urlscan.io logo urlscan.io
SecurityTrails logo

shop.derosehealth.com Open in urlscan Pro
69.172.200.220  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.hairserum-best2.shoptattoostuff.store/
Effective URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Submission: On June 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 40 HTTP transactions. The main IP is 69.172.200.220, located in Canada and belongs to DOSARREST, US. The main domain is shop.derosehealth.com.
TLS certificate: Issued by R3 on April 22nd 2024. Valid for: 3 months.
This is the only time shop.derosehealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2a03:6f00:6:1... 9123 (TIMEWEB-AS)
1 52.5.82.174 14618 (AMAZON-AES)
1 1 45.55.43.217 14061 (DIGITALOC...)
19 69.172.200.220 19324 (DOSARREST)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 172.66.43.115 13335 (CLOUDFLAR...)
1 2606:4700:310... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.66.40.141 13335 (CLOUDFLAR...)
40 8
11    2a03:6f00:6:1::517:321b (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
www.hairserum-best2.shoptattoostuff.store
1    52.5.82.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-82-174.compute-1.amazonaws.com
pintrast-api-ec650877f49a.herokuapp.com
1    45.55.43.217 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
us.metacpa.net
19    69.172.200.220 (Canada)

ASN19324 (DOSARREST, US)
shop.derosehealth.com
2    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    172.66.43.115 (United States)

ASN13335 (CLOUDFLARENET, US)
display.buygoods.com
www.buygoods.com
buygoods.com
1    2606:4700:3108::ac42:2b73 (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.buygoods.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    172.66.40.141 (United States)

ASN13335 (CLOUDFLARENET, US)
buygoods.com
Apex Domain
Subdomains		 Transfer
19 derosehealth.com
shop.derosehealth.com
265 KB
11 shoptattoostuff.store
www.hairserum-best2.shoptattoostuff.store
1 MB
5 buygoods.com
display.buygoods.com — Cisco Umbrella Rank: 736403
tracking.buygoods.com — Cisco Umbrella Rank: 368151
www.buygoods.com — Cisco Umbrella Rank: 874618
buygoods.com — Cisco Umbrella Rank: 297037
9 KB
3 gstatic.com
fonts.gstatic.com
82 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
2 KB
1 metacpa.net
us.metacpa.net
326 B
1 herokuapp.com
pintrast-api-ec650877f49a.herokuapp.com
748 B
40 7
Domain Requested by
19 shop.derosehealth.com www.hairserum-best2.shoptattoostuff.store
shop.derosehealth.com
11 www.hairserum-best2.shoptattoostuff.store www.hairserum-best2.shoptattoostuff.store
3 fonts.gstatic.com fonts.googleapis.com
2 buygoods.com shop.derosehealth.com
2 fonts.googleapis.com shop.derosehealth.com
1 www.buygoods.com 1 redirects
1 tracking.buygoods.com shop.derosehealth.com
1 display.buygoods.com shop.derosehealth.com
1 us.metacpa.net 1 redirects
1 pintrast-api-ec650877f49a.herokuapp.com www.hairserum-best2.shoptattoostuff.store
40 10

This site contains links to these domains. Also see Links.

Domain
buygoods.com
Subject Issuer Validity Valid
hairserum-best2.shoptattoostuff.store
R11		 2024-06-16 -
2024-09-14		 3 months crt.sh
*.herokuapp.com
Amazon RSA 2048 M02		 2024-03-02 -
2025-03-31		 a year crt.sh
cbs.earthechoislandbliss.com
R3		 2024-04-22 -
2024-07-21		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
buygoods.com
GTS CA 1P5		 2024-04-29 -
2024-07-28		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Frame ID: 4B325B4C2D48CF0957987D4027495740
Requests: 39 HTTP requests in this frame

Frame: https://buygoods.com/affiliates/go/conversion/iframe/bg?a=6639&t=18ecb169115fc33fdfcd4c7574ab6fc5&s=sessid20240619141848560
Frame ID: 1304363B65EFA13F36DC8F154AE9D7C4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DTC - Revitalze BuyGoods

Page URL History Show full URLs

  1. https://www.hairserum-best2.shoptattoostuff.store/ Page URL
  2. https://us.metacpa.net/vj99d95zkx/sub1/sub2/sub3/sub4/sub5 HTTP 302
    https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Checkout
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

40
Requests

98 %
HTTPS

44 %
IPv6

7
Domains

10
Subdomains

8
IPs

4
Countries

1656 kB
Transfer

1731 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.hairserum-best2.shoptattoostuff.store/ Page URL
  2. https://us.metacpa.net/vj99d95zkx/sub1/sub2/sub3/sub4/sub5 HTTP 302
    https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://www.buygoods.com/images/buygoods_black.png HTTP 301
  • https://buygoods.com/images/buygoods_black.png

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.hairserum-best2.shoptattoostuff.store/ 		3 KB
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hairserum-best2.shoptattoostuff.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::517:321b , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
8f5fe44f250aae2de37bf15d19457ec31d8af8589724197a54a2cc87b8c56b7d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 14:18:45 GMT
etag
W/"c61-61b05ccdbb080"
last-modified
Sun, 16 Jun 2024 18:13:06 GMT
server
nginx/1.24.0
vary
Accept-Encoding
script.js
www.hairserum-best2.shoptattoostuff.store/ 		472 B
663 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hairserum-best2.shoptattoostuff.store/script.js
Requested by
Host: www.hairserum-best2.shoptattoostuff.store
URL: https://www.hairserum-best2.shoptattoostuff.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::517:321b , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
2a5598d7c3da76beb03bfc90d507e314ea11b862a6ef24669103ba912aca7dde

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hairserum-best2.shoptattoostuff.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 14:18:45 GMT
last-modified
Sun, 16 Jun 2024 18:13:06 GMT
server
nginx/1.24.0
etag
"666f2b32-1d8"
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
472
expires
Thu, 19 Jun 2025 14:18:45 GMT
styles.css
www.hairserum-best2.shoptattoostuff.store/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hairserum-best2.shoptattoostuff.store/styles.css
Requested by
Host: www.hairserum-best2.shoptattoostuff.store
URL: https://www.hairserum-best2.shoptattoostuff.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::517:321b , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e55a2f38119501e314b467bacc1a2f1038d75d69e4904b84d430192e28c2bec6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hairserum-best2.shoptattoostuff.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 14:18:45 GMT
content-encoding
gzip
last-modified
Sun, 16 Jun 2024 18:13:06 GMT
server
nginx/1.24.0
etag
W/"666f2b32-b68"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Thu, 19 Jun 2025 14:18:45 GMT
header.jpg
www.hairserum-best2.shoptattoostuff.store/images/ 		322 KB
322 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hairserum-best2.shoptattoostuff.store/images/header.jpg
Requested by
Host: www.hairserum-best2.shoptattoostuff.store
URL: https://www.hairserum-best2.shoptattoostuff.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::517:321b , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hairserum-best2.shoptattoostuff.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 14:18:45 GMT
last-modified
Sun, 16 Jun 2024 18:13:06 GMT
server
nginx/1.24.0
etag
"666f2b32-506fb"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
329467
expires
Thu, 19 Jun 2025 14:18:45 GMT
0tb9pgszmmsaf5sepes7lw.jpg
www.hairserum-best2.shoptattoostuff.store/images/ 		259 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hairserum-best2.shoptattoostuff.store/images/0tb9pgszmmsaf5sepes7lw.jpg
Requested by
Host: www.hairserum-best2.shoptattoostuff.store
URL: https://www.hairserum-best2.shoptattoostuff.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::517:321b , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hairserum-best2.shoptattoostuff.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 14:18:45 GMT
last-modified
Sun, 16 Jun 2024 18:13:06 GMT
server
nginx/1.24.0
etag
"666f2b32-40ab3"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
264883
expires
Thu, 19 Jun 2025 14:18:45 GMT
5u23t0rpl49gqf4fh5nw3t.jpg
www.hairserum-best2.shoptattoostuff.store/images/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hairserum-best2.shoptattoostuff.store/images/5u23t0rpl49gqf4fh5nw3t.jpg
Requested by
Host: www.hairserum-best2.shoptattoostuff.store
URL: https://www.hairserum-best2.shoptattoostuff.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::517:321b , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hairserum-best2.shoptattoostuff.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 14:18:46 GMT
last-modified
Sun, 16 Jun 2024 18:13:06 GMT
server
nginx/1.24.0
etag
"666f2b32-14015"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
81941
expires
Thu, 19 Jun 2025 14:18:46 GMT
iv8ajz8i6ysp0ip955ogwc.jpg
www.hairserum-best2.shoptattoostuff.store/images/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hairserum-best2.shoptattoostuff.store/images/iv8ajz8i6ysp0ip955ogwc.jpg
Requested by
Host: www.hairserum-best2.shoptattoostuff.store
URL: https://www.hairserum-best2.shoptattoostuff.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::517:321b , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hairserum-best2.shoptattoostuff.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 14:18:46 GMT
last-modified
Sun, 16 Jun 2024 18:13:06 GMT
server
nginx/1.24.0
etag
"666f2b32-14b63"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
84835
expires
Thu, 19 Jun 2025 14:18:46 GMT
zk71nx3l98bwq3zei6ll1j.jpg
www.hairserum-best2.shoptattoostuff.store/images/ 		239 KB
239 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hairserum-best2.shoptattoostuff.store/images/zk71nx3l98bwq3zei6ll1j.jpg
Requested by
Host: www.hairserum-best2.shoptattoostuff.store
URL: https://www.hairserum-best2.shoptattoostuff.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::517:321b , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hairserum-best2.shoptattoostuff.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 14:18:46 GMT
last-modified
Sun, 16 Jun 2024 18:13:06 GMT
server
nginx/1.24.0
etag
"666f2b32-3bb75"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
244597
expires
Thu, 19 Jun 2025 14:18:46 GMT
qb9d145rrv37skwr8qvusx.jpg
www.hairserum-best2.shoptattoostuff.store/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hairserum-best2.shoptattoostuff.store/images/qb9d145rrv37skwr8qvusx.jpg
Requested by
Host: www.hairserum-best2.shoptattoostuff.store
URL: https://www.hairserum-best2.shoptattoostuff.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::517:321b , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hairserum-best2.shoptattoostuff.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 14:18:46 GMT
last-modified
Sun, 16 Jun 2024 18:13:06 GMT
server
nginx/1.24.0
etag
"666f2b32-5e9a"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
24218
expires
Thu, 19 Jun 2025 14:18:46 GMT
bbmr6s0d9xjhyk7zga9knz.jpg
www.hairserum-best2.shoptattoostuff.store/images/ 		205 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hairserum-best2.shoptattoostuff.store/images/bbmr6s0d9xjhyk7zga9knz.jpg
Requested by
Host: www.hairserum-best2.shoptattoostuff.store
URL: https://www.hairserum-best2.shoptattoostuff.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::517:321b , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hairserum-best2.shoptattoostuff.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 14:18:46 GMT
last-modified
Sun, 16 Jun 2024 18:13:06 GMT
server
nginx/1.24.0
etag
"666f2b32-333bf"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
209855
expires
Thu, 19 Jun 2025 14:18:46 GMT
nemfxvp2n3axlejw3ath9i.jpg
www.hairserum-best2.shoptattoostuff.store/images/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hairserum-best2.shoptattoostuff.store/images/nemfxvp2n3axlejw3ath9i.jpg
Requested by
Host: www.hairserum-best2.shoptattoostuff.store
URL: https://www.hairserum-best2.shoptattoostuff.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::517:321b , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hairserum-best2.shoptattoostuff.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 14:18:46 GMT
last-modified
Sun, 16 Jun 2024 18:13:06 GMT
server
nginx/1.24.0
etag
"666f2b32-1441b"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
82971
expires
Thu, 19 Jun 2025 14:18:46 GMT
plain
pintrast-api-ec650877f49a.herokuapp.com/api/logger/ 		18 B
748 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pintrast-api-ec650877f49a.herokuapp.com/api/logger/plain
Requested by
Host: www.hairserum-best2.shoptattoostuff.store
URL: https://www.hairserum-best2.shoptattoostuff.store/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.82.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-82-174.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.hairserum-best2.shoptattoostuff.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 19 Jun 2024 14:18:45 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server
Kestrel
Transfer-Encoding
chunked
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718806726&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=ghap5EQD6%2F9YyZNdWndniqGXkV0wJpvOPJlheNEyicI%3D"}]}
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718806726&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=ghap5EQD6%2F9YyZNdWndniqGXkV0wJpvOPJlheNEyicI%3D
Primary Request dtc-revitalze-buygoods
shop.derosehealth.com/
Redirect Chain
  • https://us.metacpa.net/vj99d95zkx/sub1/sub2/sub3/sub4/sub5
  • https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Requested by
Host: www.hairserum-best2.shoptattoostuff.store
URL: https://www.hairserum-best2.shoptattoostuff.store/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
7f3a10dc3a58e7850c19ad7544513917b0d3367ec3f376c6cd99441467fc2803
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' cbsplit.com shop.derosehealth.com shop-derosehealth-com.cbsplit.com ;

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.hairserum-best2.shoptattoostuff.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
content-encoding
gzip
content-security-policy
frame-ancestors 'self' cbsplit.com shop.derosehealth.com shop-derosehealth-com.cbsplit.com ;
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 14:18:47 GMT
server
DOSarrest
vary
Accept-Encoding
x-dis-request-id
689f6520a83b3eca3831b8f516444502

Redirect headers

Connection
close
Content-Length
0
Date
Wed, 19 Jun 2024 14:18:46 GMT
Location
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
media.css
shop.derosehealth.com/sales-new/css/ 		37 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.derosehealth.com/sales-new/css/media.css
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
172bbfc59e5f2f4a4ddf5247691690f9b1493524637d08a991bd08d0e817a604

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
content-encoding
gzip
last-modified
Mon, 24 Jul 2023 04:46:41 GMT
server
DOSarrest
etag
W/"64be0231-93fc"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
x-dis-request-id
0d642bfceb3b27c52ee00114b1ebdb8d
common.css
shop.derosehealth.com/sales-new/css/ 		2 KB
904 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.derosehealth.com/sales-new/css/common.css
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
1e45053cbcf1e23a36f77fd36a565286d48836928a4559a51828d9eb03a45234

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 05:17:47 GMT
server
DOSarrest
etag
W/"6417ec7b-784"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
x-dis-request-id
85c36cf6e5fe4714dd0df7d7f19d0835
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
41717754140da48978b3d13db0f706b236c8afa32a66df38267bffb0634c1c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 19 Jun 2024 14:18:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 19 Jun 2024 13:44:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jun 2024 14:18:47 GMT
css2
fonts.googleapis.com/ 		11 KB
906 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42d83450e41e8f068fa4afb9194a54a18715aea5923bb7a8e7381c4554abccb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 19 Jun 2024 14:18:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 19 Jun 2024 13:17:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jun 2024 14:18:47 GMT
style.css
shop.derosehealth.com/ABC/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.derosehealth.com/ABC/style.css
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
d6e014825646a96388211322ef731c101d2ddcdae3213aa97e131a05266e9637

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 05:46:38 GMT
server
DOSarrest
etag
W/"647830be-17bb"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
x-dis-request-id
a50539d357a4aca11fed7f4405eb59bf
bundle.css
shop.derosehealth.com/ABC/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.derosehealth.com/ABC/bundle.css
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
fcfc766cad1f0b6fa2fe810030df687c126355ce42c4d64ea352a8bd69eea82e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
content-encoding
gzip
last-modified
Wed, 31 May 2023 06:33:01 GMT
server
DOSarrest
etag
W/"6476ea1d-2eae"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
x-dis-request-id
2e3874d989e3a197d8c605dd3bcab4db
pkg1-w-save-v2.png
shop.derosehealth.com/sales-new/images/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.derosehealth.com/sales-new/images/pkg1-w-save-v2.png
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
8880c601e9f02290310d1e8859efcefc279ae85acedb8cc3a7be4641da15bb61

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
last-modified
Mon, 24 Jul 2023 04:53:23 GMT
server
DOSarrest
etag
"64be03c3-e966"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
59750
x-dis-request-id
15238589ab252615cdd985c53221931a
ship-icon.png
shop.derosehealth.com/sales-new/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.derosehealth.com/sales-new/images/ship-icon.png
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
6f4a9f4ffe743100d98ba2615cdc6346b223284c247551476308a7e5db473713

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
last-modified
Mon, 20 Mar 2023 05:18:27 GMT
server
DOSarrest
etag
"6417eca3-631"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1585
x-dis-request-id
9aebde6262e49dfdac8ed9ce2c945b90
pkgbtn.png
shop.derosehealth.com/sales-new/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.derosehealth.com/sales-new/images/pkgbtn.png
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
4005d4fa9821c6813a87a78868751c4259ded2a163c234ea62a7eceaed7b3baa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
last-modified
Mon, 20 Mar 2023 05:18:22 GMT
server
DOSarrest
etag
"6417ec9e-ded"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3565
x-dis-request-id
ba0e858847507c45a18bd54051c92cde
mb-icon.png
shop.derosehealth.com/sales-new/images/ 		541 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.derosehealth.com/sales-new/images/mb-icon.png
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
be99b0789c4e8d09f9c3db2a4eb95db3267de2d7215624f86414bc19c8ea535b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
last-modified
Mon, 20 Mar 2023 05:18:22 GMT
server
DOSarrest
etag
"6417ec9e-21d"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
541
x-dis-request-id
9643d6aa01f13d503f30ee6e362fb419
cards.png
shop.derosehealth.com/sales-new/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.derosehealth.com/sales-new/images/cards.png
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
4531d5259a4b0f595eb9569d8d343eb4a9fb039183d2e66ac8762bdd829b39dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
last-modified
Mon, 20 Mar 2023 05:18:20 GMT
server
DOSarrest
etag
"6417ec9c-1426"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
5158
x-dis-request-id
6314c04580ae710ea67eaea94774279c
pkg3-new-v2-w-save-v2.png
shop.derosehealth.com/sales-new/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.derosehealth.com/sales-new/images/pkg3-new-v2-w-save-v2.png
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
9eff01070f3017434a61c92bc118e6d8d611c6c356a0453989a2bba2104bec01

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
last-modified
Mon, 24 Jul 2023 04:53:23 GMT
server
DOSarrest
etag
"64be03c3-9e3c"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
40508
x-dis-request-id
fcc04a4292c91d80ed372a5d62b045f3
pkg3-w-save-v2.png
shop.derosehealth.com/sales-new/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.derosehealth.com/sales-new/images/pkg3-w-save-v2.png
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
1f770172b500ed47696da0bff4930dfc61589cc9827140dc643e08c12eb14ced

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
last-modified
Mon, 24 Jul 2023 04:53:23 GMT
server
DOSarrest
etag
"64be03c3-6c62"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
27746
x-dis-request-id
05b444f4aa97d220f9a555982275da9e
freeship.png
shop.derosehealth.com/sales-new/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.derosehealth.com/sales-new/images/freeship.png
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
d3331917b00ad82d3052f8abc606ca103b5a2bdbee8a0d11d7d1a21786fcf335

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
last-modified
Mon, 20 Mar 2023 05:18:22 GMT
server
DOSarrest
etag
"6417ec9e-3733"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
14131
x-dis-request-id
9a0766938c73466892f3c03683ca2946
GoldGuarantee-1.svg
shop.derosehealth.com/ABC/image/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.derosehealth.com/ABC/image/GoldGuarantee-1.svg
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
257bb490a869be66b66898ab61040d2651502c0334db32af2382a1c40cf11bee

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
content-encoding
gzip
last-modified
Tue, 30 May 2023 10:03:41 GMT
server
DOSarrest
etag
W/"6475c9fd-2a66"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000, public
x-dis-request-id
504cc103de12a70c5f904538b41072f5
disclaimer
display.buygoods.com/v1/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=6639
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 14:18:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-credentials
true
x-server
WEB_3_7500
cf-ray
89642680c957bf20-WAW
alt-svc
h3=":443"; ma=86400
/
tracking.buygoods.com/track/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.buygoods.com/track/?a=6639&firstcookie=0&tracking_redirect=&referrer=https%3A%2F%2Fwww.hairserum-best2.shoptattoostuff.store%2F&sessid2=&product=rev1,rev2,rev6&vid1=&vid2=&vid3=&caller_url=https%3A%2F%2Fshop.derosehealth.com%2Fdtc-revitalze-buygoods%3Faff_id%3D6235%26subid%3DSZLUIkAmj0%26subid2%3Dvj99d95zkx%26subid3%3D113076%26subid4%3D8997%26fb%3D
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a12fe43daf5416b460ede18c6d2b0b8ed5572eff86f1ad48816360be804d79d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 14:18:47 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
p3p
CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
x-server
WEB_6
cf-ray
89642680fbdd1c01-FRA
expires
Tue, Jan 12 1999 01:01:01 GMT
visits
shop.derosehealth.com/api/ 		556 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.derosehealth.com/api/visits?page_id=43&page_version=&request_id=C7B89482%3ABC72_C0A85015%3A01BB_6672E8C7_4CD9E%3A147DC7&querystring=aff_id%3D6235%26subid%3DSZLUIkAmj0%26subid2%3Dvj99d95zkx%26subid3%3D113076%26subid4%3D8997%26fb%3D&fbclid=&fbp=&fbc=&referrer=https%3A%2F%2Fwww.hairserum-best2.shoptattoostuff.store%2F
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
585f475a627d46adc31ae38f7c44a1f31f9b0a71163ecf5f1e3457dd60ccec00
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' cbsplit.com shop.derosehealth.com shop-derosehealth-com.cbsplit.com ;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
application/javascript; charset=utf-8
date
Wed, 19 Jun 2024 14:18:48 GMT
content-security-policy
frame-ancestors 'self' cbsplit.com shop.derosehealth.com shop-derosehealth-com.cbsplit.com ;
content-encoding
gzip
server
DOSarrest
vary
Accept-Encoding
x-dis-request-id
906ca6fbdd9bbc5ccdfc34d09a594635
SofiaProBlack.woff2
shop.derosehealth.com/sales-new/css/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shop.derosehealth.com/sales-new/css/SofiaProBlack.woff2
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/sales-new/css/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
fb7d5762d712587d7c7afbda146056cc819c68f8656f17248043c0e2b12c62d3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/sales-new/css/common.css
Origin
https://shop.derosehealth.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
last-modified
Mon, 20 Mar 2023 05:17:48 GMT
server
DOSarrest
etag
"6417ec7c-719c"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29084
x-dis-request-id
e86ac0bddcb970b88ec6ad6f6168409f
SofiaProBold.woff2
shop.derosehealth.com/sales-new/css/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shop.derosehealth.com/sales-new/css/SofiaProBold.woff2
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/sales-new/css/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
94911130eeeeda9cc0e6c7b3e0140b8ef99ebf736bcc8b3e90337be62740bd9d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/sales-new/css/common.css
Origin
https://shop.derosehealth.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
last-modified
Mon, 20 Mar 2023 05:17:48 GMT
server
DOSarrest
etag
"6417ec7c-70d8"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
28888
x-dis-request-id
6a1cbc0635336c69a4aac39d593485cd
SofiaProRegular.woff2
shop.derosehealth.com/sales-new/css/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shop.derosehealth.com/sales-new/css/SofiaProRegular.woff2
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/sales-new/css/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
00177b25cd3045a67d5a518fec2e808a21cb2ef5e672f995838644a4b4d477be

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/sales-new/css/common.css
Origin
https://shop.derosehealth.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:48 GMT
last-modified
Mon, 20 Mar 2023 05:17:48 GMT
server
DOSarrest
etag
"6417ec7c-71fc"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29180
x-dis-request-id
0298a924ab4dbcc0b286ca40925b81f7
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://shop.derosehealth.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 08:18:12 GMT
x-content-type-options
nosniff
age
108036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 08:18:12 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://shop.derosehealth.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:48:09 GMT
x-content-type-options
nosniff
age
84639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:48:09 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://shop.derosehealth.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:08:18 GMT
x-content-type-options
nosniff
age
83430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 15:08:18 GMT
buygoods_black.png
buygoods.com/images/
Redirect Chain
  • https://www.buygoods.com/images/buygoods_black.png
  • https://buygoods.com/images/buygoods_black.png
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buygoods.com/images/buygoods_black.png
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H3
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://shop.derosehealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 19 Jun 2024 14:18:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=9596
content-disposition
inline; filename="buygoods_black.webp"
alt-svc
h3=":443"; ma=86400
content-length
4492
cf-bgj
imgq:100,h2pri
last-modified
Tue, 12 Sep 2017 06:30:00 GMT
server
cloudflare
etag
"59b77ee8-257c"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=315360000
x-server
WEB_2
accept-ranges
bytes
cf-ray
896426885ce4bf20-WAW
expires
Sat, 17 Jun 2034 14:18:49 GMT

Redirect headers

date
Wed, 19 Jun 2024 14:18:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
location
https://buygoods.com/images/buygoods_black.png
cache-control
public, max-age=14400
cf-ray
896426845ed6bf20-WAW
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Wed, 19 Jun 2024 18:18:48 GMT
bg
buygoods.com/affiliates/go/conversion/iframe/ Frame 1304 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://buygoods.com/affiliates/go/conversion/iframe/bg?a=6639&t=18ecb169115fc33fdfcd4c7574ab6fc5&s=sessid20240619141848560
Requested by
Host: shop.derosehealth.com
URL: https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://shop.derosehealth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
896426870a5abf2c-WAW
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 19 Jun 2024 14:18:49 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-server
WEB_1
favicon.ico
shop.derosehealth.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shop.derosehealth.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
e4711a56cd20d8fcc6a6d4b8573af021dde012e6d7860c4a03b1094993b78b99

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shop.derosehealth.com/dtc-revitalze-buygoods?aff_id=6235&subid=SZLUIkAmj0&subid2=vj99d95zkx&subid3=113076&subid4=8997&fb=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 19 Jun 2024 14:18:49 GMT
content-encoding
gzip
last-modified
Sat, 25 Feb 2023 17:47:47 GMT
server
DOSarrest
etag
W/"63fa49c3-47e"
vary
Accept-Encoding, Accept-Encoding
content-type
image/x-icon
cache-control
max-age=315360000, public
x-dis-request-id
1bc1cc9bf9f6f894cd09567d017256f3

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage string| mysrc object| newScript object| s function| ReadCookie object| __app function| recordEmailConversion object| spitoday object| spiexpire function| SPIGetDomainName string| hostname object| spi_myNodelist number| spi_i string| spi_pattern_enc_bg string| spi_pattern_base_bg string| spi_replace_str_bg string| spi_pattern_enc_bg_html string| spi_pattern_base_bg_html string| spi_replace_str_bg_html string| spi_pattern_enc_bg_html2 string| spi_pattern_base_bg_html2 string| spi_replace_str_bg_html2 string| spi_pattern_enc_spi string| spi_pattern_base_spi string| spi_replace_str_spi string| spi_pattern_enc_cbd string| spi_pattern_base_cbd string| spi_replace_str_cbd string| spi_pattern_enc_cbd_html string| spi_pattern_base_cbd_html string| spi_replace_str_cbd_html string| spi_replace_enc_cbd string| spi_replace_enc_cbd_html string| spi_replace_enc_bg string| spi_replace_enc_bg_html string| spi_replace_enc_bg_html2 string| spi_replace_enc_spi undefined| spi_track_link object| year

13 Cookies

Domain/Path Name / Value
us.metacpa.net/vj99d95zkx/sub1/sub2/sub3/sub4 Name: CID
Value: SZLUIkAmj0
shop.derosehealth.com/ Name: user_id
Value: 61d5f2f3e77a71a3f2bb8ebceb934a41
shop.derosehealth.com/ Name: user_id.sig
Value: PTbcykVlrUiIZ9JlYI-pVQBhoxo
shop.derosehealth.com/ Name: uid
Value: wKhQF2Zy6MeyZwA6Az7xAg==
shop.derosehealth.com/ Name: cnid
Value: 2
.derosehealth.com/ Name: sessid2
Value: sessid20240619141848560
.derosehealth.com/ Name: spi_funnel_codename
Value:
.derosehealth.com/ Name: aff_id
Value: 6235
.derosehealth.com/ Name: sid
Value: SZLUIkAmj0%7Cvj99d95zkx
.derosehealth.com/ Name: campaign_id
Value:
.derosehealth.com/ Name: referrer
Value: 2a01:4a0:1338:93::10:www.hairserum-best2.shoptattoostuff.store:shop.derosehealth.com%2Fdtc-revitalze-buygoods
shop.derosehealth.com/ Name: affiliate
Value: 6235
shop.derosehealth.com/ Name: affiliate.sig
Value: vaDROjlcsgaGUqbUX7wTH9WYu7I

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buygoods.com
display.buygoods.com
fonts.googleapis.com
fonts.gstatic.com
pintrast-api-ec650877f49a.herokuapp.com
shop.derosehealth.com
tracking.buygoods.com
us.metacpa.net
www.buygoods.com
www.hairserum-best2.shoptattoostuff.store
172.66.40.141
172.66.43.115
2606:4700:3108::ac42:2b73
2a00:1450:4001:80e::2003
2a00:1450:4001:81d::200a
2a03:6f00:6:1::517:321b
45.55.43.217
52.5.82.174
69.172.200.220
00177b25cd3045a67d5a518fec2e808a21cb2ef5e672f995838644a4b4d477be
172bbfc59e5f2f4a4ddf5247691690f9b1493524637d08a991bd08d0e817a604
1e45053cbcf1e23a36f77fd36a565286d48836928a4559a51828d9eb03a45234
1f770172b500ed47696da0bff4930dfc61589cc9827140dc643e08c12eb14ced
257bb490a869be66b66898ab61040d2651502c0334db32af2382a1c40cf11bee
2a5598d7c3da76beb03bfc90d507e314ea11b862a6ef24669103ba912aca7dde
33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159
4005d4fa9821c6813a87a78868751c4259ded2a163c234ea62a7eceaed7b3baa
41717754140da48978b3d13db0f706b236c8afa32a66df38267bffb0634c1c14
42d83450e41e8f068fa4afb9194a54a18715aea5923bb7a8e7381c4554abccb7
4531d5259a4b0f595eb9569d8d343eb4a9fb039183d2e66ac8762bdd829b39dd
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
585f475a627d46adc31ae38f7c44a1f31f9b0a71163ecf5f1e3457dd60ccec00
6f4a9f4ffe743100d98ba2615cdc6346b223284c247551476308a7e5db473713
7f3a10dc3a58e7850c19ad7544513917b0d3367ec3f376c6cd99441467fc2803
8880c601e9f02290310d1e8859efcefc279ae85acedb8cc3a7be4641da15bb61
8f5fe44f250aae2de37bf15d19457ec31d8af8589724197a54a2cc87b8c56b7d
94911130eeeeda9cc0e6c7b3e0140b8ef99ebf736bcc8b3e90337be62740bd9d
9a12fe43daf5416b460ede18c6d2b0b8ed5572eff86f1ad48816360be804d79d
9eff01070f3017434a61c92bc118e6d8d611c6c356a0453989a2bba2104bec01
b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236
be99b0789c4e8d09f9c3db2a4eb95db3267de2d7215624f86414bc19c8ea535b
d3331917b00ad82d3052f8abc606ca103b5a2bdbee8a0d11d7d1a21786fcf335
d6e014825646a96388211322ef731c101d2ddcdae3213aa97e131a05266e9637
e4711a56cd20d8fcc6a6d4b8573af021dde012e6d7860c4a03b1094993b78b99
e55a2f38119501e314b467bacc1a2f1038d75d69e4904b84d430192e28c2bec6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb7d5762d712587d7c7afbda146056cc819c68f8656f17248043c0e2b12c62d3
fcfc766cad1f0b6fa2fe810030df687c126355ce42c4d64ea352a8bd69eea82e