2022 05:03:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 3a80316ee74668c7049eb31054a07168.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-twicpics-quality: 70
age: 4731654
x-amz-cf-pop: SFO53-P1, JFK50-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
server: cloudflare
etag: "SCSWwmTFhFWIakoARPCoqXGdGQoRuFijuTFloxGcuJucin4v6RABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVE"
allow: HEAD, GET, OPTIONS
x-hw: 1666388307.dop207.ma1.t,1666388307.cds218.ma1.hn,1666388307.cds202.ma1.p
content-type: image/webp
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
access-control-max-age: 3600
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-credentials: true
x-rgw-object-type: Normal
x-twicpics-options: resize=600x600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f22EaMeuT5X%2BxnIn2B9aRdUUq%2FBE6u8fK%2F0YQtuFYi2mbg69wGWOQCFK%2BMYEOZIh%2FTyrMeL5CUnBuZOuxV8Sh9D6Ov4KOhp2DLr9cWxq26TwE4NJ%2F%2B6AXU4GpZzZn4C2%2BWs6fNQE%2FH8%3D"}],"group":"cf-nel","max_age":604800}
x-origin-cache: MISS
cf-ray: 77de8db99df1c452-EWR
access-control-allow-headers: *
x-amz-cf-id: PNzsn8LXUa7iVn-zjh7CFrQ9gBQWOKlPECHJmtXRCNLbiQUfiz1ftQ==
access-control-allow-origin: *

GET
H2 200 MPNS_600x600_1.png
cld.accentuate.io/39723595399210/1643139254716/ 17 KB
17 KB 37ms
35ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/39723595399210/1643139254716/MPNS_600x600_1.png?v=0&options=w_600,h_600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b836315f8c000bc3d36b72fd1083a3a58490875b7b6eed7b9ed13b8de62e474

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Dec 2022 05:03:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 fba666ceffdeb316c8edf476d8994bd4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-twicpics-quality: 70
age: 5205293
x-amz-cf-pop: SFO53-P1, IAD89-C1
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
server: cloudflare
etag: "ddNTERENhUBVJVGRwCGYajASSyV1caH2UIoh1Fuo7T5akGqwVVAGAMSYc1GO&AXoVPlahsPfEJfZrUoamSkXGOx4ttGN9NEp2dtb7rBFWsUn&hY"
allow: HEAD, GET, OPTIONS
x-hw: 1665827035.dop041.ma1.t,1665827035.cds228.ma1.hn,1665827035.cds218.ma1.p
content-type: image/webp
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
access-control-max-age: 3600
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-credentials: true
x-rgw-object-type: Normal
x-twicpics-options: resize=600x600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTgbehhTgrDXrHn8G1BZPiVWI2qUFpMdqI%2Be33LAUqpk0S%2FMsy2tASsvRNGPU23DAqCsu1F45yhHt%2FDjPWUpAx%2BzXEqIQXUrvxEQefcBE%2Biy4NQRdEw9i7DJwE6OYQt8lUP%2BvAoL3B8%3D"}],"group":"cf-nel","max_age":604800}
x-origin-cache: HIT
cf-ray: 77de8db99df5c452-EWR
access-control-allow-headers: *
x-amz-cf-id: NaUgdPd9Rw8J2Qfp9hujJVHR2nekySsDzMz-CLt8xSoAZJo-aVEiPA==
access-control-allow-origin: *

GET
H2 200 CC-Bundle_thumbnail.png
cld.accentuate.io/32307634536490/1643135545522/ 78 KB
79 KB 44ms
42ms Image
image/png 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/32307634536490/1643135545522/CC-Bundle_thumbnail.png?v=0&options=w_600,h_600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbc7fdef737e456fb26cf8878f90b563960a3878c7bca8a55c6f5d2dd71de80f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Dec 2022 05:03:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-twicpics-quality: 70
age: 5820014
x-amz-cf-pop: SFO53-P1, JFK50-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
server: cloudflare
etag: "SCGl3WA4CFKIBgoARVGoeo5nEOZ8hIiZiiGgHMosuAqies5vZtABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVE"
allow: HEAD, GET, OPTIONS
x-hw: 1660639293.dop204.ma1.t,1660639293.cds212.ma1.shn,1660639293.dop204.ma1.t,1660639293.cds017.ma1.p
content-type: image/png
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
access-control-max-age: 3600
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-credentials: true
x-rgw-object-type: Normal
x-twicpics-options: resize=600x600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GldJ%2Bj3vgRj9hPxKDaw1q90BIVydSCMxEHeONyR4YTXPPVVtI86IgdNo%2BEkAsxWXr0l0DzhXcLzQ7rkZpyuLYSwVyJXFxL0g0PmBrOXwBjbDVH7MXV4zGWgP%2BnXputPF8NS5bB3GTP4%3D"}],"group":"cf-nel","max_age":604800}
x-origin-cache: HIT
cf-ray: 77de8db99df7c452-EWR
access-control-allow-headers: *
x-amz-cf-id: iwQmpIUSnsXxHk3WqHMlmcel5hRJKNHW-DJ2jDAUNWpANxx0vrocIw==
access-control-allow-origin: *

GET
H2 200 web-widget-chat-sdk-81a3de7.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame FC44 202 KB
51 KB 37ms
37ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-81a3de7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0dd9e6f31221b8432522601d43794879960167232e35bfd035187e12fbbdb89

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:56 GMT
x-amz-version-id: _S9k0k7m14Q1JXEfLI.DU.BBCg9qJXGg
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: MPR6S5W1WWFW2CCQ
age: 611929
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: NePHzbQorqS1oGqn/oOPvyVPzIre188CpYnaMdgdO0jCl4XQVz+IK7svEwPxD0F5bNn8zF8upD198u1v+B8vNQ==
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
server: cloudflare
etag: W/"d366c0776c2bacba354d40e564c3d3e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPGNzWXMTjP7JAlsGK0WM48U6zZmoSUVmt48ymwPsJWYYfRHvZKEUtzPZhZsMtoj2GVMqt%2FMCv84sqpCaKx0sLRYrQ60z2l19khJkNFfa6b7GEEzNTg%2BTTikWpB2XRajKj%2BLqYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 77de8db9ffb9e738-EWR
expires: Thu, 14 Dec 2023 15:44:36 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
332 B 33ms
32ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613867077094&cb=1671771836509&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVpqVmtPREF4WmpBdE5EazRNaTAwTURGakxXRmpNR0V0WXpBMFl6VmxObUZtTVdZeQ%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.herocosmetics.us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%229a94ee76%22%2C%22is_eu%22%3A%22false%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 05:03:56 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1685748332244840
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 689d5b4562 Show response
bam.nr-data.net/1/ Frame D45E 49 B
532 B 135ms
72ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/689d5b4562?a=2815207&v=1220.PROD&to=NVVXNhYAWhJWBhVfCwwfcxcKAkAIWAtOQA0PVVpMBw5aFUUKDVoBEEMbDwUIWj5UCg9CFg1cWQcWW3kAXgspVwoGXFAQSgZRFQ%3D%3D&rst=1348&ck=0&s=d500f9abfa927cec&ref=https://player.vimeo.com/video/778141303&ap=1&be=247&fe=265&dc=90&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1671771835170,%22n%22:0,%22f%22:4,%22dn%22:6,%22dne%22:19,%22c%22:19,%22s%22:42,%22ce%22:66,%22rq%22:66,%22rp%22:144,%22rpe%22:152,%22dl%22:202,%22di%22:336,%22ds%22:337,%22de%22:337,%22dc%22:512,%22l%22:512,%22le%22:516%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 05:03:56 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 77de8dbabfb71927-EWR

GET
H/1.1 200
OK 689d5b4562 Show response
bam.nr-data.net/1/ Frame 7FF5 49 B
522 B 187ms
140ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/689d5b4562?a=2815207&v=1220.PROD&to=NVVXNhYAWhJWBhVfCwwfcxcKAkAIWAtOQA0PVVpMBw5aFUUKDVoBEEMbDwUIWj5UCg9CFg1cWQcWW3kAXgspVwoGXFAQSgZRFQ%3D%3D&rst=1307&ck=0&s=d500f9abfa927cec&ref=https://player.vimeo.com/video/778141303&ap=1&be=238&fe=175&dc=124&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1671771835291,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:31,%22rp%22:110,%22rpe%22:137,%22dl%22:169,%22di%22:356,%22ds%22:362,%22de%22:362,%22dc%22:413,%22l%22:413,%22le%22:414%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: en-US,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 05:03:56 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 77de8dbb1859f051-EWR

GET
H2 200 Hero_RB_Thumbnail_596x596.png
cld.accentuate.io/39885452869674/1644355195862/ 2 KB
3 KB 37ms
36ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/39885452869674/1644355195862/Hero_RB_Thumbnail_596x596.png?v=0&options=w_200,h_200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b8bb99b61d936473e1d76cf79e1ed930c8b81efeb22ce67b90390399c4503d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Dec 2022 05:03:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-twicpics-quality: 70
age: 5945962
x-amz-cf-pop: SFO53-P1, JFK50-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
server: cloudflare
etag: "SCam3WwIQ4eIaQoARyBgmlEcnEnQu3uqutEeb1nQmdhihgoq47ABQkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVE"
allow: HEAD, GET, OPTIONS
x-hw: 1658570719.dop204.ma1.t,1658570719.cds037.ma1.shn,1658570719.dop204.ma1.t,1658570720.cds227.ma1.p
content-type: image/webp
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: *
access-control-max-age: 3600
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-credentials: true
x-rgw-object-type: Normal
x-twicpics-options: resize=200x200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6tC8zeCoMYWvW%2FvEMVRAKm6B3koxq7ASLwrql2pCVqaWcg%2F%2FZBlZT7zqx8SutmbMhzWMjaNNMcAIIT2UMvVL2FQUX2C0HcdTdv9VjMp7xe9vx3Ji9iL8J1rwgyw5GTL5oWgf8st4yM%3D"}],"group":"cf-nel","max_age":604800}
x-origin-cache: MISS
cf-ray: 77de8dbadfd3c452-EWR
access-control-allow-headers: *
x-amz-cf-id: -YIMbWUHZU2LieHvq_cGVmVUC_lLOxVWJqJTMgsTrF1Vy0QUFHYxNQ==
access-control-allow-origin: *

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame 7FF5 0
11 B 46ms
45ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=0df0dd5520ae0f7cee202563cdd71a72bc846d771671771835
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:56 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame D45E 0
11 B 44ms
43ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=f512dcc269d9a490b41c4f1cc353b320b8ea5a6b1671771835
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:56 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK 689d5b4562 Show response
bam.nr-data.net/events/1/ Frame D45E 24 B
404 B 63ms
62ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/689d5b4562?a=2815207&v=1220.PROD&to=NVVXNhYAWhJWBhVfCwwfcxcKAkAIWAtOQA0PVVpMBw5aFUUKDVoBEEMbDwUIWj5UCg9CFg1cWQcWW3kAXgspVwoGXFAQSgZRFQ%3D%3D&rst=1553&ck=0&s=d500f9abfa927cec&ref=https://player.vimeo.com/video/778141303
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 23 Dec 2022 05:03:56 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://player.vimeo.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 77de8dbb98b91927-EWR
Content-Length: 24

POST
H/1.1 200
OK 689d5b4562 Show response
bam.nr-data.net/events/1/ Frame 7FF5 24 B
404 B 63ms
63ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/689d5b4562?a=2815207&v=1220.PROD&to=NVVXNhYAWhJWBhVfCwwfcxcKAkAIWAtOQA0PVVpMBw5aFUUKDVoBEEMbDwUIWj5UCg9CFg1cWQcWW3kAXgspVwoGXFAQSgZRFQ%3D%3D&rst=1522&ck=0&s=d500f9abfa927cec&ref=https://player.vimeo.com/video/778141303
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/778141303?h=c7d1ad646d&loop=1&background=1&quality=720p&app_id=122963
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 23 Dec 2022 05:03:56 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://player.vimeo.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 77de8dbc296c1927-EWR
Content-Length: 24

POST
H3 200 partial
player-telemetry.vimeo.com/player-events/log/ Frame D45E 0
12 B 40ms
39ms Ping
text/html 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/partial
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:56 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame D45E 0
11 B 40ms
39ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=f512dcc269d9a490b41c4f1cc353b320b8ea5a6b1671771835
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:56 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 partial
player-telemetry.vimeo.com/player-events/log/ Frame 7FF5 0
12 B 40ms
40ms Ping
text/html 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/partial
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:56 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame 7FF5 0
11 B 40ms
40ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=0df0dd5520ae0f7cee202563cdd71a72bc846d771671771835
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:56 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 web-widget-chat-incoming-message-notification-81a3de7.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame FC44 208 B
637 B 34ms
34ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-81a3de7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:03:57 GMT
x-amz-version-id: yTfJjWtrph2znqvc1oRNTQcv23jcfwLc
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: MPRBPANHDBB2XS4K
age: 611930
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ySNnRZc5BhOaPIpGXh2NvWO55CDcspug1vGofYpOe7cPWxDDzj+7KaTGT2N4Z4XE84FS2cvIdDU=
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
server: cloudflare
etag: W/"659635f5ad1b6653645380f46aa42236"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UREcVEzT0Z2HcKLBX%2Bsv4VYkQxBfgL3WWemkPphJelSkttaLDJzXEuPOWi7u4g3sO3svp1Yc6CtOfr0m9RxbrCg4kB11GaQIETTv%2BpykA%2F%2FTL%2BD%2BHyFgp0TUYHku7pHPlNztjoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 77de8dbe6a45e738-EWR
expires: Thu, 14 Dec 2023 15:44:36 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/classic/ Frame FC44 19 KB
20 KB 32ms
31ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 23 Dec 2022 05:03:57 GMT
x-amz-version-id: Iir_B594CFoW4u6103KDJi0Kyc2OsaOz
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 6ZKK16Y2CH6F5RT2
age: 12951966
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: aSn/9NaDurfKjlOQZ1b1GAPJbsJr8soPCaxAB0RWHPISQRWO+34a1Pmohb8zDyRwvhu1nUZc+VQ=
last-modified: Tue, 26 Jul 2022 03:57:47 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FfCH2EsS2iv%2BxNGbEqUVloOFIPI6%2FcNktaL8QQbp8iUyU7L8fIfOFN3gfuMWnLhqxaUHhTBVKp6OKNbRyIop3HffFqz3lJOOuv6RM2j7xd9oPk2L4ItnAsp%2FyZA5lIGCdpf2To%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 77de8dbeaa68e738-EWR
expires: Wed, 26 Jul 2023 03:57:46 GMT

POST
H3 200 partial
player-telemetry.vimeo.com/player-events/log/ Frame 7FF5 0
12 B 47ms
47ms Ping
text/html 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/partial
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:59 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame 7FF5 0
11 B 50ms
50ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=0df0dd5520ae0f7cee202563cdd71a72bc846d771671771835
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:03:59 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 partial
player-telemetry.vimeo.com/player-events/log/ Frame D45E 0
12 B 51ms
50ms Ping
text/html 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/partial
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:04:00 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame D45E 0
11 B 47ms
46ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=f512dcc269d9a490b41c4f1cc353b320b8ea5a6b1671771835
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:04:00 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 partial
player-telemetry.vimeo.com/player-events/log/ Frame 7FF5 0
12 B 41ms
40ms Ping
text/html 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/partial
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:04:03 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame 7FF5 0
11 B 41ms
40ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=0df0dd5520ae0f7cee202563cdd71a72bc846d771671771835
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:04:03 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 partial
player-telemetry.vimeo.com/player-events/log/ Frame D45E 0
12 B 41ms
41ms Ping
text/html 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/partial
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:04:03 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame D45E 0
11 B 40ms
40ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=f512dcc269d9a490b41c4f1cc353b320b8ea5a6b1671771835
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Dec 2022 05:04:03 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

250 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

126 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 08:24:18	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
www.herocosmetics.us/	1970-01-20 17:08:27	Name: secure_customer_sig Value:
www.herocosmetics.us/	1970-01-20 17:08:27	Name: localization Value: US
www.herocosmetics.us/	1970-01-20 08:43:01	Name: cart_currency Value: USD
.herocosmetics.us/	1970-01-20 08:43:01	Name: _orig_referrer Value:
.herocosmetics.us/	1970-01-20 08:43:01	Name: _landing_page Value: %2F
.herocosmetics.us/	1970-01-20 17:08:27	Name: _y Value: 6ab22657-eb88-4a73-842b-97bafe37a04e
.herocosmetics.us/	1970-01-20 08:22:53	Name: _s Value: 06f679f2-415e-439b-8b8d-4dc6c4429df6
.herocosmetics.us/	1970-01-20 17:08:27	Name: _shopify_y Value: 6ab22657-eb88-4a73-842b-97bafe37a04e
.herocosmetics.us/	1970-01-20 08:22:53	Name: _shopify_s Value: 06f679f2-415e-439b-8b8d-4dc6c4429df6
.herocosmetics.us/	1970-01-20 08:22:53	Name: _shopify_sa_t Value: 2022-12-23T05%3A03%3A53.645Z
.herocosmetics.us/	1970-01-20 08:22:53	Name: _shopify_sa_p Value:
.herocosmetics.us/	1970-01-20 10:32:27	Name: _gcl_au Value: 1.1.1619580107.1671771834
.tiktok.com/	1970-01-20 17:44:27	Name: _ttp Value: 2JIi7vTPqJbulSqLTkw0ZvO6tnh
.herocosmetics.us/	1970-01-20 08:24:18	Name: _gid Value: GA1.2.1935258582.1671771834
.herocosmetics.us/	1970-01-20 08:22:51	Name: _gat_UA-102753205-1 Value: 1
www.herocosmetics.us/	1970-01-20 17:58:51	Name: tpc_a Value: 65cf4b90a7ad4736bff6f985a57208a9.1671771834._ou.1671771834
www.herocosmetics.us/	1970-01-20 17:58:51	Name: __attentive_id Value: 3b1504b0d2d14dfaa0bbb21d382f8d39
www.herocosmetics.us/	1970-01-20 17:58:51	Name: _attn_ Value: eyJ1Ijoie1wiY29cIjoxNjcxNzcxODM0Mjk4LFwidW9cIjoxNjcxNzcxODM0Mjk4LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjNiMTUwNGIwZDJkMTRkZmFhMGJiYjIxZDM4MmY4ZDM5XCJ9In0=
www.herocosmetics.us/	1970-01-20 17:58:51	Name: __attentive_cco Value: 1671771834300
www.herocosmetics.us/	1970-01-20 08:22:55	Name: shopify_pay_redirect Value: pending
www.herocosmetics.us/	1970-01-20 17:58:51	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2NzE3NzE4MzQsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3Lmhlcm9jb3NtZXRpY3MudXMvIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNjcxNzcxODM0LCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL3d3dy5oZXJvY29zbWV0aWNzLnVzLyJ9fQ==
.attentivemobile.com/	1970-01-20 17:58:51	Name: tpc_c__ou Value: 44fe3dc9-b469-4eb4-8e14-b4ba67a2960e.1671771834._ou.1671771834
.attentivemobile.com/	1970-01-20 17:58:51	Name: tpc_b__ou Value: 05b61b5e-1050-4942-962b-76c41cf0d2ec.1671771834._ou.1671771834
www.herocosmetics.us/	1970-01-20 08:22:53	Name: __attentive_pv Value: 1
www.herocosmetics.us/	1970-01-20 08:22:53	Name: __attentive_ss_referrer Value: ORGANIC
.herocosmetics.us/	1969-12-31 23:59:59	Name: _schn Value: _ppbzyd
.herocosmetics.us/	1970-01-20 17:52:38	Name: _scid Value: 25426b5a-414d-45d4-ba5b-9c11ec72d6c2
www.herocosmetics.us/	1970-01-20 08:24:18	Name: __attentive_dv Value: 1
.herocosmetics.us/	1970-01-20 17:58:51	Name: _ga_D939QWJC76 Value: GS1.1.1671771834.1.0.1671771834.0.0.0
.herocosmetics.us/	1970-01-20 17:58:51	Name: _ga Value: GA1.1.368312288.1671771834
.herocosmetics.us/	1970-01-20 10:32:27	Name: _fbp Value: fb.1.1671771834706.692153022
.snapchat.com/	1970-01-20 17:44:27	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GuRHAMAgEwIqY4RDWgbsxeqpQ8Uq90drkSt1DntVTfMaW+rLEm5kmYxTiwPVFJ0hE8/OrXkZzNahAAAAA
.tapad.com/	1970-01-20 09:49:15	Name: TapAd_TS Value: 1671771834828
.tapad.com/	1970-01-20 09:49:15	Name: TapAd_DID Value: af627b69-7ed3-48a8-9e69-ea95ba2d104e
.tapad.com/	1970-01-20 09:49:15	Name: TapAd_3WAY_SYNCS Value:
.herocosmetics.us/	1970-01-20 17:52:38	Name: _sctr Value: 1\|1671753600000
www.herocosmetics.us/	1970-01-20 17:58:51	Name: userCountry Value: United%20States
www.herocosmetics.us/	1970-01-20 17:58:51	Name: userState Value: New%20York
.bing.com/	1970-01-20 17:44:27	Name: MUID Value: 3DA10FE3C588639C3CA71D60C40262D8
.bat.bing.com/	1970-01-20 08:32:56	Name: MR Value: 0
.amazon-adsystem.com/	1970-01-20 12:56:27	Name: ad-id Value: Ax_B6pp7tU_fmTxeMOHOc7Y
.amazon-adsystem.com/	1970-01-20 17:58:51	Name: ad-privacy Value: 0
.herocosmetics.us/	1970-01-20 08:24:18	Name: _uetsid Value: 33651600827f11ed990f6b919bb1cfbb
.herocosmetics.us/	1970-01-20 17:44:27	Name: _uetvid Value: 336539a0827f11edb12c09037220e3fd
www.herocosmetics.us/	1970-01-20 17:58:51	Name: _sp_id.4add Value: cd918fb977868fa8.1671771835.1.1671771835.1671771835
www.herocosmetics.us/	1970-01-20 08:22:53	Name: _sp_ses.4add Value: *
.herocosmetics.us/	1970-01-20 10:32:27	Name: _rdt_uuid Value: 1671771835349.25c8e984-abeb-4da5-bc43-9c0b5f41933e
mpsnare.iesnare.com/	1970-01-20 17:08:27	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: 4JQ9LvCNxyzG6ZMgF6ZUEDIS35rvZgs/Lnm7j0K5wLA=
.vimeo.com/	1970-01-20 08:22:53	Name: __cf_bm Value: mwo5Doi83w6SFBzWn2j_Ik1XzFzuF_dS3apH.TNsIC0-1671771835-0-AdEmfdrHtxwPj/SF7BPU/OaXEJH4fgptw4TV4so+kQxpT5DmdIo74NSiglcABp/Q1YHNTKyoBt2sseUNW7SZp+w=
.yotpo.com/	1970-01-20 17:08:27	Name: pixel Value: 61ca17cf-14ed-4345-6de5-d1ce05802e62
.t.co/	1970-01-20 17:58:51	Name: muc_ads Value: 551fa0b3-a89f-4905-bf1d-b6800a680383
www.herocosmetics.us/	1969-12-31 23:59:59	Name: locale_bar_accepted Value: 1
.twitter.com/	1970-01-20 17:58:51	Name: guest_id_marketing Value: v1%3A167177183548537482
.twitter.com/	1970-01-20 17:58:51	Name: guest_id_ads Value: v1%3A167177183548537482
.twitter.com/	1970-01-20 17:58:51	Name: personalization_id Value: "v1_U3wueNFwLbM0uS++z4ovMg=="
.twitter.com/	1970-01-20 17:58:51	Name: guest_id Value: v1%3A167177183548537482
.adnxs.com/	1970-01-20 10:32:27	Name: uuid2 Value: 2004515635888230825
.smartadserver.com/	1970-01-20 17:53:06	Name: pid Value: 1891964632233644020
.smartadserver.com/	1970-01-20 17:53:06	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 17:08:27	Name: csync Value: 144:3q9jPvjuRZupMLac9HsHUA
.adnxs.com/	1970-01-20 10:32:27	Name: anj Value: dTM7k!M4/YF7/.XF']wIg2In?k$m<a!]tbPl1M]o$IyEVUcGuSUY26BOn@j6I1mDs:`:5*?Pmtad!a`4p0DU7#BI7y)N[UD!!+:?)dm^1
.casalemedia.com/	1970-01-20 17:08:27	Name: CMID Value: Y6U2u0VljaDkGkXFCVs79AAA
.casalemedia.com/	1970-01-20 10:32:27	Name: CMPS Value: 463
.casalemedia.com/	1970-01-20 10:32:27	Name: CMPRO Value: 463
.tremorhub.com/	1970-01-20 17:08:48	Name: tvid Value: d2b15b536c78469d8f8a178169dc3c98
.tremorhub.com/	1970-01-20 17:58:51	Name: tv_UIAM Value: 48d1f33abfab411faaba0f469ae63639
.yahoo.com/	1970-01-20 17:08:49	Name: A3 Value: d=AQABBLs2pWMCELSUdx0LzVWUf1vyhRhorkUFEgEBAQGIpmOvYwAAAAAA_eMAAA&S=AQAAArHtlqUzgaRkLuQpOC8GSKw
.bidswitch.net/	1970-01-20 17:08:27	Name: tuuid Value: d0f92f95-b466-4a1e-ad0a-6f6fd13622f2
.bidswitch.net/	1970-01-20 17:08:27	Name: c Value: 1671771835
.bidswitch.net/	1970-01-20 17:08:27	Name: tuuid_lu Value: 1671771835
.myvisualiq.net/	1970-01-20 17:58:51	Name: tuuid Value: 3935ba36-0ad2-4c42-a044-50f3b6cb2cdc
.myvisualiq.net/	1970-01-20 17:58:51	Name: c Value: 1671771835
.myvisualiq.net/	1970-01-20 17:58:51	Name: tuuid_lu Value: 1671771835
.analytics.yahoo.com/	1970-01-20 17:08:27	Name: IDSYNC Value: 195g~2905
.ads.stickyadstv.com/	1970-01-20 09:06:03	Name: UID Value: 96b5424e2b9784fdaf7168b8763c68c
.360yield.com/	1970-01-20 10:32:27	Name: tuuid Value: b3c6c111-39c8-4260-aa35-f0c5843e747e
.360yield.com/	1970-01-20 10:32:27	Name: tuuid_lu Value: 1671771835
www.herocosmetics.us/	1970-01-20 08:22:53	Name: keep_alive Value: 708e219c-bae3-49ff-ac1f-254f9a09bfa0
.krxd.net/	1970-01-20 12:42:03	Name: _kuid_ Value: PRjoKku9
.agkn.com/	1970-01-20 17:08:27	Name: ab Value: 0001%3AAdX6d0zsA9cE0%2F1QOoHhM8Z7Q81l%2BymH
.ads.stickyadstv.com/	1970-01-20 08:43:01	Name: uid-bp-30833 Value: O_2AZfz3SDqNIQt3AGM7SA
ads.samba.tv/	1970-01-20 17:53:06	Name: sambapxid Value: 107c9112aab57bdc8
.herocosmetics.us/	1970-01-20 17:08:27	Name: _hjSessionUser_1133465 Value: eyJpZCI6IjRiMGE3NTM4LWM4NDgtNWNhMS1hM2I4LThhOTIxYjhjNmQxMyIsImNyZWF0ZWQiOjE2NzE3NzE4MzU3NDIsImV4aXN0aW5nIjpmYWxzZX0=
.herocosmetics.us/	1970-01-20 08:22:53	Name: _hjFirstSeen Value: 1
www.herocosmetics.us/	1970-01-20 08:22:51	Name: _hjIncludedInSessionSample Value: 0
.herocosmetics.us/	1970-01-20 08:22:53	Name: _hjSession_1133465 Value: eyJpZCI6IjQ5ZDI3OTY2LWJjYmYtNDU0Yy05MTczLTk5YzA0YjdiMzAyOSIsImNyZWF0ZWQiOjE2NzE3NzE4MzYxMzMsImluU2FtcGxlIjpmYWxzZX0=
www.herocosmetics.us/	1970-01-20 08:22:51	Name: _hjIncludedInPageviewSample Value: 1
.herocosmetics.us/	1970-01-20 08:22:53	Name: _hjAbsoluteSessionInProgress Value: 1
.bluekai.com/	1970-01-20 12:44:56	Name: bku Value: b/X99nytoVm3Ysxl
.bluekai.com/	1970-01-20 12:44:56	Name: bkpa Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
.rubiconproject.com/	1970-01-20 17:08:27	Name: khaos Value: LC01SCFI-5-GWHD
.mookie1.com/	1970-01-20 17:51:39	Name: id Value: 10594295916759214759
.mookie1.com/	1970-01-20 17:51:39	Name: mdata Value: 1\|10594295916759214759\|1671771836162
.mookie1.com/	1970-01-20 17:51:39	Name: ov Value: cced229f566bca901dfd79fe330af972
.360yield.com/	1970-01-20 10:32:27	Name: um Value: !416,3trTqIveCnNLQsDm7PtdVLh-,1679547836
.360yield.com/	1970-01-20 10:32:27	Name: umeh Value: !416,0,1733979836,-1
.demdex.net/	1970-01-20 12:42:03	Name: demdex Value: 64697283372261215462389917746097905163
.herocosmetics.us/	1970-01-20 17:08:27	Name: _pin_unauth Value: dWlkPVpqVmtPREF4WmpBdE5EazRNaTAwTURGakxXRmpNR0V0WXpBMFl6VmxObUZtTVdZeQ
.surveywall-api.survata.com/	1970-01-20 12:44:56	Name: svResp Value: 017ba42a-7510-b8c2-8396-378b2f7cd326
.vimeo.com/	1970-01-20 17:58:51	Name: vuid Value: pl681195699.904985080
.adform.net/	1970-01-20 09:07:30	Name: C Value: 1
.dpm.demdex.net/	1970-01-20 12:42:03	Name: dpm Value: 64697283372261215462389917746097905163
.spotxchange.com/	1970-01-20 09:03:11	Name: audience Value: 34118719-827f-11ed-88d2-1d4240210503
.adform.net/	1970-01-20 09:49:15	Name: uid Value: 7940862722696618759
.doubleclick.net/	1970-01-20 17:58:51	Name: IDE Value: AHWqTUmonyLN_XUiaT4emnOF611wkVwQGFcI4MfYISBaCOe10njV-SNFsag_qh4Rf-I
.scorecardresearch.com/	1970-01-20 17:58:51	Name: UID Value: 164c3e54529f85b6790148a1671771836
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1671771836_1
.serving-sys.com/	1970-01-20 10:32:27	Name: u2 Value: 0d67893a-44ef-43ff-935a-18934e7093284Kl090
.openx.net/	1970-01-20 17:08:27	Name: i Value: 3c2e48ca-c12b-47a1-8eae-efd9bdfc3afe\|1671771836
.casalemedia.com/	1970-01-20 10:32:27	Name: CMTS Value: 528
.3lift.com/	1970-01-20 10:32:27	Name: tluid Value: 2617774207662029373696
.ct.pinterest.com/	1970-01-20 17:08:27	Name: _pinterest_ct_ua Value: "TWc9PSZRYVFzMU1MTmVKWE9tSUhUdXJDU3pUSCtmSnBUZTBFaldRaHZudHFCb1UxZE5EbG90YnViY0kzdFd4VTNwSWhGdXN0dTQwOG02ZFU0VEJhcVZaWjBVRXNDRXEzVTJKdk9jVXJ5UmNrTE5Kcz0mTW5wWmIyakozMFQwR0pSU1BXaXp1U09JcHRNPQ=="
.semasio.net/	1970-01-20 17:08:27	Name: SEUNCY Value: E3A2BACFEBD50498
.pubmatic.com/	1970-01-20 10:32:27	Name: KRTBCOOKIE_290 Value: 23261-Q6UT3GKFQ8ivQeIMbqTVjQ&KRTB&23219-Q6UT3GKFQ8ivQeIMbqTVjQ
.pubmatic.com/	1970-01-20 09:06:03	Name: PugT Value: 1671771836
.rubiconproject.com/	1970-01-20 17:08:27	Name: audit Value: 1\|KC0BZKdsnq7AhU02+V4bx1YFKvj5yMZJ1wthvTQdl+l+xL8LlrcUaJU+ilUv1Sz5lGhY+ZoyVjXyUhTWCqUS/K1sEWZomT4FxD6eoMVMhhEnpPdYieHDLlfr9fSTW31sKQ+sTPbh7XWBq1u0XziNGcQosMH4rx7EAVZMf7k9zyXynhDmszAPOA==
.ispot.tv/	1970-01-20 17:58:51	Name: pt Value: v2:84e40dae83df162ab0c2fe0c48722456dd2e245f9fb00b7c96ec3ce79519e5df\|8f55bfd60f91427c7243fc1bf7e0cb6f69d021828aed9d75f560c3d2cf2db29d
.exelator.com/	1970-01-20 11:15:39	Name: EE Value: "b02b257b812da39e2b95b5bc0a1965e8"
widget-mediator.zopim.com/	1970-01-20 08:32:56	Name: AWSALBCORS Value: 1wJCMBrl0tkeB5pXY5pVOQZcAvfI395xJJUtJTPKBr/A+2vM8jnHYgo1Lfpu/Auvrsj8LIz1CjvFqODgyP7DpheBFDsmcrLxvOZksr12Xishmcuihw88zLfcU/Se
.pubmatic.com/	1970-01-20 08:24:18	Name: KTPCACOOKIE Value: YES
.taboola.com/	1970-01-20 17:08:27	Name: t_gid Value: 20a97569-4263-40b5-9a37-2638b36565c3-tucta9ebc3c
.exelator.com/	1970-01-20 11:15:39	Name: ud Value: "eJxrXxzq6XKLQSHJwCjJyNQ8ycLQKCXR2DLVKMnSNMk0Kdkg0dDSzDTVYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAYkl%252BUWb6otDgxUUpaQyLSopPBR%252Batx4AoL0qvA%253D%253D"
.pubmatic.com/	1970-01-20 17:08:27	Name: KADUSERCOOKIE Value: 5D9951D6-56ED-440D-9FFC-75B5B5105522
.ninthdecimal.com/	1970-01-20 12:42:03	Name: ndat Value: LU+N+GOlNrwkKBaJovnWAg==
.herocosmetics.us/	1970-01-20 17:08:27	Name: __zlcmid Value: 1DZlTFNZkHIObuG

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.shopify.com/s/files/1/2181/4481/t/107/assets/vendorVimeo.js?v=156771078060041912431666632339 Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

117vod-adaptive.akamaized.net
aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
alb.reddit.com
amazon.partners.tremorhub.com
analytics.tiktok.com
analytics.twitter.com
app.backinstock.org
bam.nr-data.net
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdn-loyalty.yotpo.com
cdn-swell-assets.yotpo.com
cdn.attn.tv
cdn.shopify.com
cdnjs.cloudflare.com
cld.accentuate.io
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
creatives.attn.tv
ct.pinterest.com
d275fvz7g8rvo.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
ekr.zdassets.com
events.attentivemobile.com
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
geolocation-recommendations.shopifyapps.com
googleads.g.doubleclick.net
hero.attn.tv
herocosmetics.zendesk.com
i.vimeocdn.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
in.hotjar.com
js-agent.newrelic.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
loyalty.yotpo.com
match.360yield.com
maxcdn.bootstrapcdn.com
monorail-edge.shopifysvc.com
mpsnare.iesnare.com
odr.mookie1.com
p.yotpo.com
pc-quiz.s3.us-east-2.amazonaws.com
pi.ispot.tv
pixel.rubiconproject.com
pixel.streetmetrics.io
pixel.tapad.com
player-telemetry.vimeo.com
player.vimeo.com
pro.ip-api.com
public-prod-dspcookiematching.dmxleo.com
px.surveywall-api.survata.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.pinimg.com
sb.scorecardresearch.com
sc-static.net
script.hotjar.com
shop.app
shopify-gtm-suite.getelevar.com
ssapi.herocosmetics.us
ssum-sec.casalemedia.com
static-tracking.klaviyo.com
static.ads-twitter.com
static.hotjar.com
static.klaviyo.com
static.myshlf.us
static.zdassets.com
staticw2.yotpo.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.taboola.com
t.co
t.myvisualiq.net
tags.bluekai.com
token.rubiconproject.com
tr.snapchat.com
uipglob.semasio.net
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
vars.hotjar.com
vc.hotjar.io
vimeo.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.herocosmetics.us
www.imdb.com
www.redditstatic.com
x.bidswitch.net
104.126.112.185
104.16.51.111
104.18.33.19
104.18.37.231
104.18.70.113
104.244.42.3
104.244.42.5
107.178.246.49
108.138.106.101
108.138.113.246
108.138.128.36
13.225.214.84
13.33.60.9
13.35.93.21
13.35.97.222
141.226.224.48
142.250.81.226
146.75.36.157
146.75.38.109
151.101.0.84
151.101.130.133
151.101.193.140
151.101.2.132
151.101.2.133
151.101.66.137
162.159.128.61
162.247.241.14
162.248.18.37
172.64.144.208
18.164.96.54
18.164.96.87
185.146.173.20
185.146.173.22
185.167.164.43
192.229.163.223
192.35.249.137
192.40.39.223
198.54.201.131
199.187.193.166
2001:4860:4802:32::15
23.227.38.33
23.227.38.74
23.44.237.147
2600:1400:9000:281::1d72
2600:1400:9000:28c::1931
2600:1400:9000:2ab::1d72
2600:1402:b800:43::1730:a297
2600:1f18:612b:4200:4221:38a7:d65:6c93
2600:9000:2120:ba00:1c:9484:cec0:93a1
2600:9000:21dd:600:1:d5ae:c900:21
2600:9000:2209:3800:f:8ce2:fb80:93a1
2600:9000:24f1:d200:a:78b:4e00:93a1
2606:4700:20::681a:44f
2606:4700:3031::ac43:aad3
2606:4700::6810:7aaf
2606:4700::6811:180e
2606:4700::6812:acf
2606:4700:e4::ac40:a41c
2607:f8b0:4004:c1d::9b
2607:f8b0:4006:809::2003
2607:f8b0:4006:809::2008
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81f::200e
2607:f8b0:4006:821::2002
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::396
3.14.240.28
3.210.215.82
3.222.151.93
34.120.202.204
34.120.58.162
34.195.206.195
35.190.43.134
35.190.90.30
35.211.178.172
35.244.159.8
35.71.139.29
38.91.101.241
45.79.141.248
50.16.197.56
50.57.31.206
52.206.189.9
52.219.108.202
52.23.75.135
52.3.115.198
52.45.90.70
52.46.155.104
52.49.37.246
52.6.11.66
52.6.137.170
52.7.71.60
54.144.126.234
54.175.87.114
54.86.6.241
63.251.28.233
68.67.179.153
69.173.151.100
76.13.32.147
8.28.7.81
007db74b35d79af0c9c5836a7b99e2b4dbe06e0865b63ed52bade68f3631a36c
02659dd33e785df391bbfd666c8a56e059c732be4de8da85d4ede70f863cfa1e
05dbba4c0da4390d07c99b71827d1b4fb3cc56c2735beaabf56c68407426c485
0620daeb5b45d7a66c3f8f6944453a804e8d37c47a3f7885689ed47ec26716b8
090137bf276a53c9b505a3f6358743a026f9ab1d806f6731eebdc2a8ef7d07dc
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e9c0d3f62edff921ee689cd45a66a5a51046add332cceebab89e2043a051dc7
107dad5add93781ddf6c4562cc6da3dbe5b406bab97930e43df6d6c17a99af26
12a830366ed648c938e9fd2984bfa14cdd221731a1c7569015818da8ade2ae1b
13fa0eded544054d76bd240d9976e4b9f797d086b1d36ce2d4913b4599403533
15be3b31a001f8b2911a1ffebdce6a5ac1fb2f7566b8c6e339c91803d1a462de
1742fab3a7f1a5f6b12082ec95ddd6e20a8af6d458257d724f9a8fb0721e71ef
19a2d65e5727a1fb5fcea0f40c1eec98f74356d3714bb28e11a74ff340158db1
1b2228717a55ab50b08f170843e171de6a64e87f2967804c9835b3e8b57a683a
1b672e7932ba30dc918fc8ff58dbc3ffa85b6f47e6dfc18dfb6c3ad8596e0111
1c1f834752683967bf996e815982a89f13ea9612fa18a72f4971644be1258148
1c7bccf7eba6d01aeec0a319f81fd378e6c6c082c3259bb5738a2a3d232a67a2
1ce6e86840c74dfbbdf33ece19eedb2ca3e0947b961a218c2380eb66e494e16a
1cfd1950da0b54c601f7a23243f9f64becbd36512e64a630a631580c100faab1
217a6c6c8470831abbd71e72221d471f4bdc16787537a206d2fb69fa43a60238
218d1d3dc7c9a5f392d9a4300ad39d5528f90f94519c5b4c88db24acb5c6be16
2203ad746c9ae8e816696b751be9cff0bdc0528270c193451179296718d2ebbb
24b010578031707aaa171e8d3e14700e156a5d1b2b4050338ac87d10cb57f161
261cc90415a3077eda2f7c769513467ad7d241fa26445bf4ffec0a14edcf1d4d
26a96740435268f27419c8831431e343526f3a9fc8529cbccecdc4d70867a88d
294b3f1aed26331f3530030be1579f1c091ffe39d906e40f26c446ab87c95d74
2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc
2d3a8d1a0728be4c411660905ca0410408ca9a571a05c22197db1a5341e3f5c9
2de04e74be9f4c55ad74db6b7011403222cb5796ae7b13be926f217996ed923f
2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5
2fbefaa011d86dd14671cad611414a3487f160d359f3e06e81667ddc4107468a
2ffdbe205607bc7c9933451f3db69240fc6a245954e39344dd1c234344085f7d
321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3
32859cb3c34c68d8f442b8b0828a9665e80fc432b41c0369fa882524a8678b81
352b2312aebadef8fd521199c44bdf6568bbb67b1a2aecd75073ad866a86ad09
35dd22adbb3af4edd1afc7ed231e640d1faac89acef89070cb15eb34555af4b8
36bcb881c9c03cb50d39304ccd43ad6a9cff58c89110b43bf1024c97eb1b3a51
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
394a48122c06d6b13a913f0e342af673a4afa87f1401742ee8f37dc32e1840b5
3b836315f8c000bc3d36b72fd1083a3a58490875b7b6eed7b9ed13b8de62e474
3ba2d27af252ea2bf1e57aaad94e153cf9e6453f3c7a7d1a7ab86f3be084225c
3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
3fa4fd1e31aabb8a3ff5f8bbaae61c86fcb33566abfc08a3b9ff473eaff624d2
42521eee84c607d6f0a3d0817f0de7306f62ddac61051fef2ae329e515f64269
456ff879850dd3299636996a2a2ecc5ca88fd35f9fdb66e2c67a33acf0cf8db8
47ef2b0bcd09de3fc05c42be893f722320098be067ddbd88d13faa161aaa3f4b
4873b20f1a4561114f55aa1114e0bb530bd87e12054a8159446b4aff75c48c2b
4a201b919964032a52a3d2c3365bd5cafdc2acf12ed71cd2f9905627ad105fc9
4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4c718e6c04604e704e210624d400222cd989eb140a8b7ff479ced4f7c116e96e
501294284b0917449730c3743be6e3610c15b15904d7e502e8d1523a83d6aafb
53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407
53f4c02f21db0ad2365a255e5e5cf548eefbe07257e393925e2ce38ea98870fd
54de354b4d7d3eb9116966f4021f8e554ee71beb5885e2626ef5f743ce49103d
556ab4c31631686b7f6f5d716452b07212dea63ed810010d1873b91f4478c683
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
55f20b9eda8fe8f548f84fdb1d55305871822fd4c047e431894513d79bd351b0
5608047afe3c4bf276602d5ab431d87a7666a2cc224303bc22312a88d6492cf7
56fe4a56be0624df28272ea3b4bb13475e0f3c3dd903eea7e2fd4526148562b5
570c18a72f8c237ee28c78cc10ac99cece43c0b4a95aa2afd497dd70716dc5fc
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
5a3afc7c3abe6cb4d6614a6786d9e7ebc089773f745e09b7c9a6b6b4c880ec86
5a613d64a17940bb2f9d1dd791dfcd023826c9f931706687e511888c565cd44e
5a7e4377c879baab9e0752ba41ed65235a7011840c67365fee77cb2472180071
5be60fba752a3a95d3260b9eb4a0290c70462248eb4670a08976ceba15275d6f
5ce56c25f3aa19c9ebf212d2c8531ec73518a1e254ad2872d4211d2b644d9f9c
5d05d6e5b8847d394f0b26caba3c3c5317edcec55191be2e39ec87e415c0eb7d
5d41662cd08a983100413a965c9d774662e5def55f7f2e95f11f431bba372bf8
6098dc4573ef42b992dca9cd3d6d5d38f9f1d7242dea9d909822df2e4ee43bab
6214cb4793462282dfad0cc52df8cc01ca5527d5b79e5129720a246b49aa41dc
62c126f651081b19ce1c6c116d3fed3549e8a35dbb2746eb96f0c31f70d182a5
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f
67813c96ecbb4719d73ebf150a39525b76d1f3294692a6dc8cb558dc90aab1e6
6887a2286d88728e719a05b580184e0209b8cb5033976613d45a2f33f380a880
68cecf0433d28f8f5e1d6d73d38a379ae6cbe9f73eeb84f729dd41214eef9b8f
6903d61b1cc414c444950c4aab5ceb178c35269902df7acf00057c3317098083
6a2b7173f2572eea829671b659e661dfd12583a5e3a073907d6293d0b016ba13
6a3dbb230b9c333a39405f7dc4115a91bb3dcae67f68c76ac5c81451dc2f4ac2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aeaa1ba1cdb7f2e19db4f22b72abf3691ab99abc6a885eee4bf69a4f47b1fe5
6b0fb774cc026ebb0e1542583941a34fd3de8ea289f2374ecf997fc8ac7c543d
6b8bb99b61d936473e1d76cf79e1ed930c8b81efeb22ce67b90390399c4503d1
6c0f3d3e27a428a3f2b4a38459f68924fbf754692f6a1deea19ba8f2ae561d3d
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
71d7a40aa2044fa9a3f676862b422071a4039bfac7382830eb1ca388d2a3f5f6
720daece3d5f5791f06a8501a77de82dfe8e001f8483e54a252a2c0ed4546759
753d234d418eaf200a5f4469b47767d0a178fdb837d1b51c92ed361306bc1490
75bc20505396e02571fd32b6e984a8c74824205d9232bf6814f2cf542127a445
77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683
7898396661257844856834bdb796b82122541ea0c939c89748ce150f2c0953da
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086
7abc5bad60f3c1a3728640864ab085439d4c492e440bdd89b2d64d613aaf2160
7b3a311e463360814d373ee4ebd1f7ed7f2168953f50b409c5f0115d9bfe89e5
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5
81ebf0e633fdfe21f33576abf495d4b1f03849ce2ff33558825ee148b48c2242
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87028f382373efc07160d34277f4005b477463c8ffd34e1b58b6a809f79a2108
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
890ff9abd973d90cb6f5a277a24c329d1e19ceffa02e5d7df92943f0a1db0d30
8ce298e325c14e8fbfe8c7bf94be0b3c295e81d127634377bdc0b90002bec29b
8cf9835ab8da9dfe9a2eeb14c12a3a1344f9e3bb0fb90bbb343e49454de8892f
8d9c4f85111a1d10b4f86ffbd74c51382ea327c9992bc97c42ff9a078a60c904
8eecee666ee54c49c3fa83323e1f0fc76cf8cb28e94bca8f1a74c90b46309416
8efd3c7c2ad8a6b456c3fe4ef380ca8b33a4a4af49508c6743fc92485d08e261
9102e7d07194ef0d231630e5acb69d75f2e44f6c48610aa0f8330fbb6fa2794b
92c73725d5bc1aa420d784cb8f94e47a97d88d92fb9dd35c8f4b0d0ebc10226b
93ba06847719b70672f5a8ea597585ac95ab2bfe7037af7fe2ea76270608b559
94e4c3b6896b0a02d7f59fec061ad80600f4487a0003effb51ac476ab964f0de
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
99ebefc6d820d1a4fc5353bdf009f7973e2254581f7917e961480a03bf4fa6f0
9b2d0cbb68f699b93854f9ecfe945428a66c439340416ee9d7fb8ee465fc727a
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9d7de020df5cc1901472d9d6c231bcb3dc142dd25abeea072f05bd38271a0f43
9ebbd916b6c322597da4b1ac0ef4bbbf04d00339cfc619424a99f929b69e608e
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
a08cf9a6e9d7af50367a6c556789451a7ae78977710e77086f30a0def9c57f3a
a0b3bbc314d04833ccd1a9d2a7b3e54a7c4f241d809ce232912663cfd54b5989
a16c62fa23c3f16115e2035a04f744de1f9ba16d54f97d07f9e1faea16fab834
a54987ffb896d1bdc066c7728c46f5e1ddd1b6354f348bff1860492d1a904294
a5f1052ed1a8af5abd2f31dfef1a6c95288a6be319e39bfd7072f5f196d63612
a913b760ef4daa94e27bdb4e4d09659e53f3aaab195ff06ff0e36ed925d17e17
a96c0f3d85a2dfc2c0f7a85e0fec1ccf780b3cf516c3372190138dfd22dde6a9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b21f45c13e91f186b5b0173adecab7eb82201bfa47935403b708c9db983e4e8e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b79adf570b66bcd072b6f3ea35e760f7433030c083c686a08b6ba740f532098a
b7de8f79e37b950cc12cc9960f9d13d4cbbbd233f6a5cd8c1e182f99bd35dd09
b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56
bb05ae0e0694c65180efab5f7addef2c1366822df20d8c0eb3c56adbaf052c1e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc958d6f1601eb74eba413562eb663ce546e5e7ac885e4c88ed8323f597aa02f
bd905bde4488fc2ded1075d19eae6ce45f5c4873eba50635cf6aeff027bc10f4
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c0dd9e6f31221b8432522601d43794879960167232e35bfd035187e12fbbdb89
c0ec2654df2dec28cab9d72cfab24d859437b31f249b6b4bc59d9524ed50a700
c0f050b452d1484a6a46a113a2dba1f55bb95f73091283f5b247bffd7542b1eb
c14c7d89d2f50cfddff9e5ab56ce377d0ca5ff385e2a6a22809235253f6e6dc5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a8ad082795a668d32900e0feafa9885db37a9716d16dd10d06d29fcef32dec
c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab
c60446989f32efc1da025fa61ee19c870ccb20cf33684a3fe17461514046eee8
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
c7bd9f4f44a45e7e90dd2fb62151532fa50f02c78f9823f9fa83621894edda11
c90bb62be7e1cdd0e233d2f6efd83d8529047adf1b38cea538a77fe4e2454581
c92af1252d19c76635a97a62804d760e62efc45894210d93c123bbccb720c963
c9dbc93333dc1ae2f6750e491f8e37a1b7eadc52dea4e15bfe9c7b172634132d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cae4751396e573ac3ac5afdcf3d577a4c8c9d81bfd4bd4fb2429e5e9d65808db
cb84c769a7f5e25743407e69791a4f7c835ac5a23e0149a0fd27cc963e196524
cbc7fdef737e456fb26cf8878f90b563960a3878c7bca8a55c6f5d2dd71de80f
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d3ed6cb466bd654fe36c57faacb1c88ad4e2793087431d6ffc5366961a4c978f
d4c8707a21faede7e4474c7b3a23aeeafddd74d1a69cbcef62f005880b5eb856
d6aab443902639d1372e344c507374420a6d9e1a98c67fd6d429f1c95e997688
d85fdb38867dbfd85d49d3711045f03ba72cccfc3217003f911b34d18a05d580
d903a35a90276fed8d286f4de9f6ab44db076826cdb14a82d2e418aeb79b92ac
d947c6f0414a2b656f2bade5f8d4385e65eeb72217c471b58646f6aa2d6634ea
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dbe74252035fd1cda8b03e76098b49b0530e2e9470b004549f628b1e840e6694
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
dc131657068707ac57506e3053ea092a346e7364ec91bc922b4f78921e73a9e4
e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b
e10596cce5cac0968c665b820a7c3c8b9d46fc7cb41b90adf0a65d377199f36e
e10e0bc796486e3eb556f27262fd40ad9cd4b34541ba022b3a44ec8816d64210
e2f6f5e0956c629d78bd374f3a699c0ee1b7a892978fa73000220cf2a691cc6d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5be4cb6407605472802ae7cd3d9387d5ec3abcc26fe4cb59134ca23637226e1
e63b0b5797f443daa21f8a3b475838b1b70d06f11fff3c5ccb0b61d1920207e7
e64430d7f1d5cb609dacf1e69de8c7a1ea96ba2e8aaf7ae3fdb0066db19eff70
e6e590ad64ce2cc2ee480dce5e5bc057f240fdfbb29afdb74514b52bfb6d5578
e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f
ea70115253dafc506ef27124ed7109f01ee1b374193ac7dc5b9cee03eeb8aa97
eb23842e002864729d3e39cf25f636f55d6fce297c0154dd6b54d1f5b815d671
edfe95afa2d0d9c0c4720583ac6f59f3a6ac4d290ecc809f928bf7da208642b5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b07ff94fa1dd7db283dc3ff180a06f310670a4ed723bfd5152cedcba511df6
f1f76e602d084a84b969d3d0ec2ab7b05fa05202bdf9a32ee21f5a3597698c48
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f466c9faf6c5b75e2b13cd88f9dbb0822492943fdf00b16ebabcaddcad12c517
f5c0d8c6f0568e8560693747afafd5fe765d9e25f69ce330c67c148499ac1f13
f63b10627a44bea8b1f6cd036199803a0420bbfe49db576ff1eb9acf229e1dc2
f71564789d68c2b3642524ed261260f2b4b449d23f18d311af4f103bbaaf61c4
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd9c9a58705b4dadb00de42aaa52d48af175ce741227450df337af2fac0774a9
feec0f62dc8a5244e1423dbce90cbb7e1e67dacaa77bec775d916f28c4e327c9

www.herocosmetics.us Open in urlscan Pro 23.227.38.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

316 Requests

88 %HTTPS

26 %IPv6

84 Domains

108 Subdomains

67 IPs

6 Countries

6380 kBTransfer

15450 kBSize

126 Cookies

16 Outgoing links

Page URL History

Redirected requests

316 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.herocosmetics.us Open in urlscan Pro
23.227.38.74 Public Scan

Screenshot
Live screenshot

Full Image

316
Requests

88 %
HTTPS

26 %
IPv6

84
Domains

108
Subdomains

67
IPs

6
Countries

6380 kB
Transfer

15450 kB
Size

126
Cookies

316 HTTP transactions
0 data transactions