jeffreestarcosmetics.com Open in urlscan Pro
23.227.38.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jeffreestarcosmetics.com/
Effective URL:
https://jeffreestarcosmetics.com/
Submission: On March 27 via api (March 27th 2024, 1:52:41 pm UTC) from US — Scanned from CA

Summary HTTP 181 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 45 IPs in 6 countries across 34 domains to perform 181 HTTP transactions. The main IP is 23.227.38.32, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is jeffreestarcosmetics.com.
TLS certificate: Issued by R3 on March 19th 2024. Valid for: 3 months.

This is the only time jeffreestarcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 47	23.227.38.32 23.227.38.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.163.95 142.251.163.95	15169 (GOOGLE) (GOOGLE)
2	23.227.38.33 23.227.38.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	23.62.174.68 23.62.174.68	16625 (AKAMAI-AS) (AKAMAI-AS)
8	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
3	172.67.68.196 172.67.68.196	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	23.227.60.200 23.227.60.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.251.179.97 142.251.179.97	15169 (GOOGLE) (GOOGLE)
4	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
2	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	172.253.62.95 172.253.62.95	15169 (GOOGLE) (GOOGLE)
2	23.22.5.68 23.22.5.68	14618 (AMAZON-AES) (AMAZON-AES)
1	104.22.0.204 104.22.0.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.162.3.118 3.162.3.118	16509 (AMAZON-02) (AMAZON-02)
3	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
3	142.251.163.101 142.251.163.101	15169 (GOOGLE) (GOOGLE)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	13.127.102.73 13.127.102.73	16509 (AMAZON-02) (AMAZON-02)
2	3.132.1.36 3.132.1.36	16509 (AMAZON-02) (AMAZON-02)
1	52.3.141.14 52.3.141.14	14618 (AMAZON-AES) (AMAZON-AES)
1	172.67.11.155 172.67.11.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
1	142.251.167.157 142.251.167.157	15169 (GOOGLE) (GOOGLE)
1	172.253.115.113 172.253.115.113	15169 (GOOGLE) (GOOGLE)
3	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	142.251.163.154 142.251.163.154	15169 (GOOGLE) (GOOGLE)
1 1	142.251.163.106 142.251.163.106	15169 (GOOGLE) (GOOGLE)
1	142.251.16.94 142.251.16.94	15169 (GOOGLE) (GOOGLE)
2	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
1	185.93.1.244 185.93.1.244	60068 (CDN77 _) (CDN77 _)
1	104.18.7.32 104.18.7.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.119.119.142 74.119.119.142	19750 (AS-CRITEO) (AS-CRITEO)
2	47.112.135.248 47.112.135.248	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
2	3.161.210.216 3.161.210.216	16509 (AMAZON-02) (AMAZON-02)
6	104.22.32.205 104.22.32.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.162.3.7 3.162.3.7	16509 (AMAZON-02) (AMAZON-02)
1	172.67.68.105 172.67.68.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.229.163.223 192.229.163.223	15133 (EDGECAST) (EDGECAST)
2	143.198.251.218 143.198.251.218	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
2	3.162.7.55 3.162.7.55	16509 (AMAZON-02) (AMAZON-02)
5	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
1	172.67.69.32 172.67.69.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.67.12.125 172.67.12.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
181	45

47 23.227.38.32 (Ottawa, Canada) 1 redirects

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com

jeffreestarcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.227.38.33 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: checkout.shopify.com

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 23.62.174.68 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-174-68.deploy.static.akamaitechnologies.com

cdn-widgetsrepository.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-loyalty.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.68.196 (United States)

ASN13335 (CLOUDFLARENET, US)

amaicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 23.227.60.200 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.179.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.163.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.62.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.22.5.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-5-68.compute-1.amazonaws.com

app.restockrocket.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.0.204 (None, )

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-118.yul62.r.cloudfront.net

d1stxfv94hrhia.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.163.101 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f101.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.127.102.73 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-127-102-73.ap-south-1.compute.amazonaws.com

customerapp.anncode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.132.1.36 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-1-36.us-east-2.compute.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.141.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-141-14.compute-1.amazonaws.com

waves.retentionscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.11.155 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f113.1e100.net

www.merchant-center-analytics.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

jsccustomerservice.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.154 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.106 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: wv-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.94 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.93.1.244 (Chicago, United States)

ASN60068 (CDN77 _, GB)
PTR: 185-93-1-244.bunnyinfra.net

gdprcdn.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.7.32 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.weglot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.142 (United States)

ASN19750 (AS-CRITEO, US)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.112.135.248 (Shenzhen, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

a.glosku.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.161.210.216 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-210-216.yul62.r.cloudfront.net

d18eg7dreypte5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.22.32.205 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.rebuyengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.162.3.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-7.yul62.r.cloudfront.net

beacon-v2.helpscout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.68.105 (United States)

ASN13335 (CLOUDFLARENET, US)

discountmanager.amai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.163.223 (United States)

ASN15133 (EDGECAST, US)

cdn-swell-assets.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.198.251.218 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

gdpr.apps.isenselabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.162.7.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-7-55.yul62.r.cloudfront.net

d3hb14vkzrxvla.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.2.132 (United States)

ASN54113 (FASTLY, US)

cached.rebuyengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.69.32 (United States)

ASN13335 (CLOUDFLARENET, US)

consentmo-geo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.12.125 (United States)

ASN13335 (CLOUDFLARENET, US)

rebuyengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	jeffreestarcosmetics.com 1 redirects jeffreestarcosmetics.com	1021 KB
22	yotpo.com cdn-widgetsrepository.yotpo.com — Cisco Umbrella Rank: 8815 staticw2.yotpo.com — Cisco Umbrella Rank: 7400 p.yotpo.com — Cisco Umbrella Rank: 7255 cdn-loyalty.yotpo.com — Cisco Umbrella Rank: 13900 cdn-swell-assets.yotpo.com — Cisco Umbrella Rank: 16126	609 KB
16	rebuyengine.com cdn.rebuyengine.com — Cisco Umbrella Rank: 16055 cached.rebuyengine.com — Cisco Umbrella Rank: 16314 rebuyengine.com — Cisco Umbrella Rank: 15038	264 KB
16	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2158	713 KB
12	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 3219 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4111 fast.a.klaviyo.com — Cisco Umbrella Rank: 4300 static-forms.klaviyo.com — Cisco Umbrella Rank: 3986	73 KB
9	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2168 ekr.zdassets.com — Cisco Umbrella Rank: 2557	221 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	491 KB
5	cloudfront.net d1stxfv94hrhia.cloudfront.net d18eg7dreypte5.cloudfront.net d3hb14vkzrxvla.cloudfront.net	22 KB
4	gstatic.com fonts.gstatic.com	126 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 357	63 KB
3	helpscout.net beacon-v2.helpscout.net — Cisco Umbrella Rank: 11435	32 KB
3	zendesk.com jsccustomerservice.zendesk.com	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 182	75 KB
3	amaicdn.com amaicdn.com — Cisco Umbrella Rank: 25503	660 KB
2	isenselabs.com gdpr.apps.isenselabs.com — Cisco Umbrella Rank: 18093	664 B
2	glosku.com a.glosku.com — Cisco Umbrella Rank: 368011	13 KB
2	criteo.com dynamic.criteo.com — Cisco Umbrella Rank: 3862 gum.criteo.com — Cisco Umbrella Rank: 469	20 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	377 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 91 googleads.g.doubleclick.net — Cisco Umbrella Rank: 39	375 B
2	anncode.com customerapp.anncode.com	10 KB
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 4049 cdn.acsbapp.com — Cisco Umbrella Rank: 4244	92 KB
2	restockrocket.io app.restockrocket.io — Cisco Umbrella Rank: 81546	3 KB
2	shop.app shop.app — Cisco Umbrella Rank: 2862	3 KB
1	consentmo-geo.com consentmo-geo.com — Cisco Umbrella Rank: 21288	586 B
1	amai.com discountmanager.amai.com — Cisco Umbrella Rank: 120534	2 KB
1	weglot.com cdn.weglot.com — Cisco Umbrella Rank: 11464	428 B
1	b-cdn.net gdprcdn.b-cdn.net — Cisco Umbrella Rank: 36785	24 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 9137	64 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	24 B
1	merchant-center-analytics.goog www.merchant-center-analytics.goog — Cisco Umbrella Rank: 5440	250 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	2 KB
1	retentionscience.com waves.retentionscience.com — Cisco Umbrella Rank: 62881	109 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 234	3 KB
181	34

	Domain	Requested by
47	jeffreestarcosmetics.com	1 redirects jeffreestarcosmetics.com
16	cdn.shopify.com	jeffreestarcosmetics.com
15	staticw2.yotpo.com	jeffreestarcosmetics.com staticw2.yotpo.com cdn-widgetsrepository.yotpo.com
8	static.zdassets.com	jeffreestarcosmetics.com static.zdassets.com
8	static.klaviyo.com	jeffreestarcosmetics.com static.klaviyo.com
6	cdn.rebuyengine.com	jeffreestarcosmetics.com cdn.rebuyengine.com
6	www.googletagmanager.com	jeffreestarcosmetics.com www.googletagmanager.com www.google-analytics.com
5	rebuyengine.com	jeffreestarcosmetics.com
5	cached.rebuyengine.com	jeffreestarcosmetics.com client
4	fonts.gstatic.com	fonts.googleapis.com
3	beacon-v2.helpscout.net	jeffreestarcosmetics.com beacon-v2.helpscout.net
3	jsccustomerservice.zendesk.com	static.zdassets.com
3	www.google-analytics.com	jeffreestarcosmetics.com www.googletagmanager.com
3	connect.facebook.net	jeffreestarcosmetics.com connect.facebook.net
3	amaicdn.com	jeffreestarcosmetics.com amaicdn.com
3	cdn-widgetsrepository.yotpo.com	jeffreestarcosmetics.com cdn-widgetsrepository.yotpo.com
2	d3hb14vkzrxvla.cloudfront.net	jeffreestarcosmetics.com
2	gdpr.apps.isenselabs.com	jeffreestarcosmetics.com
2	d18eg7dreypte5.cloudfront.net	jeffreestarcosmetics.com
2	a.glosku.com	jeffreestarcosmetics.com
2	www.facebook.com	jeffreestarcosmetics.com
2	p.yotpo.com	jeffreestarcosmetics.com
2	customerapp.anncode.com	jeffreestarcosmetics.com
2	app.restockrocket.io	jeffreestarcosmetics.com
2	ajax.googleapis.com	amaicdn.com jeffreestarcosmetics.com
2	static-tracking.klaviyo.com	static.klaviyo.com
2	shop.app	jeffreestarcosmetics.com
2	fonts.googleapis.com	jeffreestarcosmetics.com client
1	consentmo-geo.com	jeffreestarcosmetics.com
1	gum.criteo.com	dynamic.criteo.com
1	cdn-swell-assets.yotpo.com	cdn-loyalty.yotpo.com
1	discountmanager.amai.com	jeffreestarcosmetics.com
1	cdn-loyalty.yotpo.com	jeffreestarcosmetics.com
1	dynamic.criteo.com	jeffreestarcosmetics.com
1	cdn.weglot.com	jeffreestarcosmetics.com
1	gdprcdn.b-cdn.net	jeffreestarcosmetics.com
1	www.google.ca	jeffreestarcosmetics.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.merchant-center-analytics.goog	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	stats.g.doubleclick.net	jeffreestarcosmetics.com
1	cdn.acsbapp.com	acsbapp.com
1	waves.retentionscience.com	jeffreestarcosmetics.com
1	static-forms.klaviyo.com	jeffreestarcosmetics.com
1	fast.a.klaviyo.com	jeffreestarcosmetics.com
1	d1stxfv94hrhia.cloudfront.net	jeffreestarcosmetics.com
1	ekr.zdassets.com	static.zdassets.com
1	acsbapp.com	jeffreestarcosmetics.com
1	cdnjs.cloudflare.com	jeffreestarcosmetics.com
181	50

This site contains links to these domains. Also see Links.

Domain
accessibe.com
www.tiktok.com
www.youtube.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
jeffreestarcosmetics.com R3	`2024-03-19` - `2024-06-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
shop.app E1	`2024-03-17` - `2024-06-15`	3 months	crt.sh
*.yotpo.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-30` - `2025-01-29`	a year	crt.sh
static.klaviyo.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
amaicdn.com GTS CA 1P5	`2024-01-29` - `2024-04-28`	3 months	crt.sh
zdassets.com E1	`2024-03-03` - `2024-06-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
cdn.shopify.com E1	`2024-03-05` - `2024-06-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
static-tracking.klaviyo.com R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
app.restockrocket.io R3	`2024-03-19` - `2024-06-17`	3 months	crt.sh
acsbapp.com GTS CA 1P5	`2024-02-23` - `2024-05-23`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-04` - `2024-04-03`	3 months	crt.sh
fast.a.klaviyo.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
static-forms.klaviyo.com R3	`2024-02-20` - `2024-05-20`	3 months	crt.sh
customerapp.anncode.com R3	`2024-03-11` - `2024-06-09`	3 months	crt.sh
yotpo.com Amazon RSA 2048 M03	`2024-02-04` - `2025-03-05`	a year	crt.sh
retentionscience.com Amazon RSA 2048 M03	`2023-10-09` - `2024-11-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
merchant-center-analytics.goog GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
jsccustomerservice.zendesk.com Cloudflare Inc ECC CA-3	`2023-07-17` - `2024-07-16`	a year	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2023-11-05` - `2024-11-11`	a year	crt.sh
cdn.weglot.com GTS CA 1P5	`2024-03-05` - `2024-06-03`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
a.glosku.com Encryption Everywhere DV TLS CA - G1	`2023-04-03` - `2024-04-02`	a year	crt.sh
cdn.rebuyengine.com E1	`2024-03-07` - `2024-06-05`	3 months	crt.sh
*.helpscout.net Amazon RSA 2048 M03	`2024-03-18` - `2025-04-15`	a year	crt.sh
amai.com E1	`2024-02-07` - `2024-05-07`	3 months	crt.sh
gdpr.apps.isenselabs.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-03` - `2024-11-17`	a year	crt.sh
cached.rebuyengine.com R3	`2024-03-05` - `2024-06-03`	3 months	crt.sh
consentmo-geo.com GTS CA 1P5	`2024-03-22` - `2024-06-20`	3 months	crt.sh
rebuyengine.com E1	`2024-03-25` - `2024-06-23`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://jeffreestarcosmetics.com/
Frame ID: 69816094082118D09BD8D8A717334AB3
Requests: 166 HTTP requests in this frame

Frame: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/custom/web-pixel-shopify-custom-pixel@0575/sandbox/modern/
Frame ID: 45525DDAFA64DC615EE83BF51D6EFB09
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-55d363e.js
Frame ID: 714F86AC14D4F0CE3AB02BD12165CBE9
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=jeffreestarcosmetics.com&origin=onetag
Frame ID: 3C8E64D0C097C36C9715A4FFF1EC1B43
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jeffree Star Cosmetics

Page URL History Show full URLs

http://jeffreestarcosmetics.com/ HTTP 307
https://jeffreestarcosmetics.com/ Page URL

Detected technologies

Amazon Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<meta id="amazon-payments

Apple Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<script id="apple-pay

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

Weglot (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

cdn\.weglot\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

181
Requests

99 %
HTTPS

0 %
IPv6

34
Domains

50
Subdomains

45
IPs

6
Countries

4565 kB
Transfer

12169 kB
Size

38
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Accessibility Screen-Reader Guide, Feedback, and Issue Reporting

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@jeffreestarcosmetics
Title: TikTok

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/jeffreestar
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/jeffreeStar
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/jeffreestarcosmetics/
Title: instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jeffreestarcosmetics.com/ HTTP 307
https://jeffreestarcosmetics.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 107

https://jeffreestarcosmetics.com/discount/CLEAR HTTP 302
https://jeffreestarcosmetics.com/

Request Chain 114

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/325015524/?random=411251186&cv=11&fst=1711547554515&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcs=G111&gcd=13t3t3t3t5&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F&label=-vhjCOTXpOICEOSv_ZoB&tiba=Jeffree%20Star%20Cosmetics&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=0&ec_m=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)*SPAN%3Atrue%3A22%3Afalse*1&ec_sel=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)&ec_meta=SPAN%3Atrue%3A22%3Afalse&ec_lat=4&ec_s=1&pscdl=noapi&auid=1041787684.1711547555&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI4O6KwMuUhQMV3E9HAR3PWAGSMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjohaHR0cHM6Ly9qZWZmcmVlc3RhcmNvc21ldGljcy5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/325015524/?random=411251186&cv=11&fst=1711547554515&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcs=G111&gcd=13t3t3t3t5&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F&label=-vhjCOTXpOICEOSv_ZoB&tiba=Jeffree%20Star%20Cosmetics&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=0&ec_m=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)*SPAN%3Atrue%3A22%3Afalse*1&ec_sel=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)&ec_meta=SPAN%3Atrue%3A22%3Afalse&ec_lat=4&ec_s=1&pscdl=noapi&auid=1041787684.1711547555&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI4O6KwMuUhQMV3E9HAR3PWAGSMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjohaHR0cHM6Ly9qZWZmcmVlc3RhcmNvc21ldGljcy5jb20v&is_vtc=1&cid=CAQSGwB7FLtqJ1S-PhjN9xPA1csVuluNzx-I7NJ_-Q&random=169351575 HTTP 302
https://www.google.ca/pagead/1p-conversion/325015524/?random=411251186&cv=11&fst=1711547554515&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcs=G111&gcd=13t3t3t3t5&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F&label=-vhjCOTXpOICEOSv_ZoB&tiba=Jeffree%20Star%20Cosmetics&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=0&ec_m=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)*SPAN%3Atrue%3A22%3Afalse*1&ec_sel=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)&ec_meta=SPAN%3Atrue%3A22%3Afalse&ec_lat=4&ec_s=1&pscdl=noapi&auid=1041787684.1711547555&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI4O6KwMuUhQMV3E9HAR3PWAGSMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjohaHR0cHM6Ly9qZWZmcmVlc3RhcmNvc21ldGljcy5jb20v&is_vtc=1&cid=CAQSGwB7FLtqJ1S-PhjN9xPA1csVuluNzx-I7NJ_-Q&random=169351575&ipr=y

181 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
jeffreestarcosmetics.com/
Redirect Chain

http://jeffreestarcosmetics.com/
https://jeffreestarcosmetics.com/

156 KB
28 KB

297ms
236ms

Document
text/html

23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

21f1a123a3e5c681a3ca575ac7cd7af919cf596e28f8707e24e36936503296aa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86afdc89985f7139-YUL
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 13:52:32 GMT
etag: "cacheable:cc9d61dd75d15ab8c4dd3305fe09ac79"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Be1yFmE2oQxnFwyUeumcIegoudzNtYpud7EelyEMv7sFg5HLjGKV49MUXS61ojFwSEckZR7bE3p9%2BGdFeIKKVoW0FIcHyx31QnnjAaZvbK2r6t%2Fo4XM0dFngKsZoMtGsfaCkQ3HoGG7kfA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=154;desc="gc:32", db;dur=35, fetch;dur=1, render;dur=29, wasm, asn;desc="212238", edge;desc="YUL", country;desc="CA", theme;desc="143359049855", pageType;desc="index", servedBy;desc="4gdb", requestID;desc="2cf882fa-67d3-46fc-8886-e169ea85aef9-1711547552" cfRequestDuration;dur=208.999872, earlyhints
strict-transport-security: max-age=7889238
vary: Accept
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 2cf882fa-67d3-46fc-8886-e169ea85aef9-1711547552
x-shardid: 126
x-shopid: 6732291
x-shopify-stage: production
x-sorting-hat-podid: 126
x-sorting-hat-shopid: 6732291
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

Redirect headers

Location: https://jeffreestarcosmetics.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 130ms
51ms Stylesheet
text/css 142.251.163.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Anton&family=Oswald:wght@400;600;700&family=PT+Sans+Narrow:wght@400;700&display=swap

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f95.1e100.net

Software

ESF /

Resource Hash

a3c9f7f04fd3ace2d223fc29cf0f3f0c30a78ac5ff3538a510b87c8571d28cda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Mar 2024 13:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 13:52:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Mar 2024 13:52:32 GMT

GET
H2 200 style.scss.css
jeffreestarcosmetics.com/cdn/shop/t/242/assets/ 85 KB
16 KB 46ms
44ms Stylesheet
text/css 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/style.scss.css?v=140125147679381315831698331454

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

b5e3bbf3b396ac6e77914ab2b2747aa6d19836fad35e51ebfe8e0e7bedd5a7b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-east1
age: 10911320
content-encoding: br
server-timing: imagery;dur=551.503, imageryFetch;dur=71.104, imageryProcess;dur=465.650;desc="scss", cfRequestDuration;dur=18.999815
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 54de4a79-8538-4866-a862-483b6f32a9f5
last-modified: Thu, 02 Nov 2023 04:03:45 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z2%2BouTqeyzcF9xCHWYVBC3dvCD87EB%2BtuUl3SRvaqNuOackFWak2lvGWnY5DPDcssk5stVZugZr76D0QV%2Bo84FeBs2YRmXixEt%2BR6emTJe%2B5UYCGOjWqOhSCxj4ThZJEkQ8gcN18f%2BY21Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 86afdc8b1a807139-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0673/2291/t/242/assets/style.scss.css>; rel="canonical"
x-sorting-hat-podid: 126

GET
H2 200 index.scss.css
jeffreestarcosmetics.com/cdn/shop/t/242/assets/ 7 KB
2 KB 41ms
41ms Stylesheet
text/css 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/index.scss.css?v=182708044129241983101698318736

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

1bdea061b099a0124814c1f06200ed6b56602cde9c6c06b649c8f9c4f14de23b

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 1132037
x-permitted-cross-domain-policies: none
content-encoding: br
server-timing: imagery;dur=83.046, imageryFetch;dur=51.127, imageryProcess;dur=29.295;desc="scss", cfRequestDuration;dur=13.999939
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 4e531e2d-dd36-414a-be24-e20df8f40a8a-1710182141
last-modified: Mon, 11 Mar 2024 18:36:01 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FXDZxOBLAotvpqA6kNkd%2BnAYzDLERMrnG%2FnR6U8G3hCsu1H9uhEI%2FRSV%2F8nfaFzWr7YQvJhfvmdahUXLfPKT7EI3zBmcrcVXsYHNW7W1Vub2FpEKVI%2B5EXNsigUMp2k985OIZ52Gv0N2%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 86afdc8b1a827139-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0673/2291/t/242/assets/index.scss.css>; rel="canonical"
x-sorting-hat-podid: 126

GET
H3 200 preloads.js Show response
jeffreestarcosmetics.com/checkouts/internal/ 4 KB
2 KB 80ms
79ms Script
application/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

43821947e0ab6bdb5429dbbcbcde95646d7d9348ec285bcf3de9fce9aa5deec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
server-timing: cfRequestDuration;dur=28.000116
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BiIyPEicUfo%2FgfTzTmDNhuzRqrRe5fWTretZCbE6KMrD0xc5Lo9HPcMVOKkoP8jqX7Iv%2F18d8bmGMOl9J1xvrhS5%2BjqiV1pDVvMZRn8deiaNuGT3rQN950cAUz3EEU5NYqNZjBxIE%2BfsHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; encoding=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
timing-allow-origin: *
cf-ray: 86afdc8bef317148-YUL

GET
H2 200 preloads.js Show response
shop.app/checkouts/internal/ 0
587 B 105ms
44ms Script
application/javascript 23.227.38.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/checkouts/internal/preloads.js?locale=en-CA&shop_id=6732291

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.33 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

checkout.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=16.999960
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jUgUAh4ajo1gwHSAOF4n6VMLBuoPB8omRO3NgFPpJoOW1Fziw8Wr%2Biea0rVUcL9rM7hle2Smgk1tNKAGbCNttBArKxPsWMgGvXi4KS%2FBw94%2FTR49fjnjvs%2BX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
timing-allow-origin: *
cf-ray: 86afdc8c5cdc6e08-YUL

GET
H3 200 load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js Show response
jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/storefront/ 12 KB
4 KB 43ms
40ms Script
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1
age: 1124096
content-encoding: br
server-timing: imagery;dur=79.614, imageryFetch;dur=78.649, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d47e67d7-3a3a-4ecb-84ab-6b9ab8821cfb-1710423420
last-modified: Thu, 14 Mar 2024 13:37:00 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K4zDHE36Uoeeas0hGkrSQAVDJt8UIwbkGGAwvgd%2FMRlw8%2FBhsZ21nj%2FP2YRuVY68S8SM9jmnxo5xS%2FAvAZl1OQ2yf%2FATYC%2B0G3MUZJesknfSJZ7tfoVL30jFcQuI2ngSNEPzGas8lW3VQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 86afdc8bff4a7148-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js Show response
jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/shopify_pay/ 49 KB
19 KB 72ms
68ms Script
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js?v=20220906

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-central1
age: 6535685
content-encoding: br
server-timing: imagery;dur=106.470, imageryFetch;dur=27.660, cfRequestDuration;dur=16.999960
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 629d54d5-1e7a-4125-b007-e2c6fafab053
last-modified: Thu, 16 Nov 2023 20:27:35 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GWtxKazth6dScIadfJ9auhBxzU%2FIc0ZhjUKvGg1vF64y4d49p2yrgNet99JkcEjqt%2Bv306CPyZ0QW7kRFLsba4o4RPksdqJxPT5%2BzX5ckQtOMD4XoGQbTde1ftMX%2BY0QTL%2BpqevQ2FChPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 86afdc8bff4c7148-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js Show response
jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/storefront/ 37 KB
14 KB 98ms
94ms Script
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-east1
age: 6531315
content-encoding: br
server-timing: imagery;dur=151.511, imageryFetch;dur=26.945, cfRequestDuration;dur=16.999960
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 06335951-4c27-4ccc-8dfd-8614c00b4041
last-modified: Thu, 11 Jan 2024 23:37:16 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7k3bjCb4IB7hnj5%2F3RqpGxJCJfe8G%2FieCZoC8YOYW3mN4N4sfiOWxXJDJ1SqXjlMgVm%2Bb0wH9GPy1R5lfg6MOPa%2Fy5mj%2BUghsQHs47RLU7h2PsDY3cYBTLniqFzPd7zuR%2FFjmle0M6gMzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 86afdc8bff4f7148-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA Show response
cdn-widgetsrepository.yotpo.com/v1/loader/ 69 KB
13 KB 116ms
39ms Script
application/javascript 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-widgetsrepository.yotpo.com/v1/loader/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA
Requested by: Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-174-68.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d9c5d2f7ac08283c4991901cb2e99b89f7bc2b83c0cde2da06ef4ae4b3bfdfd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ratelimit-reset: 4
content-encoding: gzip
date: Wed, 27 Mar 2024 13:52:32 GMT
x-kong-proxy-latency: 6
x-ratelimit-limit-minute: 5000
x-kong-upstream-latency: 61
x-ratelimit-remaining-minute: 4996
ratelimit-limit: 5000
content-length: 12592
correlation-id: 57a2e76c-5e1c-4d99-a002-eaa6ffda9fe1
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
access-control-allow-credentials: false
ratelimit-remaining: 4996
access-control-allow-headers: *

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 4 KB
2 KB 64ms
19ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1900b83c725993f346411dfcafcd970be84ac03bd682c93f81e44512c124fc65

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 13:52:32 GMT
age: 2280
x-cache: HIT, HIT
content-length: 1172
x-served-by: cache-lga21965-LGA, cache-yyz4544-YYZ
server: nginx
x-timer: S1711547553.673606,VS0,VE1
etag: W/"d1e1f172c83c6284029290225815cb0a"
allow: GET, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-language: en-us
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
content-type: application/javascript
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 39, 1

GET
H2 200 common.js Show response
amaicdn.com/discountmanager/ 3 MB
656 KB 95ms
47ms Script
application/x-javascript 172.67.68.196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://amaicdn.com/discountmanager/common.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.196 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b0f655869a326fc59e9567472f7a629652c394e2b55a9988a4f36f002e298b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
content-encoding: gzip
via: 1.1 d9d0b19761149aebd7234df3fac341aa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-P1
age: 3054
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 670888
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 26 Mar 2024 07:00:16 GMT
server: cloudflare
etag: "c214fe5a29d4eab71a053f2dbae94cba"
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=30wOJkOiJtdSjbDMzGqjQI8YWwLmXPs434MY9g5%2FPBz%2FDve8WorMwmaCQWJUt2ueUXakMmOqOS6vwPBwVTXodHD%2Bho417K6kkocf2PPQK5K94rKPoj7YAQfFjbIp"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 86afdc8b8e9b38e4-YYZ
x-amz-cf-id: jMXvjPFjaZ5UNej0XRr1vVlxjdvH7t-0Lb9EWKSKH-fOrJPqLKRITA==

GET
H2 200 common.css
amaicdn.com/discountmanager/ 8 KB
2 KB 88ms
40ms Stylesheet
text/css 172.67.68.196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://amaicdn.com/discountmanager/common.css

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.196 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9dda4253a3edf4e05f605a04fcd4bc87b88e53456f964519a3667462cc84244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
content-encoding: gzip
via: 1.1 480d73d26133a5d3268f9cfc7c99d59c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-P1
age: 3054
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 1681
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 26 Mar 2024 07:00:13 GMT
server: cloudflare
etag: "ac580c2b432441848eb7a4db08d5ad25"
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F60Jj3NaV85O2qMhuedC7xN8A7QylICAqQbc1sb36IcPkCQ6x9yP4D5Y32T1bvnXBjmYXM63GpSGnCH5I8M3LXCxVm2Ub9QHBrW7W5JGqB7d29YPG0eQWwjU6p0j"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 86afdc8b8e9438e4-YYZ
x-amz-cf-id: O85mw8OtNH3NlBYKDcS23VUWoIPMvbRFu2LRmdfznJFnZurbcjaHVw==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 88ms
41ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=7974f39b-67ff-4bc1-9a4a-de60f7cb81d9

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ATPJN2BBRNAVEP8C
age: 60
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: yZSnXp5joC1jEUcdstI6JJxXe+57NDQVrgC8bP2Gtlxd0OKsnfmbb0FPfdOCVjDBGs07rFDX82g=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XvFDZenBbfwgavw10jeXfhYD6Pi4KWlc4JrRS3t8DvNwqQF%2FxjE5GzMWEBFwWyFosF42QKVUsyfCvAE5A9ca14GzHw0hdwvcRYmQJ4AgGKLsb%2BGA75rWKjFTun%2FsHOJRApXORIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 86afdc8b8b5d36db-YYZ
access-control-allow-headers: *

GET
H3 200 app.min.js Show response
jeffreestarcosmetics.com/cdn/shop/t/242/assets/ 98 KB
30 KB 97ms
95ms Script
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/app.min.js?v=113412230177539477541709075668

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

8f644e23b79e6c1c3ed61fa20f5818630c17586f1e932367baba04e637ac8309

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 2471717
x-permitted-cross-domain-policies: none
content-encoding: br
server-timing: imagery;dur=64.278, imageryFetch;dur=64.089, cfRequestDuration;dur=15.000105
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 472f9eec-5b8f-433a-ac74-41c0d57a1da4
last-modified: Tue, 27 Feb 2024 23:14:29 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s0A1HGv9jPm6T14sIoxDloRZOlPDdhg3HQzP%2BjBQU%2BvH65jf8FUFqotrVkontclH%2BcivLypb3B4ZupRLc8hV4WJlQDBP%2B5cTHeef%2BrD9m1zbwDHIyz1K27Ul9lrIHanYZA1QIXBLINcMjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 86afdc8bff527148-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0673/2291/t/242/assets/app.min.js>; rel="canonical"
x-sorting-hat-podid: 126

GET
H3 200 md5.js Show response
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 8 KB
3 KB 58ms
34ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4243f06574c94ddaf59ee6002236835be6cbe83a0554865520bfb52338d28a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1193803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2194
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-2129"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XVZPMzorQ5FKOuQbaQEgQ2BXVyHifhRnXyPszzat1vUYtjqIMu8Mj8vI3zImA6wVieoJViypFMJGx5PPhuuwb%2BfrjAwJUQ066KDfxVUMstLVMEoaB0sCuBZS803JYSFHr2UZ73wJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86afdc8b6c00a1ff-YYZ
expires: Mon, 17 Mar 2025 13:52:32 GMT

GET
H2 200 ac-tiered-style.css
cdn.shopify.com/extensions/662670d3-25e4-41e9-a78f-d96076544226/discountly-pos-tier-discount-104/assets/ 1 KB
1 KB 46ms
44ms Stylesheet
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/extensions/662670d3-25e4-41e9-a78f-d96076544226/discountly-pos-tier-discount-104/assets/ac-tiered-style.css

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

a6eee58bc9d85eab55a8d76f49f03f44528975eb259573f418a7c78dbe425072

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 733
server-timing: imagery;dur=127.615, imageryFetch;dur=60.183, cfRequestDuration;dur=24.999857
alt-svc: h3=":443"; ma=86400
content-length: 320
x-xss-protection: 1; mode=block
x-request-id: 98049245-88ba-460e-a295-cc92c38b9d12-1711546802
last-modified: Wed, 27 Mar 2024 13:40:03 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WYDEZdrVSUJ6gg8XdCgo%2FzoeRlqJ4p3rm%2BKTyVza4TrjVvcmtsCxdbhx15rgQ8rzAAQ0b5rEO3fOxYRiaHEp5ocurFV35z5pi2zmqX1giN42vGeIWT56N3i9B91z27Jjiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/extensions/662670d3-25e4-41e9-a78f-d96076544226/discountly-pos-tier-discount-104/assets/ac-tiered-style.css>; rel="canonical"
cf-ray: 86afdc8b39eba1da-YYZ

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 135 KB
52 KB 137ms
54ms Script
application/javascript 142.251.179.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5PBK87Q

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

1852f7c3ade045bb1648a64441d727ad65c46cdf4162bb78dad3e1005cbf247e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52968
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Mar 2024 13:52:32 GMT

GET
H2 200 widget.js Show response
staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/ 442 KB
144 KB 515ms
437ms Script
text/javascript 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.js
Requested by: Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-174-68.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9cff48b2918dfd7bf3edc4226fb59739f4a2137622db8a859e8a46cc0861a14b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ratelimit-reset: 28
content-encoding: gzip
date: Wed, 27 Mar 2024 13:52:33 GMT
x-kong-proxy-latency: 30
env: PRODUCTION
x-ratelimit-limit-minute: 5000
x-kong-upstream-latency: 319
x-ratelimit-remaining-minute: 4998
ratelimit-limit: 5000
server-timing: edge; dur=4, origin; dur=396, cdn-cache; desc=REVALIDATE, ak_p; desc="1711547552677_400321240_1556291119_39994_3499_15_37_146";dur=1
correlation-id: 335c2629-7f93-4780-a0ed-9bfa59838001
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: public, max-age=10800
access-control-allow-credentials: true
ratelimit-remaining: 4998

GET
H3 200 baf064dacw059a0243p359f28e4m038b1d93m.js Show response
jeffreestarcosmetics.com/cdn/wpm/ 77 KB
29 KB 119ms
117ms Script
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

b96c94c1b99dc9bf133428f309db1af557ec022820e19728b169b50ecce8cf8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-east1
age: 590170
content-encoding: br
server-timing: imagery;dur=64.085, imageryFetch;dur=63.758, cfRequestDuration;dur=16.000032
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9b8617a2-eb00-4c2e-83af-47fa41297d45-1710957380
last-modified: Wed, 20 Mar 2024 17:56:20 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mdpqFjiqiMV84JBH4yOdWPssU%2BY68Ff7IwF4NTLWZjh0YM0Zcgyyzhrqq9gCvACSdzI0jUdpP539znioKdb%2B3IcLXNFEkRXD7BGiQAYYrNY4oG6F8aT5Ox4%2FanTkDyo89FqdB57m9rv8GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 86afdc8bff547148-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 trekkie.storefront.edae546725afe9e67372986831ce229a1cb75365.min.js Show response
jeffreestarcosmetics.com/cdn/s/ 113 KB
24 KB 43ms
41ms Script
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.edae546725afe9e67372986831ce229a1cb75365.min.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

15d2a1644d21426190a2e1ac405360081c1e3306d7d620f19cf144c28eddbf7f

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-east1
age: 2710
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=134.021, imageryFetch;dur=47.328, cfRequestDuration;dur=14.000177
alt-svc: h3=":443"; ma=86400
content-length: 23816
x-xss-protection: 1; mode=block
x-request-id: 6d6864d7-7dcd-46f5-ab09-34e0bd5022e4-1711544841
last-modified: Wed, 27 Mar 2024 13:07:21 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zf48Xh4%2F2IqnuSRpOdTixBAajszJyGwWjVuJ3A6r7BellQM1zu%2Bx4S9Cx5yisOmkyAVsdzxyY4R4OImKU%2FxWgsAqq0Qnt64PouKfI9ZgZnNRc0l7ddEcBZNFXMRGDnGxplsxSc3ogcEP7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86afdc8bff577148-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.edae546725afe9e67372986831ce229a1cb75365.min.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js Show response
jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/ 8 KB
4 KB 122ms
121ms Script
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-east1
age: 2833558
content-encoding: br
server-timing: imagery;dur=79.652, imageryFetch;dur=78.836, cfRequestDuration;dur=19.999981
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: e8ce648a-b088-45b4-887d-d98e49d46c6f
last-modified: Fri, 23 Feb 2024 18:46:29 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2BKBOhMZ%2BD5VTb4Lu5as3LtleEq0RLJ09BBQg3tUZQ09%2Bh3sc2DSLYl6EoSWTO17NeZW%2F9gGDEFuVwtqXfQ7ApAbegxL4y%2FPSSky31ArKtIZmd%2FxDF1LfzGpffoRbB0y4Oq1twPEaqn%2Fqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 86afdc8bff5b7148-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 shopify-boomerang-1.0.0.min.js Show response
jeffreestarcosmetics.com/cdn/shopifycloud/boomerang/ 58 KB
19 KB 71ms
70ms Script
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1
age: 6540514
content-encoding: br
server-timing: imagery;dur=22.033, imageryFetch;dur=21.781, cfRequestDuration;dur=16.000032
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 8f571782-b99e-4384-9fd9-6b888efeacb7
last-modified: Thu, 11 Jan 2024 21:03:58 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LdcTu4LLW80RWDJtd8yio6G2rX0Py8NXFgWKvJ8ScMlglkrjj4ZEDDzfKEisVW4jEFEEyJFdPHqIoay1SzaQyBmhbnoDZqyRANKMgDdhIVZF5sb4q%2F%2FryHeyZT4WZ6Q0b2m9WkGATjD8HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
cf-ray: 86afdc8bff457148-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 vdayheader.png
jeffreestarcosmetics.com/cdn/shop/files/ 2 KB
3 KB 122ms
121ms Image
image/webp 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffreestarcosmetics.com/cdn/shop/files/vdayheader.png?v=13740702845538464714

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

31c4e5bf8620de1ea3b8503c3df70c096c9668f824d2c61efde5dac252104a51

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 5340760
x-permitted-cross-domain-policies: none
source-type: image/png
server-timing: imagery;dur=166.187, imageryFetch;dur=42.013, imageryProcess;dur=100.333;desc="image", cfRequestDuration;dur=18.999815
source-length: 5257
content-length: 2360
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: d9321e11-e31f-469c-a1c4-1c61245cf015
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 25 Jan 2024 17:51:12 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=azEL56HVP%2BFOsHY8cNFjYdz9N4UFBwRxqSxoFOHR0PC2WjMI4q3I%2FYd3CsOmAkkQkSE3S%2F2YT93jO%2BevT0WukpN65xE9eficsyC%2FyS4F%2BD8JIjWp2wH5PoD%2FcQLsgSh94g1PZroJZpGfLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86afdc8bff5d7148-YUL
x-sorting-hat-podid: 126

GET
H3 200 loading.svg
jeffreestarcosmetics.com/cdn/shop/t/242/assets/ 571 B
1 KB 123ms
121ms Image
image/svg+xml 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/loading.svg?v=7860191987170627441698318736

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/style.scss.css?v=140125147679381315831698331454

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

b13f731e33ca920632336078d904c853eb745e0bfff9007d732a5979e82f4d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/style.scss.css?v=140125147679381315831698331454
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-east1
age: 10738325
content-encoding: br
source-type: image/svg+xml
server-timing: imagery;dur=91.904, imageryFetch;dur=89.833, imageryProcess;dur=0.064;desc="image", cfRequestDuration;dur=23.000002
source-length: 571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: c6dc3dd5-e349-45d3-960a-92aa5da9f3b9
last-modified: Fri, 17 Nov 2023 11:09:20 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MlqXc%2Fcqy11%2F%2FaGtqnuc31rrjCIFUZHct3eut5MbfMMpDAp0MbDYjPUIiF1IpUSnRg8phinthRsNdumasuPy02T4cUaxzzxhwMTvZC8j9gh741A3lIeo9VR4eA1j6nDK9pPpaVD%2B2PPNpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
cf-ray: 86afdc8bff5f7148-YUL
x-sorting-hat-podid: 126

GET
H3 200 sprite-icon-6679e1aa.svg
jeffreestarcosmetics.com/cdn/shop/t/242/assets/ 20 KB
6 KB 122ms
121ms Image
image/svg+xml 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/sprite-icon-6679e1aa.svg?v=20101525309612974631698318736

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/style.scss.css?v=140125147679381315831698331454

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

575c6454d5b68907556ef61d448e895eae146fb02cc59082f7c7e94e9b54fc2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/style.scss.css?v=140125147679381315831698331454
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-east1
age: 10738325
content-encoding: br
source-type: image/svg+xml
server-timing: imagery;dur=83.254, imageryFetch;dur=74.900, imageryProcess;dur=0.114;desc="image", cfRequestDuration;dur=21.000147
source-length: 20099
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 5edc419b-7494-4457-b0d5-d32e861df784
last-modified: Fri, 10 Nov 2023 08:57:00 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VEEvQpt%2BNjcSAUrdykVKyCLmqI7OkQwH7n9y0GiQY44z7i7as4T5OglELa2lcFLOBuwzTNwX4zGgCTnN46FNQmTlc1KbCv68OROC8wm8GxjOH6T2dWp9iDguUZ9jjvMwqXjBD0dsiZ9rdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
cf-ray: 86afdc8bff607148-YUL
x-sorting-hat-podid: 126

GET
H2 200 BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2
fonts.gstatic.com/s/ptsansnarrow/v18/ 50 KB
50 KB 136ms
59ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsansnarrow/v18/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anton&family=Oswald:wght@400;600;700&family=PT+Sans+Narrow:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

c9881931311b77f935225d7eeb7ebd0395480a7737a56d427778c98534ade38a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 23 Mar 2024 19:36:12 GMT
x-content-type-options: nosniff
age: 324980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51384
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:10:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Mar 2025 19:36:12 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v53/ 21 KB
21 KB 114ms
38ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anton&family=Oswald:wght@400;600;700&family=PT+Sans+Narrow:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 12:00:51 GMT
x-content-type-options: nosniff
age: 93101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21444
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Mar 2025 12:00:51 GMT

GET
H2 200 BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
fonts.gstatic.com/s/ptsansnarrow/v18/ 35 KB
36 KB 162ms
85ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anton&family=Oswald:wght@400;600;700&family=PT+Sans+Narrow:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

4b6275c7977f0cd7698d38c7726149bbb2a9902d33e7dd48a192a889c19f5ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 10:03:09 GMT
x-content-type-options: nosniff
age: 186563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36344
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:05:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Mar 2025 10:03:09 GMT

GET
H2 200 1Ptgg87LROyAm3Kz-C8.woff2
fonts.gstatic.com/s/anton/v25/ 18 KB
18 KB 156ms
79ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anton/v25/1Ptgg87LROyAm3Kz-C8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anton&family=Oswald:wght@400;600;700&family=PT+Sans+Narrow:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

f9ad420bf51c2930fc2a49d44209d202cb18acb2d8b82853a01023e69eab6885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 10:03:09 GMT
x-content-type-options: nosniff
age: 186563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18796
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:21:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Mar 2025 10:03:09 GMT

GET
H2 200 fender_analytics.ef4116f665b9b33c638e.js Show response
static-tracking.klaviyo.com/onsite/js/ 31 KB
12 KB 64ms
19ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.ef4116f665b9b33c638e.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c33ac6bac0d25dcb6f29eca048dfb3fcc7e0e50ef3df9aecb3f5375f7b1300b9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: D7d8SMg9JwWnVKVLbBADvXiYsHJGXaSm
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 13:52:32 GMT
x-amz-request-id: 4CRGPH5MK9EGCT38
age: 2283
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12138
x-amz-id-2: WV4R2V7QFC8kw04ncge9bLb5YZBaZdwZ9bmqr0XOczC+F5YW+Ks+YomUE4h7iTbHiuslR3XV/M8=
x-served-by: cache-lga21921-LGA, cache-yyz4526-YYZ
last-modified: Thu, 29 Feb 2024 01:31:33 GMT
server: AmazonS3
etag: "1c1ff17ca82da1c09cc65108b4b565bf"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 771bbde1e53e812fa870a548a80f450846d20814
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 58, 1520

GET
H2 200 static.500134348b1f0969ffe3.js Show response
static-tracking.klaviyo.com/onsite/js/ 2 KB
1 KB 64ms
19ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 7U3jLLw9z4sVt_PYSHf5O2sK.gyJewM_
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 13:52:32 GMT
x-amz-request-id: 4CRPYHS3F7K4D385
age: 2283
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 985
x-amz-id-2: 2Ym4rT3wvHvg4KVFVjOt14zJE3tHMBUQ6D3ERCx5FQnbpUe004rhSpytFdKz3bo6qS30WNLsYqg=
x-served-by: cache-lga21976-LGA, cache-yyz4526-YYZ
last-modified: Thu, 29 Feb 2024 01:31:33 GMT
server: AmazonS3
etag: "64de10774c3382fe4adddab07ea17f0d"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 771bbde1e53e812fa870a548a80f450846d20814
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 22, 1587

GET
H2 200 runtime.ac002e97523e0e78dcff.js Show response
static.klaviyo.com/onsite/js/ 20 KB
9 KB 57ms
19ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.ac002e97523e0e78dcff.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e8ff7c362f70415bad137f8dfc71381b3859938058ea93497ce49431ca5041e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Y4mTKh4fTMF4sgzrq9uXntWyMWX70fZI
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 13:52:32 GMT
x-amz-request-id: FYRMZNJQHAH2DDFV
age: 2282
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8355
x-amz-id-2: ogoNLiBd5XrDN7XOYIu9Vq6HWn0fHuKrRweZ5APh6lPin65CXUp0se5hBgReJyn8wRVwjT9WEx4=
x-served-by: cache-lga21953-LGA, cache-yyz4566-YYZ
last-modified: Mon, 25 Mar 2024 15:48:43 GMT
server: AmazonS3
etag: "0389a784f33b8e18ea209c26ce761280"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 154b3c2da6cc6705406b66ef6a709c6e6f975883
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 6, 1834

GET
H2 200 sharedUtils.da5b208f17f49ca644cf.js Show response
static.klaviyo.com/onsite/js/ 44 KB
17 KB 74ms
36ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.da5b208f17f49ca644cf.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b815979d86effe554c2c612fb559b096c95f4de32c796f64554f6db8efef34e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: nPpew2aRjLe6Q49h6JWOnEpN1rCpsisb
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 13:52:32 GMT
x-amz-request-id: MFHS0C661464BTG0
age: 2282
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 17037
x-amz-id-2: uKqdhbS0m0CaLY1Br3sDxol//xvjMLVTIUhnoX/kv/aZGEhpSOV+imLKgbwMveooX3ai2jR//oY=
x-served-by: cache-lga21947-LGA, cache-yyz4566-YYZ
last-modified: Tue, 26 Mar 2024 01:54:42 GMT
server: AmazonS3
etag: "da4c6ecbf818aeea800b75a20a058592"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: b73be40bfdaa4b5867e86d56c4601a5421797eb1
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 35, 1868

GET
H2 200 vendors~signup_forms~onsite-triggering.864cb3176bd70af21590.js Show response
static.klaviyo.com/onsite/js/ 20 KB
7 KB 87ms
50ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms~onsite-triggering.864cb3176bd70af21590.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5478093cbd10c6f050a10a8b06ea68f587a3b237718cd1a1b1f9b8b37ccff4a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: VL81xCfcRn1Ol1kdKune1PLT11kNI9M0
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 13:52:32 GMT
x-amz-request-id: 4CRVN907YG8C7VW0
age: 2282
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7259
x-amz-id-2: 8mkoZTFnamljJevlesSEfBCVDYcuO/tVv3WKHq48QIK1zZvj3+TlVw6odvWxS8SuqSHkN1k+7D2ua4xPYO2AcQ==
x-served-by: cache-lga21932-LGA, cache-yyz4566-YYZ
last-modified: Thu, 29 Feb 2024 01:31:33 GMT
server: AmazonS3
etag: "6892cb06d116035760ead469a5a594cf"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 771bbde1e53e812fa870a548a80f450846d20814
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 6, 1336

GET
H2 200 vendors~signup_forms.e707d6d405eecdf67185.js Show response
static.klaviyo.com/onsite/js/ 12 KB
4 KB 73ms
36ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.e707d6d405eecdf67185.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb8d8f1ac92076838afbc5d039b1f60ad83c1dcb38911112059afeae7dc4583d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: x7k9_zv1oLI4LVlzFX.2zxKBgEsM_l21
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 13:52:32 GMT
x-amz-request-id: 4CRY67KS13SG0DK1
age: 2282
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4243
x-amz-id-2: ncnHSydBqe+riaClocDEH5qnzheGxl+QNX6LdYrssJo+xTuCXC2W8x89BPyEKoOaH/QinAUqN0hLl9wc2MzKTg==
x-served-by: cache-lga21965-LGA, cache-yyz4566-YYZ
last-modified: Thu, 29 Feb 2024 01:31:33 GMT
server: AmazonS3
etag: "05af735bb01844f826e4e4e8be8d4529"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 771bbde1e53e812fa870a548a80f450846d20814
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 2, 1353

GET
H2 200 default~signup_forms~onsite-triggering.f802a18932c79492ad38.js Show response
static.klaviyo.com/onsite/js/ 30 KB
9 KB 74ms
37ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.f802a18932c79492ad38.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 381b37762970831071baa2916dcb4008f0039de83e6db97e20085b3c61daff54

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qtsFjYDk4BlUn1g2DS.n32I2O7qXdXfl
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 13:52:32 GMT
x-amz-request-id: 4CRTKB0W9BVM3YC4
age: 2282
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 9344
x-amz-id-2: sUZCC/XYisYq1fZWWJVNleCm/G5zoeNgqLrPnKuBIeszvSl1wSmv2+K3GcspjUwUm76ijPx7iDbDMLATKYRBgg==
x-served-by: cache-lga21950-LGA, cache-yyz4566-YYZ
last-modified: Thu, 29 Feb 2024 01:31:33 GMT
server: AmazonS3
etag: "d34d9221f78489a21a7b023ac739adae"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 771bbde1e53e812fa870a548a80f450846d20814
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 7, 1326

GET
H2 200 signup_forms.b6b6f28ee33b9d03e436.js Show response
static.klaviyo.com/onsite/js/ 14 KB
5 KB 56ms
19ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.b6b6f28ee33b9d03e436.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d32eb598d06797c30eb0ab0f472c07bb6798f03654f4829a964a70d5c4dec9da

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: q4mIl_IF.X3y.iWtVRI1Eta8k8DwnNGZ
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 13:52:32 GMT
x-amz-request-id: CDMVSR8YGHQMP3KD
age: 2282
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5333
x-amz-id-2: oxIzIsftv/NltM3v/TNnoLN8rOlMjIRT4Pv7wqlAw53DKrQeJHsmKq7wtkbwGI0dPXj6tba2ZNo=
x-served-by: cache-lga21973-LGA, cache-yyz4566-YYZ
last-modified: Thu, 14 Mar 2024 14:15:17 GMT
server: AmazonS3
etag: "f83889f3ef9aba34fbff7085add56783"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 45b57a56e703881dbf8671f9858e991148697c50
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 44, 1387

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 141ms
54ms Script
text/javascript 172.253.62.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: amaicdn.com
URL: https://amaicdn.com/discountmanager/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f95.1e100.net

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 08:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 08:11:36 GMT

OPTIONS
H/1.1 200
OK setting.json
app.restockrocket.io/api/v1/ Frame 0
0 152ms
41ms Preflight 23.22.5.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.restockrocket.io/api/v1/setting.json?translation_locale=en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-5-68.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ngrok-skip-browser-warning,x-shopify-shop-domain
Access-Control-Request-Method: GET
Origin: https://jeffreestarcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: ngrok-skip-browser-warning,x-shopify-shop-domain
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Access-Control-Max-Age: 7200
Connection: keep-alive
Content-Length: 0
Date: Wed, 27 Mar 2024 13:52:33 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711547553&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=1tqxeSBCuvfAOqJSesZVNkFZA6ItzwycPcyjAYSq55s%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711547553&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=1tqxeSBCuvfAOqJSesZVNkFZA6ItzwycPcyjAYSq55s%3D
Server: Cowboy
Via: 1.1 vegur

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 301 KB
92 KB 132ms
82ms Script
application/javascript 104.22.0.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32ae1f4874f0dc708000247f3fb1ad47327f08b5752bd1ed1242b02318e83af6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPoE_srf-CjfND2z47Ji7KSRjs41YmnNhrKMLdK-eAV0x8nZBUnslxkEs7kCy_vz4tmpgopAPJgc5g
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Tue, 26 Mar 2024 09:50:42 GMT
server: cloudflare
etag: W/"56f0d1ba17b4ef7a37f0805af8f4a6bb"
vary: Accept-Encoding
x-goog-generation: 1711446642081035
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=Fz+mSg==, md5=VvDRuhe073o38IBa+PSmuw==
access-control-expose-headers: *
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 308043
cf-ray: 86afdc8fba1336d1-YYZ
expires: Thu, 27 Mar 2025 13:52:33 GMT

GET
H2 200 7974f39b-67ff-4bc1-9a4a-de60f7cb81d9 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 101ms
54ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/7974f39b-67ff-4bc1-9a4a-de60f7cb81d9

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=7974f39b-67ff-4bc1-9a4a-de60f7cb81d9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ad91996e3d3f195379a0b9fe37eba7f4e13721ef255d12b28429fbf2a58cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 50
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 86a65055cb2b08f4-SEA, 86a65055cb2b08f4-SEA
x-runtime: 0.009354
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"e0ad91996e3d3f195379a0b9fe37eba7"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=00K2o1MV59jtuV58xyAM4G2UpCcgQOuhRNH7YlLGyuMzH2knbi42SX%2B44oC5oBpScn3BfKeZpzKMZM%2Fo2YQgApbiXBJqMmnPs61jRJjjs7EtVMEWV7ThSwXYwjFbNMM%2F%2BTg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 86afdc8fbcf636ca-YYZ

GET
H/1.1 200
OK w.js Show response
d1stxfv94hrhia.cloudfront.net/waves/v3/ 47 KB
15 KB 93ms
31ms Script
application/javascript 3.162.3.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1stxfv94hrhia.cloudfront.net/waves/v3/w.js
Requested by: Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-118.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6042b166cdc76df9094329890799d3832fc9d6d19ac22053c9a0f2088fe6634e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 06:44:42 GMT
Content-Encoding: gzip
Via: 1.1 141b2a0bfdcf3225afbe04affb901120.cloudfront.net (CloudFront)
Last-Modified: Wed, 08 Feb 2023 18:55:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P2
Age: 25671
ETag: W/"8af578dcdc48235e08ec93906269dcc1"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: z9qfMA-kcPvHWNGwnXlDEnBJdY2NSVUjgBH21CyCGzI8mUU-AooiLw==

GET
H/1.1 200
OK setting.json Show response
app.restockrocket.io/api/v1/ 4 KB
3 KB 54ms
54ms Fetch
application/json 23.22.5.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.restockrocket.io/api/v1/setting.json?translation_locale=en

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-22-5-68.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

1511e97896db948e9e058259af4d24e6175730bbfa69517d161a12e0be9be417

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
ngrok-skip-browser-warning: skip
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://jeffreestarcosmetics.com/
X-Shopify-Shop-Domain: jeffree-star-cosmetics.myshopify.com
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 13:52:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies: none
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711547553&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=1tqxeSBCuvfAOqJSesZVNkFZA6ItzwycPcyjAYSq55s%3D
X-Request-Id: cd44eb7c-db8e-4f72-ba60-de3f2bce9a19
X-Runtime: 0.011867
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 31 Jan 2024 06:43:09 GMT
Server: Cowboy
X-Download-Options: noopen
Access-Control-Max-Age: 7200
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711547553&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=1tqxeSBCuvfAOqJSesZVNkFZA6ItzwycPcyjAYSq55s%3D"}]}
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=0, private, must-revalidate
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding, Origin

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
30 KB 43ms
42ms Script
text/javascript 172.253.62.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f95.1e100.net

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 08:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 08:09:08 GMT

GET
H2 200 bundle.js Show response
cdn-widgetsrepository.yotpo.com/widget-assets/yotpo-pixel/2024-02-21_09-17-48/ 47 KB
15 KB 45ms
44ms Script
text/javascript 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-widgetsrepository.yotpo.com/widget-assets/yotpo-pixel/2024-02-21_09-17-48/bundle.js
Requested by: Host: cdn-widgetsrepository.yotpo.com
URL: https://cdn-widgetsrepository.yotpo.com/v1/loader/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-174-68.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b94731d440087668033de043ac96ec34fca2186bb8c5acf1196106df93b1be4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: yYGgcnOvxFbCCkF4QN4AlrAfTD93uG6Z
content-encoding: gzip
date: Wed, 27 Mar 2024 13:52:33 GMT
x-amz-request-id: AH8F5DDS19A3V992
x-amz-server-side-encryption: AES256
content-length: 15029
x-amz-id-2: k0Z0eDtgID41NPWLbX/CBchMm0RF2RE2FBrdh3sK8+hb3/Nd8YMK1mmliNnv0Nh87hpdaXMGF8M=
last-modified: Wed, 21 Feb 2024 09:17:50 GMT
server: AmazonS3
etag: "cc22c429f3431d2fb30ebc514f9e3b24"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 27 Mar 2025 13:52:33 GMT

GET
H2 200 app.v0.8.3-5890.js Show response
cdn-widgetsrepository.yotpo.com/widget-assets/widgets-initializer/ 38 KB
12 KB 39ms
38ms Script
application/javascript 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-widgetsrepository.yotpo.com/widget-assets/widgets-initializer/app.v0.8.3-5890.js
Requested by: Host: cdn-widgetsrepository.yotpo.com
URL: https://cdn-widgetsrepository.yotpo.com/v1/loader/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-174-68.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b8cd90329cd1c01ece6d7198416368323c1c7fb2a8a4abb412415369e844b30a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: WACEYUocKS2k_BwjZp1G2Vp7wpECpRMm
content-encoding: gzip
date: Wed, 27 Mar 2024 13:52:33 GMT
x-amz-request-id: KSVNE5HY6JBZTQAH
x-amz-server-side-encryption: AES256
content-length: 11977
x-amz-id-2: 2N4NErfI1YCYjvyRQDlZaBdWbM2eC39U3VnYnovthy0dfIGFv1SZ8WNZ5m9l/BHlqLHi+bpjT6c=
last-modified: Thu, 22 Feb 2024 09:22:46 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1708593764/ctime:1708593764/gid:117/gname:jenkins/md5:73d32f0189bd428988ebed8bda744ddf/mode:33188/mtime:1708593764/uid:110/uname:jenkins
etag: "73d32f0189bd428988ebed8bda744ddf"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 27 Mar 2025 13:52:33 GMT

GET
H3 200 / Show response
jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/custom/web-pixel-shopify-custom-pixel@0575/sandbox/modern/ Frame 4552 40 KB
17 KB 107ms
106ms Document
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/custom/web-pixel-shopify-custom-pixel@0575/sandbox/modern/

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

665e3e60538ea476ded6e28d149d6aa0657ef9109734a5899354494bf79deb5d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jeffreestarcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-CA,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 588015
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000, public
cf-cache-status: HIT
cf-ray: 86afdc8facfd7148-YUL
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 13:52:33 GMT
etag: W/"cacheable:e9ceb43fde8af88b81cde9c08d4f4825"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2FARyxE92i132CqMYYtkrmpM6a2vTuZWpt1auLkn%2Fxj5mErhl0d4VzOyH3cI3uGLnumRmUWQtLcWh0sQhMmAYocWkOMuitTuIypUzqywKhlr%2FIMWVf870tv15%2ByGbDrokNHIi9mRKAt8aA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=22;desc="gc:2", db;dur=9, asn;desc="20115", edge;desc="MSP", country;desc="US", theme;desc="143359049855", servedBy;desc="x8g8", requestID;desc="8a5735a5-5082-445f-994a-3eb8b2099e2b-1710958875" cfRequestDuration;dur=78.000069, earlyhints
strict-transport-security: max-age=7889238
vary: Accept, Accept-Encoding
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-northamerica-northeast2,gcp-us-central1
x-download-options: noopen
x-envoy-upstream-service-time: 23
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 8a5735a5-5082-445f-994a-3eb8b2099e2b-1710958875
x-robots-tag: noindex, nofollow
x-shardid: 126
x-shopid: 6732291
x-shopify-stage: canary
x-sorting-hat-podid: 126
x-sorting-hat-shopid: 6732291
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

POST
H3 200 produce_batch
jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/ 0
794 B 81ms
80ms Ping
text/plain 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.edae546725afe9e67372986831ce229a1cb75365.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=52.000046
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: cc9659d2-648d-4385-b575-5c4576d1dd0d
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQma8wWehv5y5jOpm0CDSSPgZugHHXmjVxefrA826Gq8bcjoGY5R1aPS2AfUPKxzh61onsjaUjVuJ3M1p9uPUbECRWjCEPtmnd6oY6kTgsWaCClYm7%2BfY2p2UA41WoCB9%2BIA0rfjsdAaXA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 86afdc8fcd477148-YUL

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 113ms
36ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.edae546725afe9e67372986831ce229a1cb75365.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 27 Mar 2024 13:52:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58040
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1380, tbw=2788, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: Grtean/GvMNsur/Po9lviThOdwRwBRDEAuoU7MuA6LTtnnny4yWddkNCQlIR91esvuTbU/m0fdp+IqX7Fd2lIA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 116ms
36ms Script
text/javascript 142.251.163.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.edae546725afe9e67372986831ce229a1cb75365.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Mar 2024 11:55:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7050
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 27 Mar 2024 13:55:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 59ms
57ms Script
application/javascript 142.251.179.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-81RXDPTBJQ

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.edae546725afe9e67372986831ce229a1cb75365.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d83bc89cefaa62a09b8c0310d4ccf5a997bd7618861245d0f68a89826841ee22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93548
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Mar 2024 13:52:33 GMT

GET
H3 200 worker.modern.js
jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/ 50 KB
21 KB 45ms
44ms Other
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

f62dc3f5f8ca06800b802f0b40c0e35308076893a773451f3c04b38f41af3f02

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-encoding: br
x-permitted-cross-domain-policies: none
age: 588385
server-timing: processing;dur=27;desc="gc:1", db;dur=15, asn;desc="13335", edge;desc="MSP", country;desc="US", servedBy;desc="ndfz", requestID;desc="e90efc2f-b26a-494d-9202-64e3b0e6a148-1710957787", cfRequestDuration;dur=17.000198
x-sorting-hat-shopid: 6732291
x-shardid: 126
x-storefront-renderer-rendered: 1
etag: W/"cacheable:e9671247ded371b1370d0d3977226de4"
x-shopid: 6732291
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding
content-type: text/javascript; charset=utf-8
content-language: en
cache-control: max-age=31536000, public
x-robots-tag: noindex, nofollow
date: Wed, 27 Mar 2024 13:52:33 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-cache: miss
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: e90efc2f-b26a-494d-9202-64e3b0e6a148-1710957787
x-shopify-stage: production
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sWj80%2FU98bR30wsheJ4G91iBlr3TeNw07CAuLnbPx8iOf0Kja8MmuK055Wzdp%2FBM%2FP2DZojWxQNS8pH%2BI%2BRLNG2tePWMUxMN%2FMNLCSbh5OsmgOV4f5lM6HNFMCsARtOHQD3KI0GE4vc8KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 86afdc8fed9e7148-YUL
x-sorting-hat-podid: 126

GET
H3 200 worker.modern.js
jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-shopify-app-pixel@0575/sandbox/ 39 KB
17 KB 45ms
45ms Other
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-shopify-app-pixel@0575/sandbox/worker.modern.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

dea5769a3218c9f801260d6f31e012cc152068fc321d4604d9f62fbeacd74577

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-encoding: br
x-permitted-cross-domain-policies: none
age: 588385
server-timing: processing;dur=17, db;dur=6, asn;desc="13335", edge;desc="MSP", country;desc="US", servedBy;desc="x8g8", requestID;desc="550671c8-ab82-433f-9e57-799089e4abc0-1710957787", cfRequestDuration;dur=17.000198
x-sorting-hat-shopid: 6732291
x-shardid: 126
x-storefront-renderer-rendered: 1
etag: W/"cacheable:c2a40cf5a9a71131b2aa5d5a235b2b79"
x-shopid: 6732291
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding
content-type: text/javascript; charset=utf-8
content-language: en
cache-control: max-age=31536000, public
x-robots-tag: noindex, nofollow
date: Wed, 27 Mar 2024 13:52:33 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-northamerica-northeast2,gcp-us-central1
x-cache: miss
x-envoy-upstream-service-time: 18
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 550671c8-ab82-433f-9e57-799089e4abc0-1710957787
x-shopify-stage: canary
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kDyzKS05s%2FsQcPDpZxoXHj7f10pSP1BhRqlUTcGc0YD35j5CQZZNit5zjhzfOS47tkJZu9k%2BB%2BcohijWn%2BYyn4IeY9olvfKl4RVtYU0EQd6I4bHYd2Z1IB3LJvEGARs812YeQBzGrQbwWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 86afdc8feda27148-YUL
x-sorting-hat-podid: 126

POST
H3 200 produce_batch
jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/ 0
796 B 79ms
78ms Ping
text/plain 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.edae546725afe9e67372986831ce229a1cb75365.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=51.000118
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: cbe7edf0-dab4-4333-b57e-2dd2b4d98acd
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kFitK%2ByGmsgkCnjythML182DviuD5zceaTC5A4AdYVDs7WhmjGyfxqgfxyyUPE59tGMge8mAhJrwncIbWaVFnoKqe%2FyF%2FRIgIp7urneohBGswCAasuN8ajwngq3sUHz59A%2F9VQZ7JOVGpw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 86afdc8fedaa7148-YUL

POST
H3 200 produce_batch
jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/ 0
797 B 87ms
87ms Ping
text/plain 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.edae546725afe9e67372986831ce229a1cb75365.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=58.000088
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: fd1046e6-490e-493d-b6ba-d3c88d6cb56a
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jI0YeyBu0jRQvjKM%2BAnioG7nlCw%2BHKo8rJ%2BZLJzo56UI24BfcIwFhjxPIVHAJvMUuQeSVr8nH0cCnUug12Ezkbvp1vQQMwMv7GLpG9PDyWcHuS05plk9HlGmeRHIPQgx5CglU2jcpfn3IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 86afdc8ffdb97148-YUL

POST
H3 200 produce_batch
jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/ 0
803 B 83ms
83ms Ping
text/plain 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.edae546725afe9e67372986831ce229a1cb75365.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=52.000046
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: de21b5cb-0056-49f2-86a1-6c9f186694d1
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qRdn%2BI4UkU%2Fm4uOLOlUkniP8u85P%2FYg2W5FOvXAg%2BeAp%2B9O5aEgqkgw87NRI9MxhZ4Hf2x%2FrvOmgfLc7xN5fkZFGjf8pQ0yjd14HWVZxTcg8udnFIs0hsHPvfBPtC4JW7pdS12bCEQs%2BYw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 86afdc8ffdba7148-YUL

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 2 KB
1 KB 64ms
20ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=RSWrmg

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7c27fecfd9db86f1d6da1e1da01c32a1708db7e55e645f5db4686fe8c9f9f258

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=900

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 13:52:33 GMT
strict-transport-security: max-age=900
age: 7461031
x-cache: HIT, HIT
content-length: 506
x-served-by: cache-bos4669-BOS, cache-yyz4543-YYZ
server: nginx
allow: GET, HEAD, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=10
access-control-allow-credentials: true
vary: Accept-Encoding, Cookie
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 3295, 1

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v7/RSWrmg/ 10 KB
3 KB 63ms
19ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v7/RSWrmg/full-forms
Requested by: Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88f823cd241df676e35d8cb6c400f4940fb2a8c44ff9b5a14896efe9ed029895

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: irVqH6FLGxjFZG_WqsmVLJrCo1.8p_uq
content-encoding: gzip
via: 1.1 varnish
date: Wed, 27 Mar 2024 13:52:33 GMT
x-amz-request-id: PA9FTPK0H4Z9V337
age: 599417
x-amz-server-side-encryption: AES256
x-cache: HIT
client-geo-continent: NA
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/RSWrmg custom-fonts/RSWrmg
content-length: 2704
x-amz-id-2: J+HGny9KsJiptv8M9I5UmZU+aTr2k7kKvkgOTwo2fil2WiTJ0dDkBDoz2Fz8xJ1EIpWXXVz4AtI=
x-served-by: cache-yyz4556-YYZ
client-geo-country: CA
last-modified: Wed, 20 Mar 2024 15:17:27 GMT
server: AmazonS3
x-timer: S1711547553.326578,VS0,VE1
etag: "ebc4295e6c48bae587bdd35bc5c29f86"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 widget.css
staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/ 480 KB
39 KB 53ms
52ms Stylesheet
text/css 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.css?widget_version=2022-12-28_17-32-53

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-174-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

9efc3f5b9a825c28d7679a389d8f9e77fc78bebde99071d41891b49b59347a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: br
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=13, origin; dur=0, ak_p; desc="1711547553302_400321240_1556292157_1308_4896_15_0_255";dur=1
content-length: 39611
x-xss-protection: 1; mode=block
x-request-id: eccf4f72789629fd3a0c3b34af34c464
x-runtime: 0.096631
etag: W/"d241b6ae5dab934b9588c11ff8c974c8"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: public, max-age=3083
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 60ms
59ms Script
application/javascript 142.251.179.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-81RXDPTBJQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PBK87Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

c30f96a0ea18c8b9ab21f72623f8192fc27a16c7ed8478e869a6352b6250acac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93559
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Mar 2024 13:52:33 GMT

GET
H2 200 0d6c9fafccdc6c1b1cbc4d0ba7ce7043.js Show response
amaicdn.com/discountmanager/store/ 3 KB
1 KB 32ms
31ms Script
application/x-javascript 172.67.68.196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://amaicdn.com/discountmanager/store/0d6c9fafccdc6c1b1cbc4d0ba7ce7043.js?1711547553044

Requested by

Host: amaicdn.com
URL: https://amaicdn.com/discountmanager/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.196 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67fe368168d4d8dbfa1ce733163fe43075e50eb2696b487f84387ad27065282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: gzip
via: 1.1 5f3758e5ae00fa64427cf258109c7a90.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-P1
age: 529
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 967
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 26 Mar 2024 16:33:06 GMT
server: cloudflare
etag: "89815ec9f0767d031c50c757df8998a6"
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qLqU03jmfPscOpB4L%2FXKkzbVCtrrn%2BG98YjS3ASfhgP4WdLxGZT3h7WtGcUrLJ5RdOfnB%2BxBi2eYZEWFuHv6B4ldwY1fy10uB4k9sh5FLp3speNjg0WKse8RKsTY"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 86afdc903f5238e4-YYZ
x-amz-cf-id: ep-RunjRJ0Fuuxsh8Eu5zkOdSlc6owoMLaVeAdzYGJkTu7INLr22oA==

GET
H/1.1 200
OK ac-tiered-sub-product.js Show response
customerapp.anncode.com/api/clientStoreSubtotalPdPage/6732291/143359049855/ 17 KB
5 KB 728ms
241ms Script
text/html 13.127.102.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customerapp.anncode.com/api/clientStoreSubtotalPdPage/6732291/143359049855/ac-tiered-sub-product.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.127.102.73 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-127-102-73.ap-south-1.compute.amazonaws.com

Software

nginx/1.14.0 (Ubuntu) / Express

Resource Hash

b2dae0a5c9a0b003395edb9cc6626d1d276aeeb7f8a923148b5c246fdc5d3c83

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://undefined https://admin.shopify.com

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 13:52:33 GMT
Content-Security-Policy: frame-ancestors https://undefined https://admin.shopify.com
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"4464-NUJOb//9nQ7aeCDof7cecYALv+w"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK ac-tiered-sub-cart.js Show response
customerapp.anncode.com/api/clientStoreSubtotal/6732291/143359049855/ 22 KB
6 KB 718ms
238ms Script
text/html 13.127.102.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customerapp.anncode.com/api/clientStoreSubtotal/6732291/143359049855/ac-tiered-sub-cart.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.127.102.73 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-127-102-73.ap-south-1.compute.amazonaws.com

Software

nginx/1.14.0 (Ubuntu) / Express

Resource Hash

d4aa3444bfbeeef5b54c3c84ed94595c16b297c7fcbe18602fdb9b194642d7ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://undefined https://admin.shopify.com

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 13:52:33 GMT
Content-Security-Policy: frame-ancestors https://undefined https://admin.shopify.com
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"5613-WlvbI2BhjcT+BPEyJH5LuNTHIV0"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 consent-tracking-api.js Show response
jeffreestarcosmetics.com/cdn/shopifycloud/consent-tracking-api/v0.1/ 13 KB
5 KB 45ms
45ms Script
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cdn/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

b701c98e464a82589aa5dfa3ac2d36e9ef3fb403c435c8a0642b4474e86185b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 1015
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=96.336, imageryFetch;dur=30.890, cfRequestDuration;dur=16.999960
alt-svc: h3=":443"; ma=86400
content-length: 4167
x-xss-protection: 1; mode=block
x-request-id: 720a2881-9670-427a-a550-80dba1a495d2-1711545945
last-modified: Wed, 27 Mar 2024 13:25:45 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFA9U7XRC09kXDnaTfes%2FQTWDubUo9BB4jkhpBbq1GBvl3ivq8UEOiHCTHIzucQPVE0dkXFpO60hd6FuLXp6rywnj56ocJtCAhtqNQDmnOFcfAhLr14%2BVPTAhY7%2BM5vq8mmf6akRrN58yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
accept-ranges: bytes
cf-ray: 86afdc905e4c7148-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 session Show response
shop.app/pay/ 18 B
2 KB 140ms
107ms Fetch
application/json 23.227.38.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1&token=1c704807-8563-4a8a-a269-462a56b21a3d&shop_id=6732291

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.33 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

checkout.shopify.com

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://.hcaptcha.com; frame-ancestors admin.shopify.com https: .myshopify.com admin.shopify.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-security-policy: default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://*.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com; frame-ancestors admin.shopify.com https: *.myshopify.com admin.shopify.com
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-northamerica-northeast2,gcp-us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: CP="Not used"
server-timing: cfRequestDuration;dur=70.999861
alt-svc: h3=":443"; ma=86400
content-length: 18
x-xss-protection: 1; mode=block
x-request-id: fa4e31ab-5f20-43f4-aa47-fe06f24a3025-1711547553
x-runtime: 0.003821
server: cloudflare
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://jeffreestarcosmetics.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m1dLof6g3l%2BlQB%2BzXiZBA4wNPj0WpqbXujrf3%2FAcpsW0fqWTOS8FhxzPrElbGWrKfwK2EdRL5qI4sVaki%2FuyUmwrtVOmVbHnwHTQmrSZCl%2B76DcY1tbHl6dX"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
vary: Accept, Origin
x-robots-tag: noindex
cf-ray: 86afdc90a9de7136-YUL
x-frame-options: DENY
x-sorting-hat-podid: -1

GET
H3 200 cart Show response
jeffreestarcosmetics.com/ 3 KB
3 KB 159ms
158ms Fetch
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cart?view=drawer-ajax&timestamp=1711547553338

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

d13b8eb6f5e95444487a5c7a4446d44a6eb4738b9e8f2007a124a38525c283e3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=7889238
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
x-cache: miss
server-timing: processing;dur=59, db;dur=23, fetch;dur=1, render;dur=1, wasm, asn;desc="212238", edge;desc="YUL", country;desc="CA", theme;desc="143359049855", pageType;desc="cart", servedBy;desc="llk5", requestID;desc="9b578178-66a9-43ab-8b8e-32e75aada4fa-1711547553", cfRequestDuration;dur=125.999928, earlyhints
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 9b578178-66a9-43ab-8b8e-32e75aada4fa-1711547553
x-shardid: 126
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
etag: "cacheable:f2f8cd338b8fe6415548d943ed2788ed"
x-shopid: 6732291
x-frame-options: DENY
vary: Accept
content-type: text/html; charset=utf-8
content-language: en
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1k%2B2diEbd4GuuidpsKbTuvDlPv4RtF73No7hWEkNpNGZ4lD%2BXKhxYx0Ym%2B35EPcpM%2FEOK1%2F3Pu6c%2FfRIiJfU8DvGnT%2Fs3PZvEmSBPeXYNf6hCrqGwXBNeD2IMhaOT67%2BvwxlZmRwJqdxZg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 86afdc907e867148-YUL
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 126

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/7998497915007/widget/ 968 B
916 B 70ms
69ms XHR
application/json 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/7998497915007/widget/bottomline

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-174-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

6b2361c0d0de589abacecbb7d54342976d313319dfed0715bf20de68853c16e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://jeffreestarcosmetics.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=32, origin; dur=0, ak_p; desc="1711547553376_400321240_1556292277_3137_2727_15_0_219";dur=1
content-length: 352
x-xss-protection: 1; mode=block
x-request-id: 1fa33f2c6c0623cd864c2392e8fe20ae
x-runtime: 0.022254
etag: W/"37a30769543e40a84afd7bb648d41bd8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: public, max-age=9844
access-control-allow-credentials: true
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160886685823/widget/ 182 B
733 B 79ms
78ms XHR
application/json 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160886685823/widget/bottomline

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-174-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

57f5c2709ee3352d1d2d542e3a09c199a883cc96e84f5380937021beeeeb3c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://jeffreestarcosmetics.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=7, origin; dur=32, ak_p; desc="1711547553380_400321240_1556292282_3977_2603_15_0_219";dur=1
content-length: 166
x-xss-protection: 1; mode=block
x-request-id: 3432249543c22ddba5b30b74461e686a
x-runtime: 0.026111
etag: W/"4b18a3055ab823882dd80e1bf7f36296"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: public, max-age=10788
access-control-allow-credentials: true
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160886554751/widget/ 963 B
913 B 62ms
61ms XHR
application/json 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160886554751/widget/bottomline

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-174-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

6f9962946bac4a4f7d65c952502594fa794f572936e53a54bb4462647a2e30e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://jeffreestarcosmetics.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=21, origin; dur=0, ak_p; desc="1711547553380_400321240_1556292283_2168_2542_15_0_219";dur=1
content-length: 349
x-xss-protection: 1; mode=block
x-request-id: 49109c7108629ce76b61b7b50130dd0c
x-runtime: 0.024959
etag: W/"14019a2fcb41bc6cbfc6d82a84c08d05"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: public, max-age=1633
access-control-allow-credentials: true
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/7998497816703/widget/ 966 B
914 B 84ms
83ms XHR
application/json 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/7998497816703/widget/bottomline

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-174-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

05edddad07671c347ad1494faa8660441213af6bf8ebf2ccf7569224c2a5a2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://jeffreestarcosmetics.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=39, origin; dur=0, ak_p; desc="1711547553385_400321240_1556292284_4574_2347_15_0_219";dur=1
content-length: 351
x-xss-protection: 1; mode=block
x-request-id: 93fe77d10111f9e694bb87373fe0b5ea
x-runtime: 0.026800
etag: W/"ed487a07dfe21919364020a9ecb1ae5c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: public, max-age=1652
access-control-allow-credentials: true
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160886587519/widget/ 182 B
730 B 62ms
59ms XHR
application/json 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160886587519/widget/bottomline

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-174-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

5dfe5553008e2d963828274103d566d9e16dbbb26ba4ffc1f2af2c23b377da00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://jeffreestarcosmetics.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=18, origin; dur=0, ak_p; desc="1711547553380_400321240_1556292285_1819_2442_15_0_219";dur=1
content-length: 166
x-xss-protection: 1; mode=block
x-request-id: f3537d70b7218f2f1fabde2e34700431
x-runtime: 0.024137
etag: W/"ae8789cd2879fa24d6386ae9778de540"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: public, max-age=3949
access-control-allow-credentials: true
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160886620287/widget/ 182 B
731 B 71ms
69ms XHR
application/json 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160886620287/widget/bottomline

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-174-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

6a54c89db1fb4f8b04489cb7eebbbb0b62e8ab798660e22abc973232d80e8d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://jeffreestarcosmetics.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=32, origin; dur=0, ak_p; desc="1711547553380_400321240_1556292286_3222_2449_15_0_219";dur=1
content-length: 166
x-xss-protection: 1; mode=block
x-request-id: 0314e1212f6acebcd5768a642ad63564
x-runtime: 0.024923
etag: W/"58d05625b37b772c75f54dfee8d0da4f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: public, max-age=8780
access-control-allow-credentials: true
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160886653055/widget/ 182 B
729 B 90ms
87ms XHR
application/json 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160886653055/widget/bottomline

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-174-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

ae4d06ec5d6791cb37a0430fde397c89efcf26a7940a422ad87bb2e4ec97252f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://jeffreestarcosmetics.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=38, origin; dur=0, ak_p; desc="1711547553393_400321240_1556292313_3771_2075_15_0_219";dur=1
content-length: 165
x-xss-protection: 1; mode=block
x-request-id: 575cef97c71b97fe32a1ccb5b672553d
x-runtime: 0.022308
etag: W/"5d8a9f73bd29daf9b710372eb38fc426"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: public, max-age=1668
access-control-allow-credentials: true
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160850641023/widget/ 973 B
920 B 68ms
65ms XHR
application/json 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160850641023/widget/bottomline

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-174-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

eb20f71262a4a21f5257d53936882cedf4bd52d3337d9ddad538df870937957f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://jeffreestarcosmetics.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=13, origin; dur=0, ak_p; desc="1711547553393_400321240_1556292314_1279_2050_15_0_219";dur=1
content-length: 356
x-xss-protection: 1; mode=block
x-request-id: a449ff641ca8ac596151afd997184d28
x-runtime: 0.028697
etag: W/"7a2285f817004d6115aa2e4d6690964a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: public, max-age=1613
access-control-allow-credentials: true
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160885047423/widget/ 182 B
730 B 71ms
69ms XHR
application/json 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160885047423/widget/bottomline

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-174-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

241cde33f66fa1ec682848ea2008ee0dbd8f6c3b7c09a957ee5dc8a80c227330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://jeffreestarcosmetics.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=19, origin; dur=0, ak_p; desc="1711547553393_400321240_1556292315_1867_2043_15_0_219";dur=1
content-length: 166
x-xss-protection: 1; mode=block
x-request-id: aba274c0854f8dfe8a3e8a56d76c5745
x-runtime: 0.036119
etag: W/"f6f545ff0f68bba0461c56f62afde96e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: public, max-age=9736
access-control-allow-credentials: true
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-headers: *

GET
H2 200 i
p.yotpo.com/ 35 B
280 B 133ms
42ms Image
image/gif 3.132.1.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=Jeffree%20Star%20Cosmetics&se_va=Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA&cx=eyJwdl91dWlkIjo5NDY0NDMyMDF9&dtm=1711547553343&tid=145925&vp=1600x1113&ds=2193x7472&vid=1&duid=18fff6eb7e2e9002&p=web&tv=js-0.13.2&fp=738008529&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=America%2FLos_Angeles&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=800x600&cd=24&cookie=1&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F
Requested by: Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.1.36 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-1-36.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
date: Wed, 27 Mar 2024 13:52:33 GMT
cache-control: max-age=86400, private
server: nginx
content-length: 35
expires: Thu, 28 Mar 2024 13:52:33 GMT

GET
H2 200 widget.js Show response
staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/ 442 KB
104 KB 90ms
89ms Script
text/javascript 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.js?v2enforce=true

Requested by

Host: cdn-widgetsrepository.yotpo.com
URL: https://cdn-widgetsrepository.yotpo.com/widget-assets/widgets-initializer/app.v0.8.3-5890.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-174-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

9cff48b2918dfd7bf3edc4226fb59739f4a2137622db8a859e8a46cc0861a14b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: br
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=32, origin; dur=0, ak_p; desc="1711547553400_400321240_1556292327_3212_4122_15_0_146";dur=1
content-length: 106061
x-xss-protection: 1; mode=block
x-request-id: c44ea822415eb70e4469c4227d000868
x-runtime: 0.092451
etag: W/"9fdd9ae48737d8fefacf189adc4ae444"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: public, max-age=4792
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 wave Show response
waves.retentionscience.com/ 2 B
109 B 125ms
39ms XHR
text/javascript 52.3.141.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://waves.retentionscience.com/wave?wave=%7B%22version%22%3A%223.1.1%22%2C%22site_id%22%3A%22936%22%2C%22arrival_time%22%3A1711547553376%2C%22arrival_uri%22%3A%22https%3A%2F%2Fjeffreestarcosmetics.com%2F%22%2C%22page_title%22%3A%22Jeffree%20Star%20Cosmetics%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en-US%22%2C%22fingerprint%22%3A%22e1a45de3718f5ecb7773363afeba97ac%22%2C%22rsci_vid%22%3A%229937ed61-5eba-64b0-5d0f-a9fd7bf2d3fd%22%2C%22action%22%3A%22view%22%7D
Requested by: Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.141.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-141-14.compute-1.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 27 Mar 2024 13:52:33 GMT
cache-control: no-cache
content-type: text/javascript

GET
H2 200 web-widget-main-55d363e.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 714F 450 KB
140 KB 50ms
50ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-55d363e.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=7974f39b-67ff-4bc1-9a4a-de60f7cb81d9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8287b2f4982c54b0d6a1533ee7d2f5f5e19d3b50f9607e08c51fbacbdd21180

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
x-amz-version-id: KrODsXKtQh6dOjJ4x5f5rr0Yase07jsW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: YCKGR8AXTP2FARX1
age: 100177
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: nInPbYRnjmiNoO9eFI2kL7PEYPe6MSReITISB8gkN21/rXBQIR2JMl6eRHjmiXHqhgzZw754/41BRGu76C/vhA==
last-modified: Tue, 19 Mar 2024 10:33:22 GMT
server: cloudflare
etag: W/"d8b10abd7523dc1edfcafc554760aeeb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZrdFz58aIZl%2FEaeZ%2FIuQGPyvOoDumT%2Bgq8jFYs0nj1C3QvQEt8iD19nvr959pDPqdzflAqN37pLqK%2FVcSRarAsbxt8LKI3aQ6bsjrEJTSQ7Yo5eWWCBODIkRIu9ntx%2FPqp4ick4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 86afdc90cd3e36db-YYZ
access-control-allow-headers: *
expires: Wed, 19 Mar 2025 10:33:21 GMT

GET
H3 200 logo_360x.png
jeffreestarcosmetics.com/cdn/shop/files/ 5 KB
6 KB 47ms
47ms Image
image/avif 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffreestarcosmetics.com/cdn/shop/files/logo_360x.png?v=1620251408

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

61c1d58c1ea5fff05d729d1f6e27e4c88480ab9a333ec16c4cdf289d58db0192

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 2308762
x-permitted-cross-domain-policies: none
source-type: image/png
server-timing: imagery;dur=569.752, imageryFetch;dur=29.958, imageryProcess;dur=538.931;desc="image", cfRequestDuration;dur=18.999815
source-length: 87687
content-length: 5500
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 7c52a06a-90ef-4e86-a022-654f5c2598c8
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Feb 2024 20:33:04 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K8qfKI38iGvMjXilDleJGGddXjCRdE4rWyYIoHbUQsAA2gENdVpKquIePJXdaA4rtR%2BOc5Q4Fc%2B6N%2Fl3jCQWYfqBOcoNFahSiz1t2Rkls%2FkeV43cdX4EqgRnyJvBqttWtDse412Ka5oBrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86afdc90df3c7148-YUL
x-sorting-hat-podid: 126

GET
H3 200 wwdesktop_1728x.jpg
jeffreestarcosmetics.com/cdn/shop/files/ 88 KB
89 KB 62ms
62ms Image
image/webp 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffreestarcosmetics.com/cdn/shop/files/wwdesktop_1728x.jpg?v=1710521063

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

b361da78f868ec5563e71ee83043c56ae242baf40b97fc16d0535be901afde0d

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 1024155
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=432.668, imageryFetch;dur=93.817, imageryProcess;dur=336.562;desc="image", cfRequestDuration;dur=32.999992
source-length: 723649
content-length: 89962
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 35bc0339-4066-4339-b173-aa00c933e44d-1710521858
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Mar 2024 16:57:39 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v1k5fEAJzr4GiM7YzPOnXoJjcX%2BlkgOQFIBWp6XQPMzyBn4syQ6osqZpBNRI%2FBJy90I9WkZNFWpOFpAZgudqCEwQB1IJEI02NafRrx%2ByJGVlKQz2VVI5ICwjZvrioSzYdhwxm1VJuUaGGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86afdc90df3d7148-YUL
x-sorting-hat-podid: 126

GET
H3 200 ssdesktop2_1728x.jpg
jeffreestarcosmetics.com/cdn/shop/files/ 146 KB
147 KB 112ms
111ms Image
image/webp 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffreestarcosmetics.com/cdn/shop/files/ssdesktop2_1728x.jpg?v=1711411315

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

2468c6d0f1c1f454aeefdbd83df77b42449233125c11d1347a548ef61887323f

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=723.190, imageryFetch;dur=121.049, imageryProcess;dur=599.874;desc="image", cfRequestDuration;dur=75.999975
source-length: 1322114
content-length: 149540
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 4788de4d-3876-474b-9f98-4f1275f4e18c-1711411482
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 26 Mar 2024 00:04:43 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=INacKDnw%2FXicAQaBlvn6cTohxt1vG3eOy89LwDfPPsoUkxTC3F%2BtAQzHOtmDFbG%2Fzd8eNEjh20oBfbNETbU%2BYv1gbonu%2BDcCjlh6o8KKQgBj7vN6WCn9a5gLVi%2F55qDwKXQKySctvMaFvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86afdc90df3e7148-YUL
x-sorting-hat-podid: 126

GET
H2 200 css2
fonts.googleapis.com/ 22 KB
1 KB 57ms
56ms Stylesheet
text/css 142.251.163.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bebas+Neue:ital,wght@0,400&family=Kanit:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&family=Prata:ital,wght@0,400&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f95.1e100.net

Software

ESF /

Resource Hash

c340b0cf70897c277e0a16a1869a56ab4b6e5a78e14c0862f4e48038678ecadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 13:52:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Mar 2024 13:52:33 GMT

GET
H2 200 open_sans.css
staticw2.yotpo.com/assets/ 281 B
588 B 39ms
39ms Stylesheet
text/css 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://staticw2.yotpo.com/assets/open_sans.css
Requested by: Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.css?widget_version=2022-12-28_17-32-53
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-174-68.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: adad0f387bdee702d1120265df725c20b92e9d1eaaca34557fd6208babd0cc1b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.css?widget_version=2022-12-28_17-32-53
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: gzip
last-modified: Tue, 13 Feb 2024 11:21:17 GMT
etag: "65cb50ad-d8"
env: PRODUCTION
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=604800
access-control-allow-credentials: true
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711547553429_400321240_1556292383_63_4796_15_0_255";dur=1
content-length: 216
expires: Wed, 03 Apr 2024 13:52:33 GMT

GET
H3 200 index.min.js Show response
jeffreestarcosmetics.com/cdn/shop/t/242/assets/ 46 KB
14 KB 73ms
73ms Script
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/index.min.js?v=183611143575833348661709075668

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/app.min.js?v=113412230177539477541709075668

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

49c11210e9e2a81fec53d48665b554019d46504cacc040df514edcb1c065a8cd

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 1971632
x-permitted-cross-domain-policies: none
content-encoding: br
server-timing: imagery;dur=108.313, imageryFetch;dur=26.993, cfRequestDuration;dur=31.000137
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: a81096ef-2c5e-4da5-a795-ba5515dc4250
last-modified: Tue, 27 Feb 2024 23:14:38 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CMsRQMJi37XZs66f%2Ft%2Fzg%2FwAUMLf7poUWuSijyJ%2BJ1DH7pBZN7ozrH%2Be70xOSCKboC1Dz%2FIm%2BPTpmzxPUZ4QgGYQn09RvNql7cdGaqq53QMbMb1cFLtJb18J6z3QQU74r%2FmTzFieJPActw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 86afdc90ff577148-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0673/2291/t/242/assets/index.min.js>; rel="canonical"
x-sorting-hat-podid: 126

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 222 KB
80 KB 58ms
58ms Script
application/javascript 142.251.179.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-325015524&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-81RXDPTBJQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

639ea89cd1d5b96c3f837e13bf460ff8b8f15d818b5f30aa9bdf100ee8696f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81718
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Mar 2024 13:52:33 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 226 KB
83 KB 71ms
71ms Script
application/javascript 142.251.179.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=MC-0MGTFZ50PE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-81RXDPTBJQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

da53b6c1335684d4e53097a8e6f2af93413341c465b9aa154bc297f1174c79f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84460
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Mar 2024 13:52:33 GMT

GET
H2 200 yotpo-widget-font.woff
staticw2.yotpo.com/assets/ 12 KB
12 KB 108ms
39ms Font
application/font-woff 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://staticw2.yotpo.com/assets/yotpo-widget-font.woff?version=2022-12-28_17-32-53
Requested by: Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.css?widget_version=2022-12-28_17-32-53
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-174-68.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ded3cc824f7bd6d490d247ad247bc13cd3205f3dca15e6afa78610dc8a4d1143

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.css?widget_version=2022-12-28_17-32-53
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:33 GMT
last-modified: Tue, 13 Feb 2024 11:21:17 GMT
etag: "65cb50ad-3000"
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711547553556_400321240_1556292669_21_5258_15_35_255";dur=1
accept-ranges: bytes
content-length: 12288
expires: Wed, 03 Apr 2024 13:52:33 GMT

GET
H2 200 open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
staticw2.yotpo.com/web-fonts/opensans/v34/ 55 KB
55 KB 114ms
46ms Font
font/woff2 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://staticw2.yotpo.com/web-fonts/opensans/v34/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
Requested by: Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/assets/open_sans.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-174-68.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 52a27a6a1c1821efdf20d91ece59d5f29ba3ba28cc8480e2f73f3007216e7729

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://staticw2.yotpo.com/assets/open_sans.css
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vyz.i4QOdLlLZUMzbqnnDnj5xOURPlW1
content-encoding: gzip
date: Wed, 27 Mar 2024 13:52:33 GMT
x-amz-request-id: 5N4XZA3ZWZH2XBGP
x-amz-server-side-encryption: AES256
env: PRODUCTION
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711547553598_400321240_1556292685_94_4816_15_0_255";dur=1
content-length: 56207
x-amz-id-2: Xde6SZLM9v9iJ65fNaXUrdtz1cllfsYy2RzOq2/T24oJfZ4gFWqnc4EWKp6d8lon68N523ZoXlA=
last-modified: Tue, 27 Jun 2023 19:16:47 GMT
server: AmazonS3
etag: "441a81103fda7f9c3b41cffd77d8c65c"
vary: Accept-Encoding
access-control-max-age: 31536000
content-type: font/woff2
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 27 Mar 2025 13:52:33 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
176 B 46ms
45ms Ping
text/plain 142.251.163.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-81RXDPTBJQ&gtm=45je43p0v9128893694za200&_p=1711547552608&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&cid=1134354709.1711547554&ul=en-us&sr=800x600&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&dp=%2F&dt=Jeffree%20Star%20Cosmetics&dl=https%3A%2F%2Fjeffreestarcosmetics.com%2F&sid=1711547553&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1374
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-81RXDPTBJQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.163.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: wv-in-f101.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 13:52:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jeffreestarcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/jeffreestarcosmetics.com/ 163 B
697 B 123ms
72ms Fetch
application/json 172.67.11.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/jeffreestarcosmetics.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.11.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a61d6d8fb0c423e279e9a95b47312b747c7b49e8188128ca4e15bc9f8ea0cad6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
content-encoding: br
cf-cache-status: HIT
age: 51
x-guploader-uploadid: ABPtcPrQokcypFr26Ht7w04jwCTCxg-y_3UrGfQi-p8Y2SySq-Z9rFAvEDIFM2KKFC5BaF5I4u8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 20 Feb 2024 15:59:50 GMT
server: cloudflare
etag: W/"cc99ab72b01eb71328e6f0c4139ca374"
vary: Accept-Encoding
x-goog-hash: crc32c=KoQaPQ==, md5=zJmrcrAetxMo5vDEE5yjdA==
x-goog-generation: 1708444790370861
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 163
cf-ray: 86afdc969cc1a214-YYZ
expires: Thu, 27 Mar 2025 13:51:43 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 46ms
45ms XHR
text/plain 142.251.163.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1250046316&t=pageview&_s=1&dl=https%3A%2F%2Fjeffreestarcosmetics.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Jeffree%20Star%20Cosmetics&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDAgEABBAAAACgCIAB~&jid=976161141&gjid=347308426&cid=1134354709.1711547554&tid=UA-72991237-1&_gid=718365777.1711547554&_slc=1&did=BwiEti&z=1096287048

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

90c91c3158b038a688cd4a400bc1b33a49672f001404efab1f4e62c8e0ba5d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 13:52:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jeffreestarcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
351 B 119ms
44ms XHR
text/plain 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72991237-1&cid=1134354709.1711547554&jid=976161141&gjid=347308426&_gid=718365777.1711547554&_u=YCDAgEABBAAAAGgCIAD~&z=1856962176

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 27 Mar 2024 13:52:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jeffreestarcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 171279846853517 Show response
connect.facebook.net/signals/config/ 55 KB
12 KB 38ms
37ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/171279846853517?v=2.9.151&r=stable&domain=jeffreestarcosmetics.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

5577d20df0e7bb5279ed60e5a0e1bc03a6798a14f817bee80ace7cf854930022

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 27 Mar 2024 13:52:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11595
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=62, mss=1380, tbw=63175, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: R7Jc+1htnA4ckF3spardrt8pTCFqWqcrkvyufdLE46eGFypO5j0j8OTQdKfW6KcM0BOtna/X0Tp2hSQK/M07Nw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 produce_batch
jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/ 0
797 B 121ms
121ms Ping
text/plain 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=92.999935
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 40050674-d28f-42a9-af87-08f40d532ed5
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d8cboX4ai9Ij6Fzr90A9HZlw8%2BOWL9pT2x5l%2Bg1IQsMtEQSrda1ScgvffkZChmJPV6HnTMSMDH3Ir80gHPL0TEO1iiB5jFeGLH39jME888oYER9tzh0nS1r%2F3KX%2Fze7DSUpmv30JuWOv0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 86afdc973a357148-YUL

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
93 KB 58ms
58ms Script
application/javascript 142.251.179.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-81RXDPTBJQ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ecbc8ec397d10fd2d87634bb247a4b1a05fd52bd9069bb29aab6fc494646cc2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95327
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Mar 2024 13:52:34 GMT

GET
H2 200 en-us-json-55d363e.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 714F 18 KB
4 KB 53ms
50ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-55d363e.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-55d363e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52c73407a0d652b51d31bdcb5dff0050e9f916b58bca340d677fddb22b76572

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
x-amz-version-id: vOGvlC.Sp6ImWm7rGMdlUbK4shmZrG0j
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: YCKW945ZGFQ7ZEG4
age: 100175
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: k9QpENLEahn8amIe/lBorJNHJzriRKpxei8pmsFJaZZV7BbIcBsiKlcTabCAy9VWJx7wj1lRMxAbq0yJlMcLf2L7nGI1M3qT
last-modified: Tue, 19 Mar 2024 10:33:24 GMT
server: cloudflare
etag: W/"3ac3100c0ffed8d435c31e09d2196883"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v6EocAUVk7nfJbgsI%2F8zlhJf%2BHdw4Pa5YNNumvQm4lR%2F3c38UfFLCfj95ekgSLcKeEXfX1WV%2BfCZvyOrpdspShGBwEprBa2C3gI4KgrBzM5n91k1Cl%2FVi0BijF0O9C8t8nlv8JM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 86afdc979b1936db-YYZ
access-control-allow-headers: *
expires: Wed, 19 Mar 2025 10:33:23 GMT

GET
H2 200 web-widget-84852-55d363e.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 714F 139 KB
47 KB 68ms
65ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-55d363e.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-55d363e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e994cb0b343d3edeb1b58566cc21a641fc7d06bf0f285d5988cca28b0089f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
x-amz-version-id: db.rL12Bmxe6vwnnFEgMzgFzHhw8gCNh
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: YCKYFGCZ14DPQX58
age: 100177
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: h/LFbWwSgm5qLrh9yWHyvSpRt4wHuv0X8z/Lw4/lnREVrIK4adzvpA0YRb76FqulkeakRWDGqt0=
last-modified: Tue, 19 Mar 2024 10:33:21 GMT
server: cloudflare
etag: W/"d19f02a4d0c4a8500e3d2de6c4f5e6d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uIHvmq0ZeQm5W7EZDsgnKZ8OWz8LmRBcIt9Zv2jUVMeubgu6LUiSCWMKfNzcjE8FBOKZtCXZAyEZFoCkvMGwLXFOnBFFLEJ1fU6riLh3pCJl7vQCQjgLqAK6BE3gJ5MjohF2Nd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 86afdc979b1d36db-YYZ
access-control-allow-headers: *
expires: Wed, 19 Mar 2025 10:33:19 GMT

GET
H2 200 web-widget-79806-55d363e.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 714F 29 KB
10 KB 83ms
81ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-79806-55d363e.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-55d363e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7800b091411ef3bd2ce7e03f780f9c90d3fd26653157ac4355fd2267c5222751

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
x-amz-version-id: ZdEyWIkZYQvfUL5FK9oroLV_Yk_T3Ydt
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: YCKX03SHGN1HHV5D
age: 100177
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: M0KMq0ipP/bM5o/Vtze9hBf9T/fHCG9+s4E7GTR9H/oK/CReuPXTCZCQKS877/d+Y3MKEVOOTOA=
last-modified: Tue, 19 Mar 2024 10:33:20 GMT
server: cloudflare
etag: W/"b8dfcaa633300638f816e590e3b902cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LPDrSp9pWcswiayGSc4HuPMc8PuuqsWlO7BXa9fBk39j7wMMd2vDMAUkob7Nof4OKabXCIPI9h9Lzbxf00F96gS3W9k72SzjuvKaPx3v6gVW0cnFXKhAjdtrp0Sl8IStprmhm1g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 86afdc979b1f36db-YYZ
access-control-allow-headers: *
expires: Wed, 19 Mar 2025 10:33:19 GMT

GET
H2 200 web-widget-92795-55d363e.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 714F 14 KB
4 KB 41ms
40ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-92795-55d363e.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-55d363e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41b13fecfa34c5566dfa6bb5cba7e572e567cea0c92e5b51b0d8cef42937465c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
x-amz-version-id: s7Mxnn4Sj11huKeqUUDfZIS6NOtk_9US
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: YCKJD8TEB325BEFQ
age: 100177
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: X4RVX34of8fFGTAddOj1PQdEw0r2dVo/Q7It69G+ajmMclL5gwX85Lavabld1aIoAOK7P+9U5+w=
last-modified: Tue, 19 Mar 2024 10:33:22 GMT
server: cloudflare
etag: W/"6b61ed06a46ae866485b7f7125909f43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qrakRaU%2BEh%2F4rOiju471UPdHqf%2BMWoLmdUF57YhGBP7bdVB%2Br3CqWt0pTL33Xm2x%2B%2FL8DE04CLT37%2B0sq9WczearISR9Ub15foXHMI5NbH2zobkm76e6kSiMUSzzn1a5QI0kdEc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 86afdc979b2236db-YYZ
access-control-allow-headers: *
expires: Wed, 19 Mar 2025 10:33:21 GMT

GET
H2 200 web-widget-15178-55d363e.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 714F 12 KB
5 KB 55ms
53ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-15178-55d363e.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-55d363e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edc6615cbf86cc4784338f530963b5da942552f1fea45bb3b1db81f6b9eaea17

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
x-amz-version-id: J2lnOopqJm4hOOsTkM6mNUeO4FwA8R_V
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: YCKVT2K8BF0CCSRV
age: 100177
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: a20mVimAUmSdWG4yrETx29NOcLqB5jvA9sg9iLmlIytROFWxnRc/Ony6mGN73aLgtIpuwPP+2Ig=
last-modified: Tue, 19 Mar 2024 10:33:14 GMT
server: cloudflare
etag: W/"db77198393a490e11834f06f319204f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Y%2F5IwK%2FcGIaaylurxfIejrjhCotRG34Mo%2BP3RzE%2FJdjQEPCdmJbeFyfm%2FLQ23yMk%2FApfYUKa0Jm7hCK1pDhouSZowRbjL0MsS%2ByvZF3hsD8mSt333H9RyNmOgkkaBD19UY6MtE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 86afdc979b2436db-YYZ
access-control-allow-headers: *
expires: Wed, 19 Mar 2025 10:33:13 GMT

GET
H2 200 web-widget-59535-55d363e.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 714F 15 KB
6 KB 49ms
48ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-59535-55d363e.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-55d363e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bd8626ace6bbc147ea1fe58ae1165a6dcd79b0492213262aef227f722f94053

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
x-amz-version-id: hnRrE2Goc77.4f2mLhUxl_FjNI3Pdcj6
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: YCKGY194RFSGWFA7
age: 100177
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 06gkqy1GZT4VTGC4nUhiXAk4cvojXAVjbg4cdUT844YmLPpSIy74ApVavGD3ublZ1Ohl0b7mf34=
last-modified: Tue, 19 Mar 2024 10:33:18 GMT
server: cloudflare
etag: W/"172d4382b349c06ba9eb839d45b78fba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FEvJhDQo7zmVaATPBTC6SB%2FGQw8v6nXPJPkAhBjW76TVoQEqI0hKpqTAfKj1LtwDra9Gd%2FTyLfyE%2FQE3eF55r5MusVviNoo9oytDIYsfAbR6eeYryTOiX4blA2CTGjwN2ozfy8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 86afdc979b2736db-YYZ
access-control-allow-headers: *
expires: Wed, 19 Mar 2025 10:33:17 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/325015524/ 3 KB
2 KB 141ms
57ms Script
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/325015524/?random=1711547554515&cv=11&fst=1711547554515&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcs=G111&gcd=13t3t3t3t5&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F&label=-vhjCOTXpOICEOSv_ZoB&tiba=Jeffree%20Star%20Cosmetics&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=0&ec_m=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)*SPAN%3Atrue%3A22%3Afalse*1&ec_sel=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)&ec_meta=SPAN%3Atrue%3A22%3Afalse&ec_lat=4&ec_s=1&pscdl=noapi&auid=1041787684.1711547555&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dpage_view%3Bpage_path%3D%2F&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-325015524&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

ab27a2834cdff464ac083b0b4fb2d9607e3024f86f022bc2efd826673416930d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 13:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1624
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 07Moisturizer-Closed_Swatch-white2_360x.jpg
jeffreestarcosmetics.com/cdn/shop/files/ 10 KB
11 KB 51ms
49ms Image
image/webp 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffreestarcosmetics.com/cdn/shop/files/07Moisturizer-Closed_Swatch-white2_360x.jpg?v=1710460848

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

8e3ef3d4c0bc1eda9a0ec893aa5d46794f0fd897adce8ec493bbcbdac19e0094

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 1076929
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=382.486, imageryFetch;dur=110.140, imageryProcess;dur=270.029;desc="image", cfRequestDuration;dur=19.999981
source-length: 2934999
content-length: 10448
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 5a7aa383-8307-4dee-bafb-1419063008c8-1710468858
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Mar 2024 02:14:19 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRKaWPG7iBrilZG0F3YMV2tsLqjDuECaZlAiZ%2FtPRWNXvNEOypjZjLm7BDEJWKLb8EEn45Wsc8TkPX%2FGE97apTz%2FxMDi8LdfuNOpVhJthQtegOewuZ3Rcl%2BU6UffoA2A1trqTu7AtIDdPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86afdc97fb8c7148-YUL
x-sorting-hat-podid: 126

GET
H3 200 01WyomingWinterHandCream-Closed_Swatch-Web_360x.jpg
jeffreestarcosmetics.com/cdn/shop/files/ 6 KB
7 KB 52ms
50ms Image
image/webp 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffreestarcosmetics.com/cdn/shop/files/01WyomingWinterHandCream-Closed_Swatch-Web_360x.jpg?v=1710358887

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

13753d9a0ddb0f10a14e3807f6241dff0de8c4813a587baf136280aa9cfea6d0

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 1024823
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=406.889, imageryFetch;dur=171.873, imageryProcess;dur=233.637;desc="image", cfRequestDuration;dur=21.999836
source-length: 2675310
content-length: 6024
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 81f58c87-e7ea-4ce5-96d8-55b810b126c6-1710521396
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Mar 2024 16:49:57 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5uS6dS9JPjA4aF8VWoIk2lZhLyyakfzykr%2FJe3K%2F%2FxkbDYiv%2FC%2F6DloDXakE2KQWNxNbHJeZQzDdSdj90nawVz7dEcuL2rd6PFx0dgmofN7vTdlqF%2BN11kH1sy8aLGZrOOOoOOmPKH2QTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86afdc97fb8f7148-YUL
x-sorting-hat-podid: 126

GET
H3 200 NAVY-HOODIE_360x.jpg
jeffreestarcosmetics.com/cdn/shop/files/ 9 KB
10 KB 49ms
46ms Image
image/webp 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffreestarcosmetics.com/cdn/shop/files/NAVY-HOODIE_360x.jpg?v=1710459769

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

fdc7c9e615b73858ee588266d4408f1adf8bbc41ad70d1f0eb422e4c635b4ec9

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 1024823
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=241.243, imageryFetch;dur=106.578, imageryProcess;dur=133.666;desc="image", cfRequestDuration;dur=16.999960
source-length: 422239
content-length: 8854
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: cf72b9e9-8011-4e5f-8dda-1275baf3e018-1710521387
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Mar 2024 16:49:48 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B1kLpDKeogVl%2FjyB351kSj0trtn0tKG%2Fe91qD1GJPTkNZMsnz7rz8fDD8eqRlAqj5vbTUOYaEdJkLeEUyv%2FNQvcRCUIGMjNyU31FGEsAafI18zqGlLgeg8f5h19exh3b6tFKIrcepuZKbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86afdc97fb927148-YUL
x-sorting-hat-podid: 126

GET
H3 200 Socks1_360x.png
jeffreestarcosmetics.com/cdn/shop/products/ 9 KB
10 KB 63ms
62ms Image
image/webp 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffreestarcosmetics.com/cdn/shop/products/Socks1_360x.png?v=1673630066

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

f1cf1f743e4cd96c4f168e07c776c480d3bf331b5909ed620d1e0a363f1cab59

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 1024822
x-permitted-cross-domain-policies: none
source-type: image/png
server-timing: imagery;dur=675.417, imageryFetch;dur=166.104, imageryProcess;dur=508.523;desc="image", cfRequestDuration;dur=32.999992
source-length: 3739980
content-length: 9244
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: c84dc3ea-0400-4a3c-bcdb-6c9973382f48-1710521384
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Mar 2024 16:49:44 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L9sor4sFKeGASeFjZf716kFT%2Fl4Oot7PP7vite5FuBbKbJTbEEWzp5m9yNOdYtoAdrgV1vPX%2F6Qjen%2FeBTFa%2BEm9T%2Foesrfgzr2yIju4hSG5hDL7NAU4vw7IhZHNtExgXMYIw0SydR%2FILw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86afdc97fb947148-YUL
x-sorting-hat-podid: 126

GET
H3

200

/ Show response
jeffreestarcosmetics.com/
Redirect Chain

https://jeffreestarcosmetics.com/discount/CLEAR
https://jeffreestarcosmetics.com/

156 KB
27 KB

209ms
208ms

Fetch
text/html

23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

afedd78bb0e1e4e837769d5d361f5d8bd3ba863cf5eaa77caa22f79e65aab7ae

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jeffreestarcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=7889238
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
x-cache: miss
server-timing: processing;dur=127;desc="gc:12", db;dur=37, fetch;dur=1, render;dur=27, wasm, asn;desc="212238", edge;desc="YUL", country;desc="CA", theme;desc="143359049855", pageType;desc="index", servedBy;desc="llk5", requestID;desc="5f7aa371-1b39-4744-b2ba-58f7df41b418-1711547554", cfRequestDuration;dur=178.999901, earlyhints
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 5f7aa371-1b39-4744-b2ba-58f7df41b418-1711547554
x-shardid: 126
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
etag: "cacheable:95c2966f836f2a6b1a5e1d343ee7897c"
x-shopid: 6732291
x-frame-options: DENY
vary: Accept
content-type: text/html; charset=utf-8
content-language: en-CA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQRIUkbvTtG7acw13uf1lT1uZpQzAD5S8MMfZCCw%2BXWWny1GS9kMA3rBYnTXVOhiQP3ro%2Fw5zfx8uzpF0ZBItD95M8dpax1EXQWSdYNpZSqpMA7fp3RRBVYZ8PPqy2b%2BPWaL8k9OdIA%2F%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 86afdc994d5e7148-YUL
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 126

Redirect headers

date: Wed, 27 Mar 2024 13:52:34 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=store_code&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fdiscounts&source%5Bsection%5D=storefront&source%5Buuid%5D=701e3493-8e2a-4a1a-ae04-dc53cd061f3c-1711547554
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-northamerica-northeast2,gcp-us-central1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 91
server-timing: processing;dur=89, cfRequestDuration;dur=144.000053
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=store_code&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fdiscounts&source%5Bsection%5D=storefront&source%5Buuid%5D=701e3493-8e2a-4a1a-ae04-dc53cd061f3c-1711547554
x-sorting-hat-shopid: 6732291
x-request-id: 701e3493-8e2a-4a1a-ae04-dc53cd061f3c-1711547554
x-shardid: 126
x-shopify-stage: production
server: cloudflare
x-shopid: 6732291
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7vKyS%2Fn%2BzsH54sMPP87QVS1SdlnmaDZoag8Ab9zRK%2BpPXUYnOBIhp%2B2v9tNC7PCCIUCbjRdbDgT3FzLfbEEjmRFOy2cMP6DG%2BcDEJdTo5Rt9rN0XW0lEsmBj4bGeOpNtn9aa%2B%2FWQy6RwbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://jeffreestarcosmetics.com/
content-language: en-CA
x-download-options: noopen
cf-ray: 86afdc97fba17148-YUL
x-robots-tag: noindex, nofollow
x-liquid-rendered-at: 2024-03-27T13:52:34.659230263Z
x-sorting-hat-podid: 126

POST
H2 204 collect
www.merchant-center-analytics.goog/mc/ 0
250 B 125ms
46ms Ping
text/plain 172.253.115.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.merchant-center-analytics.goog/mc/collect?v=2&tid=MC-0MGTFZ50PE&gtm=45ve43p0v9121514119za200&_p=1711547552608&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&cid=1134354709.1711547554&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dp=%2F&dt=Jeffree%20Star%20Cosmetics&dl=https%3A%2F%2Fjeffreestarcosmetics.com%2F&sid=1711547554&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2423
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=MC-0MGTFZ50PE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.115.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 13:52:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jeffreestarcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i
p.yotpo.com/ 35 B
279 B 43ms
43ms Image
image/gif 3.132.1.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=se&se_ca=star_rating&se_ac=loaded&se_la=category_page&se_va=Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA&cx=eyJwdl91dWlkIjo5NDY0NDMyMDEsImRvbWFpbl9rZXkiOlsiODE2MDg4NjU1NDc1MSIsIjc5OTg0OTc5MTUwMDciLCI4MTYwODUwNjQxMDIzIiwiNzk5ODQ5NzgxNjcwMyJdLCJjb3VudF9wcm9kdWN0cyI6NCwiZGF0YV9zb3VyY2UiOiJkZWZhdWx0In0&dtm=1711547554601&tid=585824&vp=1600x1113&ds=2193x4097&vid=1&duid=18fff6eb7e2e9002&p=web&tv=js-0.13.2&fp=738008529&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=America%2FLos_Angeles&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=800x600&cd=24&cookie=1&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F
Requested by: Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.1.36 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-1-36.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
date: Wed, 27 Mar 2024 13:52:34 GMT
cache-control: max-age=86400, private
server: nginx
content-length: 35
expires: Thu, 28 Mar 2024 13:52:34 GMT

GET
H3 200 336094328318530 Show response
connect.facebook.net/signals/config/ 32 KB
5 KB 38ms
37ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/336094328318530?v=2.9.151&r=stable&domain=jeffreestarcosmetics.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104%2C182%2C181%2C183%2C188%2C189%2C190%2C186%2C178%2C121%2C149%2C177%2C179%2C112%2C143%2C134%2C138%2C118%2C173%2C214%2C105%2C215%2C151%2C109%2C132%2C125%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

76ef3ef40191319e2bd2ce884324f286713946cc4073309b60996a0a71761918

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 27 Mar 2024 13:52:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4982
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=23, mss=1232, tbw=4314, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: kNzgwx5x1C1JChoGEyrFduLDhluBNVKaplr/qvLRXw3puUCSisHnNGOF0SHtwl41Y97/aRImH3H9+25NesZdfQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 204 pv
jsccustomerservice.zendesk.com/frontendevents/ Frame 0
0 222ms
170ms Preflight 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsccustomerservice.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jeffreestarcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 86afdc98ead539d2-YYZ
date: Wed, 27 Mar 2024 13:52:34 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B5zqI1HrGZL5wLke%2BKxOI%2FLBOEnsD6fFMB63g6fqfpMKf%2FdHR5pMbxQ2gZhdX8lR0i%2F0RpMlYqhcjljn2bRGM6s1AtXHWhb1TyXJseepdogGFIb4eWNE26z%2BRZ%2FAy5L%2FON6KZzZDl9h7%2BidVXMP2Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 86afdc98ead539d2-YYZ
x-zendesk-zorg: yes

POST
H2 200 pv
jsccustomerservice.zendesk.com/frontendevents/ Frame 714F 0
0 139ms
139ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsccustomerservice.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-55d363e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=05DBIG77ixtOg7DaZOcr6YWFnHiMOyHDfaRboQKGtXK1sOzJBk%2B2K6SycE6YGd6fOeLmRbHrT0KxEAGCcMiv%2BwgKT8KsZg6RVxO%2Bd6l8%2FRdbY229yqgFiwYX1DiyDan6TmTpiAMF5Hr4HxoIY%2FZ3nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 86afdc99fcbc39d2-YYZ
content-length: 0
x-request-id: 86afdc99fcbc39d2-YYZ

GET
H2 200 config Show response
jsccustomerservice.zendesk.com/embeddable/ Frame 714F 781 B
1 KB 99ms
47ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsccustomerservice.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-55d363e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba548478d053bb6421285c667cb31830ff18506fb39970e73610411dfd042cf0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 48
x-zendesk-origin-server: embeddable-app-server-74db44fd56-k28m6
x-cached: STALE
x-request-id: 86afd4440b6fa1f6-YYZ
x-runtime: 0.002491
last-modified: Wed, 27 Mar 2024 13:51:46 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ECTCL5JvMD97we8Dp5ZOMCADN1Dj9kAvpICCA5FuqF%2BxYXGQPlocUwbxaGe7IAp4GZmwTmZrhq%2BVui%2BrXV%2Ba31kSu8GNqMs1lCIBwPqksBUj6Kv3ECl5YFcKHk%2FPuFUHorVRlDYlOX2c9qpY2pb7zg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 86afdc98ead739d2-YYZ

GET
H3

200

/
www.google.ca/pagead/1p-conversion/325015524/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/325015524/?random=411251186&cv=11&fst=1711547554515&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcs=G111&gcd=13t3t3t3t5&dma=0&u_w=80...
https://www.google.com/pagead/1p-conversion/325015524/?random=411251186&cv=11&fst=1711547554515&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcs=G111&gcd=13t3t3t3t5&dma=0&u_w=800&u_h=600&url=https%3...
https://www.google.ca/pagead/1p-conversion/325015524/?random=411251186&cv=11&fst=1711547554515&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcs=G111&gcd=13t3t3t3t5&dma=0&u_w=800&u_h=600&url=https%3A...

42 B
64 B

137ms
54ms

Image
image/gif

142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/325015524/?random=411251186&cv=11&fst=1711547554515&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcs=G111&gcd=13t3t3t3t5&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F&label=-vhjCOTXpOICEOSv_ZoB&tiba=Jeffree%20Star%20Cosmetics&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=0&ec_m=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)*SPAN%3Atrue%3A22%3Afalse*1&ec_sel=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)&ec_meta=SPAN%3Atrue%3A22%3Afalse&ec_lat=4&ec_s=1&pscdl=noapi&auid=1041787684.1711547555&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI4O6KwMuUhQMV3E9HAR3PWAGSMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjohaHR0cHM6Ly9qZWZmcmVlc3RhcmNvc21ldGljcy5jb20v&is_vtc=1&cid=CAQSGwB7FLtqJ1S-PhjN9xPA1csVuluNzx-I7NJ_-Q&random=169351575&ipr=y

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Server

142.251.16.94 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jeffreestarcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 13:52:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Mar 2024 13:52:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ca/pagead/1p-conversion/325015524/?random=411251186&cv=11&fst=1711547554515&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcs=G111&gcd=13t3t3t3t5&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F&label=-vhjCOTXpOICEOSv_ZoB&tiba=Jeffree%20Star%20Cosmetics&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=0&ec_m=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)*SPAN%3Atrue%3A22%3Afalse*1&ec_sel=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)&ec_meta=SPAN%3Atrue%3A22%3Afalse&ec_lat=4&ec_s=1&pscdl=noapi&auid=1041787684.1711547555&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI4O6KwMuUhQMV3E9HAR3PWAGSMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjohaHR0cHM6Ly9qZWZmcmVlc3RhcmNvc21ldGljcy5jb20v&is_vtc=1&cid=CAQSGwB7FLtqJ1S-PhjN9xPA1csVuluNzx-I7NJ_-Q&random=169351575&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 111ms
37ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=171279846853517&ev=PageView&dl=https%3A%2F%2Fjeffreestarcosmetics.com%2F&rl=&if=false&ts=1711547554762&sw=800&sh=600&v=2.9.151&r=stable&a=shopify&ec=0&o=4126&fbp=fb.1.1711547554761.248379805&ler=empty&cdl=API_unavailable&it=1711547554363&coo=false&eid=sh-802f199d-EB1C-49D7-680C-DC1A5C1CC1E4&rqm=GET

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 27 Mar 2024 13:52:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 110ms
37ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=336094328318530&ev=PageView&dl=https%3A%2F%2Fjeffreestarcosmetics.com%2F&rl=&if=false&ts=1711547554766&sw=800&sh=600&v=2.9.151&r=stable&a=shopify&ec=0&o=4126&fbp=fb.1.1711547554761.248379805&ler=empty&cdl=API_unavailable&cs_est=true&it=1711547554363&coo=false&eid=sh-802f199d-EB1C-49D7-680C-DC1A5C1CC1E4&rqm=GET

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=2771, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 27 Mar 2024 13:52:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 produce_batch
jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/ 0
800 B 81ms
80ms Ping
text/plain 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=52.999973
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 58e263c0-2d41-47c7-a57b-4797f7d87caa
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WnWeHsJ3MtTW7P79lrS7BlSyaoFBpLdYdOmvFR%2B%2B5yDKeB33j3zSIzqo%2FxQas4mAx48XV0rSeKIQt1bgFp3IhzXxmLbMadxMEJW5LiigvO5ZOh1p9Up%2B9%2BYGIwKDK2A45EiqqTAqGvIAAg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 86afdc9acf657148-YUL

GET
H2 200 gdpr_cookie_consent.min.js Show response
gdprcdn.b-cdn.net/js/ 98 KB
24 KB 109ms
36ms Script
application/javascript 185.93.1.244
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://gdprcdn.b-cdn.net/js/gdpr_cookie_consent.min.js?shop=jeffree-star-cosmetics.myshopify.com
Requested by: Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.244 Chicago, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 185-93-1-244.bunnyinfra.net
Software: BunnyCDN-IL1-845 /
Resource Hash: f52aece28683003958abe407c4045ee5da4e1cd29df6fc3c0843762218f0940d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: br
cdn-edgestorageid: 871
perma-cache: HIT
cdn-storageserver: DE-679
cdn-cachedat: 03/27/2024 11:06:07
cdn-pullzone: 176374
last-modified: Wed, 27 Mar 2024 11:05:26 GMT
server: BunnyCDN-IL1-845
cdn-fileserver: 760
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6603fd76-188f8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 921dc4f4-2f03-4785-aefa-df9a43743874
cache-control: public, max-age=31919000
cdn-requestid: c9abc84a79ff7bba3a4ac2fdb6a9986e
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 weglot_script_tag.js Show response
cdn.weglot.com/ 0
428 B 93ms
41ms Script
application/javascript 104.18.7.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.weglot.com/weglot_script_tag.js?shop=jeffree-star-cosmetics.myshopify.com

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.32 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
x-amz-version-id: null
via: 1.1 60c77d7f2a0954d991174a909a828016.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-cf-pop: YTO50-P1
age: 2399888
x-cache: Miss from cloudfront
content-length: 0
last-modified: Tue, 09 Jun 2020 10:38:01 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86afdc9c4e0739c9-YYZ
x-amz-cf-id: 2h-iBM5Pqwwe-RQ07nFJV3BoCpX2QsEyMZ0Yy_uYjurq4P9C3m56lQ==
expires: Thu, 27 Mar 2025 13:52:35 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 47 KB
20 KB 134ms
56ms Script
application/javascript 74.119.119.142
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=88392&shop=jeffree-star-cosmetics.myshopify.com

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.142 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

cface07e6e1951822c8f1da212c8a4317072380424668e58833250304ed8aaa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 glosku-bundle.js Show response
a.glosku.com/shopify-client/ 37 KB
13 KB 1711ms
251ms Script
application/javascript 47.112.135.248
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL

https://a.glosku.com/shopify-client/glosku-bundle.js?shop=jeffree-star-cosmetics.myshopify.com

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.112.135.248 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

Resource Hash

6ed50f35dfa84208081e6994ac3758e141451835192d3cf6b3f6cb9b623dea86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 19 Dec 2023 06:11:21 GMT
etag: W/"65813409-9389"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 yWvW8B4ulm3fpojUdQiCew.js Show response
cdn-loyalty.yotpo.com/loader/ 92 KB
14 KB 47ms
41ms Script
text/javascript 23.62.174.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-loyalty.yotpo.com/loader/yWvW8B4ulm3fpojUdQiCew.js?shop=jeffree-star-cosmetics.myshopify.com

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.174.68 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-174-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

a95267db319f32a8e567c3a8018bf3a2a5199a95dddbbb1523f747eac4e655e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ratelimit-reset: 1
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-permitted-cross-domain-policies: none
x-ratelimit-limit-second: 10000
x-kong-proxy-latency: 8
x-ratelimit-remaining-second: 9999
x-kong-upstream-latency: 38
date: Wed, 27 Mar 2024 13:52:35 GMT
ratelimit-limit: 10000
content-length: 13286
x-xss-protection: 1; mode=block
x-request-id: c838e827f1e414cc668202f2ac161cdf
x-runtime: 0.026428
referrer-policy: strict-origin
correlation-id: e489782f-5810-4d6b-bc35-dd1923acd86b
etag: W/"a95267db319f32a8e567c3a8018bf3a2"
x-download-options: noopen
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: private, must-revalidate, max-age=0
access-control-allow-credentials: false
access-control-allow-origin: *
ratelimit-remaining: 9999
access-control-allow-headers: *

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 4 KB
1 KB 19ms
18ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg&shop=jeffree-star-cosmetics.myshopify.com

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1900b83c725993f346411dfcafcd970be84ac03bd682c93f81e44512c124fc65

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 27 Mar 2024 13:52:35 GMT
age: 2283
x-cache: HIT, HIT
content-length: 1172
x-served-by: cache-lga21965-LGA, cache-yyz4544-YYZ
server: nginx
x-timer: S1711547555.198610,VS0,VE0
etag: W/"d1e1f172c83c6284029290225815cb0a"
allow: GET, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-language: en-us
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
content-type: application/javascript
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 39, 2

GET
H2 200 subscription.js Show response
d18eg7dreypte5.cloudfront.net/scripts/integrations/ 6 KB
3 KB 100ms
27ms Script
text/javascript 3.161.210.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18eg7dreypte5.cloudfront.net/scripts/integrations/subscription.js?shop=jeffree-star-cosmetics.myshopify.com
Requested by: Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.210.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-210-216.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e0fb284dfac5a1db0eea756850a45bde214c49d22585550133189f2ca152e61

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:14:42 GMT
content-encoding: gzip
via: 1.1 d9d0b19761149aebd7234df3fac341aa.cloudfront.net (CloudFront)
last-modified: Thu, 19 Oct 2023 13:38:58 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P1
age: 2274
etag: W/"710bc9e3a1e1d31aad9496abf1aecbbd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 2ob6UXxpvQOBn4-UcBDq6WhDxulVQ7h8dD89HseCAIGPheD0Mh4hnw==

GET
H2 200 smsbump_timer.js Show response
d18eg7dreypte5.cloudfront.net/browse-abandonment/ 8 KB
3 KB 101ms
28ms Script
application/javascript 3.161.210.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18eg7dreypte5.cloudfront.net/browse-abandonment/smsbump_timer.js?shop=jeffree-star-cosmetics.myshopify.com
Requested by: Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.210.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-210-216.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51c359916588443d85c516f76c343c7e6787b8216d8933ed4864d3fc824d795d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:14:42 GMT
content-encoding: gzip
via: 1.1 d9d0b19761149aebd7234df3fac341aa.cloudfront.net (CloudFront)
last-modified: Tue, 24 Oct 2023 10:57:43 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P1
age: 2274
etag: W/"8d2ce02190fe08a267c23b6ba7fd758f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: auPSdrGWYsD0JaNTbBQVB1RDwRluRzPg8RnRCj6q9KIgyq0ZlR9Oiw==

GET
H2 200 rebuy.js Show response
cdn.rebuyengine.com/onsite/js/ 51 KB
19 KB 128ms
77ms Script
application/javascript 104.22.32.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/onsite/js/rebuy.js?shop=jeffree-star-cosmetics.myshopify.com

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.32.205 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5201b1083f0b6a8306259bbf924f69cc1af9281003dc15829cb0a26b54b547f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
surrogate-control: max-age=7200
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"93868ea1378bed9cc1e51f4ae674ed22"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OaSbrukYj9uI61CRM6lNRG6IQUdiJd8Pj74BFh3xLUebk2RY%2BoOdD3WZIXJRi%2FHVnn7kTjdn89bq3lW2ImVb7%2BTG8%2BShGdL5H6%2BYDczIN6DZ5EFD9RSOx2eK7ot2hUqx5rQIOtG3"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0
x-robots-tag: noindex
cf-ray: 86afdc9c4e6b54d3-YYZ

GET
H3 200 runtime.latest.en.ce7e55f15590cf597fe1.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
4 KB 100ms
76ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.latest.en.ce7e55f15590cf597fe1.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
server-timing: imagery;dur=93.251, imageryFetch;dur=59.471, cfRequestDuration;dur=54.000139
alt-svc: h3=":443"; ma=86400
content-length: 2982
x-xss-protection: 1; mode=block
x-request-id: 3af19aa5-4d25-4a34-a38b-8c49f90ce0b4-1711546543
last-modified: Wed, 27 Mar 2024 13:35:44 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sM7P4UV%2BKgeF1BAWQMYMG6n2BtG8pUFqJuvzgy2Yu5PwiFsIGb6PrbeIz%2BwbnkuC%2Fq7hgEIApdyBTiC7HoKqY6CUEZTysx0TozH3YeT8Aqlj%2FqHfzTspLXQUnoSU26KB7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.latest.en.ce7e55f15590cf597fe1.js>; rel="canonical"
cf-ray: 86afdc9c2e25711d-YYZ

GET
H2 200 / Show response
beacon-v2.helpscout.net/ 458 B
902 B 88ms
26ms Script
application/javascript 3.162.3.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon-v2.helpscout.net/

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-7.yul62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1fa6a6a3678a8ee96a48afd35a2f528e9cd3e082ea71f8bf57ff7fad542c8c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:51:24 GMT
content-encoding: gzip
via: 1.1 b46ea00af935bf6290d93c76c66e0c8e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-P2
age: 72
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 327
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 27 Mar 2024 12:41:23 GMT
server: AmazonS3
etag: "c773577a6202962c2a4fb1d6fb975fd4"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=120, s-maxage=120, public
accept-ranges: bytes
x-amz-cf-id: htkA-274L_AIIlP2nIFlcCkFdsMrmaubPpK3QGr20MHU660E2mMftQ==

GET
H2 200 get-flash-sale Show response
discountmanager.amai.com/api/ 4 KB
2 KB 148ms
96ms XHR
application/json 172.67.68.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://discountmanager.amai.com/api/get-flash-sale?user_id=200250&signature=df2e7fe0b0703375bd8de65b9c4153d5
Requested by: Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b824e8c6d9f5635e8fc1b2a2ad0f7400b8fe7bb26c347d68cc30e43823bc0b97

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: */*
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
server: cloudflare
x-ratelimit-remaining: 9870
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BVO9MYUDAfKooQO9U6R%2Fgq4XKlDV%2FfcFqGHIqZlYeR%2FJyW3iKonSUvZFjyrwFpahRgGQ84kgVvmKsj9SuhtseALESnLQaZSyoiNif24NlDvUDtq8us%2FS9iImZy1pifOeB0U12XB4SNAcHg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, must-revalidate
x-ratelimit-limit: 10000
cf-ray: 86afdc9c5c3fa24c-YYZ
access-control-allow-headers: X-Requested-With, Content-Type, X-Token-Auth, Authorization
expires: -1

GET
H3 200 favicon-32x32.png
jeffreestarcosmetics.com/cdn/shop/t/242/assets/ 938 B
2 KB 48ms
47ms Other
image/png 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/favicon-32x32.png?v=11057927490212161441698318736

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

b791b7b3f41e97751f4b01eee942b720d3e6e141fc95aad5e302e4e602771a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1
age: 10905146
source-type: image/png
server-timing: imagery;dur=51.427, imageryFetch;dur=40.177, imageryProcess;dur=10.644;desc="image", cfRequestDuration;dur=19.000053
source-length: 926
content-length: 938
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 85b7e910-cd20-4d92-92df-ca1dc043936c
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Nov 2023 07:21:53 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nwXxsSA95afgSqCDut5zZMeTPSCtfm1tUQTy8S4%2FHjNsXRYU%2FnTxlL%2BkEmp88oedEP1x8nNuBQcExkggRyUlBpBf8wwp%2FRqc3e0lT%2BTBCH9gjaPqq3owToxVAlK3fsdF0IjQL5RGr%2B%2BvyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86afdc9c59fc7148-YUL
x-sorting-hat-podid: 126

GET
H2 200 app.v1.0.368.js Show response
cdn-swell-assets.yotpo.com/ 1 MB
192 KB 129ms
30ms Script
text/plain 192.229.163.223
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-swell-assets.yotpo.com/app.v1.0.368.js
Requested by: Host: cdn-loyalty.yotpo.com
URL: https://cdn-loyalty.yotpo.com/loader/yWvW8B4ulm3fpojUdQiCew.js?shop=jeffree-star-cosmetics.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.223 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/8121) /
Resource Hash: 7aa07cb9eb4dcbd11651911e5b51ddfcca63a7407e4e82f6cbe1e217688af9e3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: gzip
x-amz-version-id: PqtSMCVj7ESk1vw4sS8qzdrlxa61XPgb
last-modified: Sun, 12 Mar 2023 15:50:42 GMT
server: ECS (cha/8121)
x-amz-meta-s3cmd-attrs: uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1678636240/atime:1678636240/md5:578610ba47467921af169ff4767b704b/ctime:1678636240
age: 193411
x-amz-request-id: K92B0AVKE3B2ZXA3
etag: "578610ba47467921af169ff4767b704b+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: text/plain
content-length: 196015
x-amz-id-2: b3rT8GJ6mwc4DuPCmalVDBPjz8oHYH2tuPlb8Ab1hi357O/T1DqawJNJt5zd/TqxViL5QLLnK1kRkHtlmK4DVxGAQz6foaN8xWxB1hd73FU=

POST
H3 200 produce
jeffreestarcosmetics.com/.well-known/shopify/monorail/v1/ 0
799 B 90ms
85ms Ping
text/plain 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/.well-known/shopify/monorail/v1/produce

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=60.999870
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 6dc03760-832a-46ef-aebe-b5f39f8b7019
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rClRqybLx5jo2ACkP6fFlNdpv%2BsbKFEr%2FI7ZphZePuUbfmVBjHZTJ7atVKT%2FxuKG%2FGTSheqmxmIBa10W6Y4uq9Hmd3TZp9m5v3EzsauUxH0a%2Fvjud5VoBrGWFuhDr0Hsh91Qj9j6XUrdfg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://jeffreestarcosmetics.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 86afdc9c6a167148-YUL

GET
H2 200 vendor.8a6b7eb1.js Show response
beacon-v2.helpscout.net/static/js/ 51 KB
18 KB 33ms
33ms Script
application/javascript 3.162.3.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon-v2.helpscout.net/static/js/vendor.8a6b7eb1.js

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-7.yul62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bcaed90419730a8c13aa735118a799dfbb7e5819004edc6b1d902fc34be73fa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 12:21:54 GMT
content-encoding: gzip
via: 1.1 b46ea00af935bf6290d93c76c66e0c8e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-P2
age: 5442
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17761
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Mar 2024 16:39:08 GMT
server: AmazonS3
etag: "00cd97fe28a5eafda74935cec02029a5"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: z9Bl5_uBeoitErqParhQyAxp7AXNQil1e-EaDk9QzCdZiJ2khB6rzw==

GET
H2 200 main.58cd0f0a.js Show response
beacon-v2.helpscout.net/static/js/ 31 KB
13 KB 46ms
46ms Script
application/javascript 3.162.3.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon-v2.helpscout.net/static/js/main.58cd0f0a.js

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-7.yul62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

62d3251a394b7ae18ee0505daebd51ea87976fe96203af683f3eb1903a6929de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 12:41:24 GMT
content-encoding: gzip
via: 1.1 b46ea00af935bf6290d93c76c66e0c8e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-P2
age: 4272
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12613
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 27 Mar 2024 12:41:24 GMT
server: AmazonS3
etag: "d434f2ccdbfacec1ec12b84a5aaf08f6"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: wRORhRXE-tdvL_ic8-vmFRb0OSHzCxJa1FaDuVnWeTtOyCQCC1pYSA==

GET
H3 200 683.latest.en.f98500ac9b2f2b62f7f1.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
79 KB 35ms
35ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/683.latest.en.f98500ac9b2f2b62f7f1.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 78813
server-timing: imagery;dur=46.697, imageryFetch;dur=25.105, cfRequestDuration;dur=13.999939
alt-svc: h3=":443"; ma=86400
content-length: 79657
x-xss-protection: 1; mode=block
x-request-id: 218f9a07-e3fb-4927-b381-f5a99044322e-1711466989
last-modified: Tue, 26 Mar 2024 15:29:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=upo1mpqItCAguV3XiS21i9py5Dy3gkjRRGbCRPj3FUZSo1D3w2cuvOTF6a0wFY9ONFKjHTN5FCLYiRGLhw5iQEa75oTysl9DKl8ibk%2F6nDvqIBC1WI8fIjaL6yiEBDqSSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/683.latest.en.f98500ac9b2f2b62f7f1.js>; rel="canonical"
cf-ray: 86afdc9caef3711d-YYZ

GET
H/1.1 200
OK versioning Show response
gdpr.apps.isenselabs.com/users/ 113 B
397 B 351ms
120ms Fetch
application/json 143.198.251.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr.apps.isenselabs.com/users/versioning?shop=jeffree-star-cosmetics.myshopify.com&lqch=null&lqcl=null&version=null&designMode=false
Requested by: Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.198.251.218 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: cee9e3ca775f03fba491dbcff01a55c929d3ad21076ec647445c96e5ba83a2c3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 13:52:35 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Keep-Alive: timeout=5, max=200
Content-Length: 110

GET
H2 200 syncframe
gum.criteo.com/ Frame 3C8E 0
0 116ms
40ms Document
text/html 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=jeffreestarcosmetics.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=88392&shop=jeffree-star-cosmetics.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://jeffreestarcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-CA,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Mar 2024 13:52:34 GMT
server: Kestrel
server-processing-duration-in-ticks: 385574
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 global.js Show response
cdn.rebuyengine.com/onsite/js/ 612 KB
175 KB 85ms
84ms Script
application/javascript 104.22.32.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/onsite/js/global.js?build=1711472890

Requested by

Host: cdn.rebuyengine.com
URL: https://cdn.rebuyengine.com/onsite/js/rebuy.js?shop=jeffree-star-cosmetics.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.32.205 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f679a8b86dd4434fe7476b92dd83f3d997cf89b0d064d45a512bbc4c444243a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
surrogate-control: max-age=7200
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"300818a5f10ee2cebcedae71653e5957"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MXf3r8KYpLcVaeIPf1TW%2B16UIrU8%2BBwfbPrfxJOvIX9IrpN5%2BeU8zhsJ2SLz20WYYUtSqKRGbePTxDKl%2BNeMaB0MR0zpZXM%2BDdLKt0gTn%2B5UiAcfSpHIflRa4%2BqNOiQIky4sumVz"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, stale-while-revalidate=1800
x-robots-tag: noindex
cf-ray: 86afdc9d2fbb54d3-YYZ

GET
H2 200 global.min.css
cdn.rebuyengine.com/onsite/css/ 177 KB
18 KB 114ms
114ms Stylesheet
text/css 104.22.32.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/onsite/css/global.min.css?build=1711472890

Requested by

Host: cdn.rebuyengine.com
URL: https://cdn.rebuyengine.com/onsite/js/rebuy.js?shop=jeffree-star-cosmetics.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.32.205 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e4ac44ea0dfbec2245c9514599ebdc71d1db9fcca12df1906fbc06908244f2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
surrogate-control: max-age=7200
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"339a76281622da352d0fcf059739796b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2RfukILJJraRd8SBWJQkn1ZKsqPkkq591R1SXXVW%2BOj8%2BPh%2B4i3ZL%2BdZhyOYZxVg62imLiEu%2FsAuU%2FQL2wzxjBltv8y2xdYgJBZs6pyGXhQHgc%2BYJZ2b2m55VDS3PKMA4AT5ki7e"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, stale-while-revalidate=10800
x-robots-tag: noindex
cf-ray: 86afdc9d2fbc54d3-YYZ

OPTIONS
H2 200 93a2c230-eb12-4070-acd6-b7392ab6f134
d3hb14vkzrxvla.cloudfront.net/v1/ Frame 0
0 99ms
26ms Preflight 3.162.7.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/93a2c230-eb12-4070-acd6-b7392ab6f134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.7.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-7-55.yul62.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: beacon-device-id,beacon-device-instance-id,correlationid,helpscout-origin,helpscout-release
Access-Control-Request-Method: GET
Origin: https://jeffreestarcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: beacon-device-id, beacon-device-instance-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-methods: GET
access-control-allow-origin: https://jeffreestarcosmetics.com
age: 59
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
content-length: 0
date: Wed, 27 Mar 2024 13:51:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
via: 1.1 24c2a7b3c7e677d544aa5e2a7eb85b4e.cloudfront.net (CloudFront)
x-amz-cf-id: _NnJg_V7eniKsWXlAm81Z6vxkFVep1EfwzeDIEPe5PEa2VD0aZa9PA==
x-amz-cf-pop: YUL62-P2
x-cache: Hit from cloudfront
x-ratelimit-limit-ai-ask-hour: 25
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-limit-general-minute: 60
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-ai-ask-hour: 25
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-remaining-general-minute: 60
x-ratelimit-remaining-identify-hour: 25

GET
H2 404 93a2c230-eb12-4070-acd6-b7392ab6f134 Show response
d3hb14vkzrxvla.cloudfront.net/v1/ 118 B
883 B 28ms
27ms XHR
application/json 3.162.7.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/93a2c230-eb12-4070-acd6-b7392ab6f134

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.7.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-7-55.yul62.r.cloudfront.net

Software

Resource Hash

75d99bff989b8bfa9686c4b3f4c7a74a670257f3d2229151a5dac92b5d75150d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

correlationId: ba1eaf44-cd21-485a-a1c0-0e3f97cbc5bb
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Helpscout-Release: 2.2.179
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Beacon-Device-ID: 9258133e-ac36-4528-ac9a-da1b06c62351
Referer: https://jeffreestarcosmetics.com/
Beacon-Device-Instance-ID: a6a30213-cb1a-4ea0-ac72-52bb91e405e1
Helpscout-Origin: Beacon-Embed
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 24c2a7b3c7e677d544aa5e2a7eb85b4e.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 1
x-cache: Error from cloudfront
x-ratelimit-remaining-ai-ask-hour: 25
x-ratelimit-remaining-identify-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
vary: Origin,Access-Control-Request-Method
content-type: application/json
access-control-allow-origin: https://jeffreestarcosmetics.com
x-ratelimit-remaining-general-minute: 60
access-control-expose-headers: Resource-ID
access-control-allow-credentials: true
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-ai-ask-hour: 25
x-amz-cf-id: _Fzm_Ewl_egASvjXwhiA0Wep9kWaq0HX6b2oPoNy0B2I7aElsSxOXw==
x-ratelimit-limit-chat-tokens-hour: 25

GET
H3 200 548.latest.en.92a1e68e57edd3b0de20.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
59 KB 63ms
63ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/548.latest.en.92a1e68e57edd3b0de20.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
server-timing: imagery;dur=50.890, imageryFetch;dur=26.631, cfRequestDuration;dur=39.000034
alt-svc: h3=":443"; ma=86400
content-length: 60082
x-xss-protection: 1; mode=block
x-request-id: 6cd6a416-8a8a-4021-b3ae-e6377498f091-1711546544
last-modified: Wed, 27 Mar 2024 13:35:44 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aH5nhbcIptuMIQugHL%2BGTgZReEzxQ9K17gBCpxVowz9mEZDAWCiJcG5ZMabkPm8ZtH6mpX%2FYP6FFBh52%2BU7ZDIlyVX8zBkKPum%2FoUwwlHIJ6uFnp8IdR9Hre5e9h8Nt%2FcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/548.latest.en.92a1e68e57edd3b0de20.js>; rel="canonical"
cf-ray: 86afdc9d3ff0711d-YYZ

GET
H3 200 681.latest.en.11758ebf297b3d91af42.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
19 KB 41ms
41ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/681.latest.en.11758ebf297b3d91af42.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 65635
server-timing: imagery;dur=34.385, imageryFetch;dur=19.127, cfRequestDuration;dur=19.000053
alt-svc: h3=":443"; ma=86400
content-length: 18464
x-xss-protection: 1; mode=block
x-request-id: f1ce6df7-71c9-42e4-8a1b-851fcca2ae53-1711479698
last-modified: Tue, 26 Mar 2024 19:01:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=moqt8WBraK2G622N0YfbD7zLflGMjFk9OeaLkK1zX%2FgOqYElzMOVdSA6xhi9mtuBII03Vscrk43Aezoe5Hb%2FHN7aH3MVG8EabHNb1a69CRl5pyu6jOywG07ryz9X41AAbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/681.latest.en.11758ebf297b3d91af42.js>; rel="canonical"
cf-ray: 86afdc9e197d711d-YYZ

GET
H2 200 config Show response
cached.rebuyengine.com/api/v1/user/ 1 KB
982 B 67ms
19ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cached.rebuyengine.com/api/v1/user/config?shop=jeffree-star-cosmetics.myshopify.com

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1b94e5acb84244aa8bfde22cefbc9b5ffbdd53b42de640274421c68b8939d317

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
via: 1.1 varnish
date: Wed, 27 Mar 2024 13:52:35 GMT
access-control-allow-private-network: true
age: 4582
x-cache: HIT
content-length: 573
x-served-by: cache-yyz4577-YYZ
referrer-policy: no-referrer-when-downgrade
server: nginx
x-timer: S1711547556.699458,VS0,VE1
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Content-Type, X-Rebuy-User-Token
x-cache-hits: 1

GET
H3 200 app.latest.en.3d74b883e72d0633a995.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
220 KB 66ms
65ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.3d74b883e72d0633a995.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
server-timing: imagery;dur=76.738, imageryFetch;dur=27.751, cfRequestDuration;dur=42.999983
alt-svc: h3=":443"; ma=86400
content-length: 224358
x-xss-protection: 1; mode=block
x-request-id: 56a98a81-26b6-4509-ac89-2b3e1e6e9c3f-1711546544
last-modified: Wed, 27 Mar 2024 13:35:44 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mVk6ETn3aplp%2F6wILAIYn7zSkhfDGpEzKcSCvUk6FJd1rg0pQF4MWqE1UIhAyZdHr9yP%2FDr4atkuku2BBkh6Z38n7G6C3xJv1SlOZsIyLSyAnmOcydesaXUNy42BdDOw1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.3d74b883e72d0633a995.js>; rel="canonical"
cf-ray: 86afdc9f0b39711d-YYZ

GET
H2 200 checkIp Show response
consentmo-geo.com/users/ 50 B
586 B 199ms
146ms Fetch
application/json 172.67.69.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://consentmo-geo.com/users/checkIp

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88f66fbe6e960fb6a9266bc6a09e1b1a8a8d7d1ea555e5d851e9748bd099bb25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6OqBzhfQNNCVImAV4JoZj9%2FveeOIl4Zo%2B%2FJQXeE6Hw5t765C2qsSwRzFQOdWXzOx1maYb6PbKJ9dUsrkyeNFW2TnLSPAWHwpfvCaPEknK%2BefANdnQvTW8is4HX7bZF1ofnLf"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-ray: 86afdc9f6aa2a241-YYZ
x-xss-protection: 1; mode=block

GET
H2 200 SmartBanner.js Show response
cdn.rebuyengine.com/onsite/js/ 1 KB
996 B 80ms
80ms Script
application/javascript 104.22.32.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/onsite/js/SmartBanner.js?id=436e76f48207f5bca7e1

Requested by

Host: cdn.rebuyengine.com
URL: https://cdn.rebuyengine.com/onsite/js/global.js?build=1711472890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.32.205 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c85808fb17dad6d17a6a86647928fc077aee349bc4aa37d129971c1a4ec4ed81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
surrogate-control: max-age=7200
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"2d9ed26388a17659bf75a2ad3186f095"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQs58x1QgqSVWJpgZiqoU1LpjYacKlWej1BuUL5QIPTOB%2BN9G4vpoyeRf%2Ft%2FfIUQH2rZ01x%2BIgO5z5fzJFOs1UuNF3SG8tVV7X4ync1iyuTRusdzt2WEdfJRUT7olMnibTrlR%2BFm"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, stale-while-revalidate=10800
x-robots-tag: noindex
cf-ray: 86afdc9f4af754d3-YYZ

GET
H3 200 751.latest.en.c93e6a6b8624ef406214.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
958 B 53ms
53ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/751.latest.en.c93e6a6b8624ef406214.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 771059
content-encoding: br
server-timing: imagery;dur=17.894, imageryFetch;dur=17.202, cfRequestDuration;dur=30.999899
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: e66cdb64-7e26-4f6c-b46f-2b6dec3eb1a2-1710774356
last-modified: Mon, 18 Mar 2024 15:05:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bwco7N95mtIi%2BfaOowG8WiCdmGm8BOxApgaMbe4wPIdYs8jUirs72ooAtRBz8Pv9OkZUvuH%2FAl3O583SqKqlUEbPL90n1hk3lfsPYGhUh3gd2Fw4SE1nRhUVnAY8yPofig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/751.latest.en.c93e6a6b8624ef406214.js>; rel="canonical"
cf-ray: 86afdc9fbc68711d-YYZ

GET
H2 200 stylesheet
cached.rebuyengine.com/api/v1/user/ 28 KB
29 KB 60ms
19ms Stylesheet
text/css 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cached.rebuyengine.com/api/v1/user/stylesheet?shop=jeffree-star-cosmetics.myshopify.com&cache_key=1711511657

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

46e67dcdcfd822bbf3afa0d9312583afda802f25a614ab9fd9aa17bbd937f3a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self';
date: Wed, 27 Mar 2024 13:52:35 GMT
via: 1.1 varnish
access-control-allow-private-network: true
age: 2204
x-cache: HIT
content-length: 29021
x-served-by: cache-yyz4525-YYZ
referrer-policy: no-referrer-when-downgrade
server: nginx
x-timer: S1711547556.850301,VS0,VE1
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css; charset: UTF-8;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: Content-Type, X-Rebuy-User-Token
x-cache-hits: 1

GET
H2 200 vendor-flickity.js Show response
cdn.rebuyengine.com/onsite/js/ 48 KB
13 KB 77ms
76ms Script
application/javascript 104.22.32.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/onsite/js/vendor-flickity.js?id=173b1a75ff3dadd963c0

Requested by

Host: cdn.rebuyengine.com
URL: https://cdn.rebuyengine.com/onsite/js/global.js?build=1711472890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.32.205 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b880a457a131cb1f783b2b06c49ffed7355a1e1f080c49530a0ae0c3655829f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
surrogate-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"cbca311c02468e6f19bf3ab18ee73ecc"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MdA4SMonEFe0WCcB8CCWoqWKkuMHTJEJ9%2Ft0Wi%2BlhMbgzy2n8lTRaSjESWB4WAfcFHrro3ZVNhhHZA2uPTvQoxnRcc2o9A%2B2ZhYNUyVONdO5mS2WeR7ddIUMGDCH8VZJaJ2WL4OU"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800, stale-while-revalidate=86400
x-robots-tag: noindex
cf-ray: 86afdc9fdbda54d3-YYZ

GET
H2 200 geolocation Show response
rebuyengine.com/api/v1/customers/ 249 B
519 B 123ms
73ms Fetch
application/json 172.67.12.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rebuyengine.com/api/v1/customers/geolocation?key=b45c636874b5dfcf2727947b54d6e6c95d192b38&cache_key=1711511657

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.12.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1546aa34b7af4527b2eb497a351eb5fab9ea20c0cbc7dd28096ebeb2d0ff1d3f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-security-policy: frame-ancestors 'self';
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
access-control-allow-private-network: true
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-ray: 86afdca03d05a222-YYZ
access-control-allow-headers: Content-Type, X-Rebuy-User-Token

GET
H3 200 cart.json Show response
jeffreestarcosmetics.com/ 283 B
2 KB 94ms
93ms Fetch
application/json 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cart.json

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

831c8c1de046a0ff1d57f59c4ce71dc65bd4c9dacc4cd950577c49281eff710a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
content-encoding: br
x-permitted-cross-domain-policies: none
server-timing: processing;dur=15, db;dur=5, asn;desc="212238", edge;desc="YUL", country;desc="CA", servedBy;desc="v9w7", requestID;desc="313a7d97-3cb9-4471-8c07-1f5dc02ee442-1711547555", cfRequestDuration;dur=64.999819
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 313a7d97-3cb9-4471-8c07-1f5dc02ee442-1711547555
x-shardid: 126
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 6732291
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
content-language: en-CA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wFfIF%2B7joZvlH%2FkFQSacLFWnRxEW9pjb3oZ2TeT0Gk9ArJjBmoJF0TlXmLWTuXj8f8mHyvpp6RteNUnxZaCNSObe5NPLNVndOX2mKkIL9YIxYG%2BF%2Fu9UN%2F1aSJLiU6fIwbh5ypP9XGovsg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 86afdca008067148-YUL
x-cartjs-cache: 1
x-sorting-hat-podid: 126
x-cartjs-updatedat: 1711547554

GET
H2 200 settings Show response
cached.rebuyengine.com/api/v1/widgets/ 5 KB
2 KB 20ms
19ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cached.rebuyengine.com/api/v1/widgets/settings?id=119096&cache_key=1711511657

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

808347cd92e2dd4fe36fae008e3f6e3c9d5f480de159b1352bb45508e118fe01

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
via: 1.1 varnish
date: Wed, 27 Mar 2024 13:52:35 GMT
access-control-allow-private-network: true
age: 2204
x-cache: HIT
content-length: 1951
x-served-by: cache-yyz4577-YYZ
referrer-policy: no-referrer-when-downgrade
server: nginx
x-timer: S1711547556.835639,VS0,VE1
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Content-Type, X-Rebuy-User-Token
x-cache-hits: 1

GET
H2 200 settings Show response
cached.rebuyengine.com/api/v1/widgets/ 5 KB
2 KB 20ms
19ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cached.rebuyengine.com/api/v1/widgets/settings?id=113198&cache_key=1711511657

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

64f7e0ecc2bc95d54fbc1eddacd9942814787fa67571f845852c0dabac634a11

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
via: 1.1 varnish
date: Wed, 27 Mar 2024 13:52:35 GMT
access-control-allow-private-network: true
age: 528
x-cache: HIT
content-length: 1919
x-served-by: cache-yyz4577-YYZ
referrer-policy: no-referrer-when-downgrade
server: nginx
x-timer: S1711547556.836197,VS0,VE1
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Content-Type, X-Rebuy-User-Token
x-cache-hits: 1

GET
H2 200 settings Show response
cached.rebuyengine.com/api/v1/widgets/ 5 KB
2 KB 20ms
20ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cached.rebuyengine.com/api/v1/widgets/settings?id=135546&cache_key=1711511657

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

46c2e87676af82866e8c4ab53ca12f086015e75f73b7656e429640e34d2e17b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
via: 1.1 varnish
date: Wed, 27 Mar 2024 13:52:35 GMT
access-control-allow-private-network: true
age: 2204
x-cache: HIT
content-length: 1897
x-served-by: cache-yyz4577-YYZ
referrer-policy: no-referrer-when-downgrade
server: nginx
x-timer: S1711547556.836365,VS0,VE1
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Content-Type, X-Rebuy-User-Token
x-cache-hits: 1

GET
H3 200 836.latest.en.54d8b34024818cafec9f.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
8 KB 40ms
40ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/836.latest.en.54d8b34024818cafec9f.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 158937
server-timing: imagery;dur=84.587, imageryFetch;dur=22.263, cfRequestDuration;dur=18.999815
alt-svc: h3=":443"; ma=86400
content-length: 7577
x-xss-protection: 1; mode=block
x-request-id: 0f4d237c-13d1-48fa-9e8c-f06dabadb188-1711387604
last-modified: Mon, 25 Mar 2024 17:26:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XWUVyhaw9dXIB9%2FBahOKpgUQ%2B%2F91e5%2F86q3JpCsN0Y5uQ6piWJKe997%2FWzd4quR8nX4oDrURGxp9TxXDNeJvdtXUppO%2FTj2bdoTtrtV7vvPadVcfcDAoZ47D1A6LLk0GTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/836.latest.en.54d8b34024818cafec9f.js>; rel="canonical"
cf-ray: 86afdca01d10711d-YYZ

GET
H2 200 static Show response
rebuyengine.com/api/v1/products/ 11 B
89 B 84ms
75ms Fetch
application/json 172.67.12.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rebuyengine.com/api/v1/products/static?key=b45c636874b5dfcf2727947b54d6e6c95d192b38&limit=8&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F&shopify_product_ids=0&shopify_variant_ids=&shopify_collection_ids=&shopify_order_ids=&metafields=yes&uuid=8975f10d-7c4a-44a9-9303-d5b4bfde92f9&cache_key=1711511657

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.12.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-security-policy: frame-ancestors 'self';
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
access-control-allow-private-network: true
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-ray: 86afdca03d07a222-YYZ
access-control-allow-headers: Content-Type, X-Rebuy-User-Token

GET
H/1.1 200
OK getCookieConsentSettings Show response
gdpr.apps.isenselabs.com/users/ 21 B
267 B 122ms
121ms Fetch
application/json 143.198.251.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr.apps.isenselabs.com/users/getCookieConsentSettings?shop=jeffree-star-cosmetics.myshopify.com&sa=0&country=CA&state=0
Requested by: Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.198.251.218 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 38b904a1cf83df048360fb2480571b749fd98d57e11f1afdffb5a74a78166fea

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 13:52:35 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Keep-Alive: timeout=5, max=199
Content-Length: 21

GET
H2 200 rebuy-flickity.min.css
cdn.rebuyengine.com/onsite/css/ 6 KB
1 KB 71ms
71ms Stylesheet
text/css 104.22.32.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/onsite/css/rebuy-flickity.min.css?build=1711472890

Requested by

Host: cdn.rebuyengine.com
URL: https://cdn.rebuyengine.com/onsite/js/global.js?build=1711472890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.32.205 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200d393d052b3c836bd465f89accae4f2c9975b0d9dc5c5184a15ff5bea8d79c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
surrogate-control: max-age=7200
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c5ccce035b6c0c7b4ae51a912fb48dbb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EezM1%2B8eYl3bU4j1jpOFosx0tP21QLSYO5ZCHLVY4bUdGlcF3VgNpxIKXINSRXSaqH%2BFsUWxsSVYUxucx8utyqxWf5eHrhqn%2FXInHknuG4qgMBPhzSSteDPJ2IcYbauJ8Dr%2Bm4yt"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, stale-while-revalidate=10800
x-robots-tag: noindex
cf-ray: 86afdca05c6f54d3-YYZ

GET
H3 200 78.latest.en.93037259d77deea16aa3.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
36 KB 43ms
42ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/78.latest.en.93037259d77deea16aa3.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 771059
content-encoding: br
server-timing: imagery;dur=21.917, imageryFetch;dur=21.637, cfRequestDuration;dur=16.999960
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 4bd825a0-6cb9-484a-aa00-c51d98bc1724-1710774356
last-modified: Mon, 18 Mar 2024 15:05:56 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ziQyhuzLEtDiYvtAIX6nExH7L1Es24Ck9IJNPlOsPkwQhwmt5TsBFPaA06FJBr7KgXTODH6%2Fbn8N2CLpmACFRSdJd%2FHPdU24swgzh47yYoKZc2Qp7q7eLQFD6dxuIRvfiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/78.latest.en.93037259d77deea16aa3.js>; rel="canonical"
cf-ray: 86afdca05da5711d-YYZ

GET
H2 200 141966 Show response
rebuyengine.com/api/v1/custom/id/ 1 KB
637 B 87ms
87ms Fetch
application/json 172.67.12.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rebuyengine.com/api/v1/custom/id/141966?key=b45c636874b5dfcf2727947b54d6e6c95d192b38&limit=8&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F&shopify_product_ids=&shopify_variant_ids=&shopify_collection_ids=&shopify_order_ids=&filter_inputs=no&uuid=8975f10d-7c4a-44a9-9303-d5b4bfde92f9&cart_token=c67b68e15aac800476b57990c6217c69&cart_subtotal=0&cart_count=0&cart_line_count=0&cart_item_count=0&cart%5Btoken%5D=c67b68e15aac800476b57990c6217c69&cart%5Bsubtotal%5D=0&cart%5Bline_count%5D=0&cart%5Bitem_count%5D=0&cart%5Battributes%5D=%257B%257D&cart%5Bnotes%5D=&cache_key=1711511657&product_groups=yes

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.12.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa75146bb8fd71c51ce0327a19d8d7fb3ca68061e66d3ddaef815be77f5311b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
content-security-policy: frame-ancestors 'self';
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
access-control-allow-private-network: true
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-ray: 86afdca09d87a222-YYZ
access-control-allow-headers: Content-Type, X-Rebuy-User-Token

POST
H3 200 update.js Show response
jeffreestarcosmetics.com/cart/ 332 B
2 KB 321ms
321ms Fetch
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cart/update.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

dfc338a4b91d444052bd51b4e5dc3b312aceedc1d5a01c67c5b4f84a3d6fc558

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=8c67ab78-62e8-42a6-a0ee-541a201aa0f2-1711547555
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=8c67ab78-62e8-42a6-a0ee-541a201aa0f2-1711547555

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 Mar 2024 13:52:36 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=8c67ab78-62e8-42a6-a0ee-541a201aa0f2-1711547555
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-northamerica-northeast2,gcp-us-central1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-envoy-upstream-service-time: 239
server-timing: processing;dur=236, cfRequestDuration;dur=292.999983
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=8c67ab78-62e8-42a6-a0ee-541a201aa0f2-1711547555
x-sorting-hat-shopid: 6732291
x-request-id: 8c67ab78-62e8-42a6-a0ee-541a201aa0f2-1711547555
x-shardid: 126
x-shopify-stage: production
server: cloudflare
x-shopid: 6732291
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
content-language: en-CA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fN0uouhUeXucr2YRaOPCr6VuBNlsFH1xDPGToOYCO6Era4tLjOwONXHbYSEfA%2BTsnzucD1UlBlI0rlDtV63qHoRHtReEoliog6Z%2BxKFQ3itK5OE0CByWTPoQzdlUv2QfVVAYHvfSYn4Zfg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 86afdca0991c7148-YUL
x-liquid-rendered-at: 2024-03-27T13:52:36.011534244Z
x-sorting-hat-podid: 126

GET
H3 200 100.latest.en.313e243f59663328b7ae.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
1 KB 40ms
40ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/100.latest.en.313e243f59663328b7ae.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 771059
content-encoding: br
server-timing: imagery;dur=20.793, imageryFetch;dur=20.273, cfRequestDuration;dur=19.000053
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: efc411a1-7a42-473d-8abc-e741a5edfba6-1710774357
last-modified: Mon, 18 Mar 2024 15:05:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H4LqMQauf8vjmBgww1U2eBMea%2FAG3U8TcVBcxKeOH4GYJtZoMBxjLFQpRiQRPbekZzAp33%2F%2FZJB73FVNbDcXdV04AGLSafxPq1VkJlvc%2BFO84J35OVXdGmqEpSqtJtkfIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/100.latest.en.313e243f59663328b7ae.js>; rel="canonical"
cf-ray: 86afdca0ae29711d-YYZ

GET
H3 200 OnePage.latest.en.fee95f16f1d726d5279e.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
241 KB 59ms
59ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/OnePage.latest.en.fee95f16f1d726d5279e.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
server-timing: imagery;dur=70.502, imageryFetch;dur=33.030, cfRequestDuration;dur=37.999868
alt-svc: h3=":443"; ma=86400
content-length: 246132
x-xss-protection: 1; mode=block
x-request-id: 7b6f2b67-1e9d-4b8a-9175-36fb6c86c02f-1711546544
last-modified: Wed, 27 Mar 2024 13:35:44 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5UPRZAxfm%2FtF1j1W9jY3wh%2FqYTKafWOOSpW8kO2gRBXWbYF4LIidfbgC1eQ913duRH%2B8zIpfPaz3E6p7PqvuZM4tu47YfwIRPAijtfKJGjwqONoBKjpuie2LwHZQXNNKLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/OnePage.latest.en.fee95f16f1d726d5279e.js>; rel="canonical"
cf-ray: 86afdca0fead711d-YYZ

GET
H3 200 683.latest.en.92713c61e5ec653ca0bf.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
23 KB 39ms
39ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/683.latest.en.92713c61e5ec653ca0bf.css

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 158938
server-timing: imagery;dur=32.004, imageryFetch;dur=21.619, cfRequestDuration;dur=18.000126
alt-svc: h3=":443"; ma=86400
content-length: 22574
x-xss-protection: 1; mode=block
x-request-id: b405227c-25b2-4ef1-9e91-829889c4d8fc-1711387605
last-modified: Mon, 25 Mar 2024 17:26:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fi3qkiEmRWjhFYiEDaxpp3A2MkDmeq%2BNqHkaZ8jN2A5dMy%2BQSuN2gTPbN3K2US%2BYbSEPUgWpVQeQR7JmlHmyYZcPfHJ0PpIOD%2FzU7lg6tzA0Uf7i3Ic%2F7UObsMjS%2F36Mfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/683.latest.en.92713c61e5ec653ca0bf.css>; rel="canonical"
cf-ray: 86afdca17fd9711d-YYZ

GET
H3 200 app.latest.en.5e52d9ec000e6dcd2cd6.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
2 KB 48ms
48ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.5e52d9ec000e6dcd2cd6.css

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 2404808
content-encoding: br
server-timing: imagery;dur=17.473, imageryFetch;dur=17.052, cfRequestDuration;dur=26.999950
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: ce1fbb11-dcf8-4e0b-aa4e-9153daf49ccc
last-modified: Tue, 20 Feb 2024 17:23:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4fVNuX49AHkmtee9zJkvxWmokIBY1EDZx9Armls%2BWGrnYsCvK7i1vSoqTLF0pATpC9gMJCQG9t0%2F8XDGmbcvaoCRHNSWbnRL0sdlTjdKAToSZMUPFo3ddTntcDiYolU42g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.5e52d9ec000e6dcd2cd6.css>; rel="canonical"
cf-ray: 86afdca1b844711d-YYZ

GET
H3 200 836.latest.en.6e0fd6af0121f716b925.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
6 KB 57ms
56ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/836.latest.en.6e0fd6af0121f716b925.css

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 501008
server-timing: imagery;dur=36.075, imageryFetch;dur=20.351, cfRequestDuration;dur=27.999878
alt-svc: h3=":443"; ma=86400
content-length: 5444
x-xss-protection: 1; mode=block
x-request-id: 3c53ce91-dd99-437d-bb13-231658288044-1711045401
last-modified: Thu, 21 Mar 2024 18:23:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cfLhnVfbnDQJ9pgM8D%2BYCz3C3xRgPN7G46WGPYUhi%2BrbxQKYs0sTD1C7Rnhk5UL%2B%2Fxfnxd20idOfm2BWAyIPnws0ntlmftHZKUN4ZiZFtcntx5NxcCOEQ%2FPm1PTcNhYbgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/836.latest.en.6e0fd6af0121f716b925.css>; rel="canonical"
cf-ray: 86afdca208f9711d-YYZ

GET
H3 200 268.latest.en.247e464c75a56974bcb8.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
9 KB 48ms
48ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/268.latest.en.247e464c75a56974bcb8.css

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 78813
server-timing: imagery;dur=29.388, imageryFetch;dur=20.073, cfRequestDuration;dur=26.000023
alt-svc: h3=":443"; ma=86400
content-length: 8126
x-xss-protection: 1; mode=block
x-request-id: 73066daa-d4f4-482e-b495-a2acdfc3f186-1711466990
last-modified: Tue, 26 Mar 2024 15:29:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwVrifwxKI%2F1yhECXtiWp5L2UQ3%2Bj2XBEE95KxBnZI5ejCWpF05h5Ax6XDxOSoklv5gzritg6uSGtpGNPQhMKeysf3MEKfnTAdpmUeuA7R8vX9qE%2FsJZc8yn9YIRRqwniw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/268.latest.en.247e464c75a56974bcb8.css>; rel="canonical"
cf-ray: 86afdca26a1c711d-YYZ

GET
H3 200 cart.json Show response
jeffreestarcosmetics.com/ 332 B
2 KB 90ms
90ms Fetch
application/json 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cart.json

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

dfc338a4b91d444052bd51b4e5dc3b312aceedc1d5a01c67c5b4f84a3d6fc558

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:36 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
content-encoding: br
x-permitted-cross-domain-policies: none
server-timing: processing;dur=14;desc="gc:1", db;dur=4, asn;desc="212238", edge;desc="YUL", country;desc="CA", servedBy;desc="4fp8", requestID;desc="faf4bb20-0e3d-4bd9-9e30-be8679d72330-1711547556", cfRequestDuration;dur=62.999964
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: faf4bb20-0e3d-4bd9-9e30-be8679d72330-1711547556
x-shardid: 126
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 6732291
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
content-language: en-CA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EEf9o55AOT1C47O83M6J6GP1hizWZywdyDyd4yrOJ6Uj1twLp7DLGho3GIuoGEACePiUAmB%2BDVZFqLGPVhOGaFKLHDcNJaw%2B6S%2BdYnkA6SwcUSTwh4BRQyKXgOCsDeet0OZeOYnvvVPQ1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 86afdca2ac257148-YUL
x-cartjs-cache: 1
x-sorting-hat-podid: 126
x-cartjs-updatedat: 1711547556

GET
H3 200 jsc-logo-black_x320.png
cdn.shopify.com/s/files/1/0673/2291/files/ 0
5 KB 46ms
46ms Other
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0673/2291/files/jsc-logo-black_x320.png?v=1613148469

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
Origin: https://jeffreestarcosmetics.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 2404807
source-type: image/png
server-timing: imagery;dur=110.346, imageryFetch;dur=95.302, imageryProcess;dur=14.345;desc="image", cfRequestDuration;dur=24.000168
source-length: 4048
content-length: 4159
x-xss-protection: 1; mode=block
x-request-id: 07a56dc4-c0aa-44ec-9a8d-4e126527d636
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 09:24:47 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8AAxIaxpIp5kNMvOHYD%2F5B4p5T96v%2B3BwWfjmfTlObARoujvuaznKiJhJdMFv%2Fdt%2BmVBhsDkv1LGlQPxtbdnI7Jpni7102S%2F1lJCYnXa4uZl2HYXw12yht7fn9pb5nRbpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0673/2291/files/jsc-logo-black_x320.png>; rel="canonical"
cf-ray: 86afdca2ba9d711d-YYZ

GET
H3 200 cart.js Show response
jeffreestarcosmetics.com/ 332 B
2 KB 110ms
109ms Fetch
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cart.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

dfc338a4b91d444052bd51b4e5dc3b312aceedc1d5a01c67c5b4f84a3d6fc558

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:36 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
content-encoding: br
x-permitted-cross-domain-policies: none
server-timing: processing;dur=15, db;dur=4, asn;desc="212238", edge;desc="YUL", country;desc="CA", servedBy;desc="p5pc", requestID;desc="48e0cc6e-e37b-4415-8f2e-c77b857a0ed3-1711547556", cfRequestDuration;dur=75.999975
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 48e0cc6e-e37b-4415-8f2e-c77b857a0ed3-1711547556
x-shardid: 126
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 6732291
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
content-language: en-CA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Rtl9gc0dDTNrausavX5Pl1LLhfZ6DaYMAeASp0gEUQikRK0DMEM9yUYuKLN%2BIRnRPF0LeEECmMkwW4dJAAAAmj5R0Dbfd1dM5dLntps5i4Sa75dEL8nt04fLDEoPojPBamca3GgwiDRGg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 86afdca50fe57148-YUL
x-cartjs-cache: 1
x-sorting-hat-podid: 126
x-cartjs-updatedat: 1711547556

OPTIONS
H2 204 bulk
rebuyengine.com/api/v2/analytics/event/ Frame 0
0 60ms
60ms Preflight 172.67.12.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rebuyengine.com/api/v2/analytics/event/bulk?cache_key=1711511657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.12.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-rebuy-user-token
Access-Control-Request-Method: POST
Origin: https://jeffreestarcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Accept,X-Rebuy-User-Token
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
allow: OPTIONS, POST
cf-cache-status: DYNAMIC
cf-ray: 86afdca62e89a222-YYZ
date: Wed, 27 Mar 2024 13:52:36 GMT
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 bulk Show response
rebuyengine.com/api/v2/analytics/event/ 27 B
110 B 59ms
58ms Fetch
application/json 172.67.12.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rebuyengine.com/api/v2/analytics/event/bulk?cache_key=1711511657

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.12.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9c2891c066c83b534ee619c4731ea1de8bf1c1b130a0c1d8dc651f35bc5c913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Rebuy-User-Token: b45c636874b5dfcf2727947b54d6e6c95d192b38
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://jeffreestarcosmetics.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:36 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 86afdca68f15a222-YYZ
content-length: 27
x-xss-protection: 1; mode=block

GET
H3 200 cart.js Show response
jeffreestarcosmetics.com/ 332 B
2 KB 110ms
109ms Fetch
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cart.js

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

dfc338a4b91d444052bd51b4e5dc3b312aceedc1d5a01c67c5b4f84a3d6fc558

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:37 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
content-encoding: br
x-permitted-cross-domain-policies: none
server-timing: processing;dur=18;desc="gc:1", db;dur=5, asn;desc="212238", edge;desc="YUL", country;desc="CA", servedBy;desc="q8mm", requestID;desc="2b87c62a-8098-4932-ba64-9b62cc9f4131-1711547557", cfRequestDuration;dur=82.000017
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 2b87c62a-8098-4932-ba64-9b62cc9f4131-1711547557
x-shardid: 126
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 6732291
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
content-language: en-CA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AVSRcamh8%2BX5pR9d21Bn5wP7sRTiI6sr9ItSJlJG7lRP1D2qgSGtEjpfZH1Ez8cjb26AefwM11z%2BgSzej5JB0%2FJjhO3cKCMvoDA%2FDBWAEAT77xC0%2Bh%2BMuOfmTkl3dhhrlCRwTb%2F0JYJBEw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 86afdca7abbb7148-YUL
x-cartjs-cache: 1
x-sorting-hat-podid: 126
x-cartjs-updatedat: 1711547556

GET
H2 200 area Show response
a.glosku.com/api/v1/shopify-client/ 39 B
409 B 757ms
256ms Fetch
application/json 47.112.135.248
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL

https://a.glosku.com/api/v1/shopify-client/area

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.112.135.248 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

Resource Hash

ec310e3dfe9341986278d037dd01640315e83de09165b28fbf93e1f274742ae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Cache-Control, Content-Language, Content-Type
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 39

GET
H3 200 / Show response
jeffreestarcosmetics.com/cart/ 11 B
2 KB 189ms
188ms XHR
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cart/?view=ac_cart_subtotal_tiers

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

fe9670ac491353425384a019c03db79ab25f9c92c9d4a8dace55c9f30279c928

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: */*
Referer: https://jeffreestarcosmetics.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=7889238
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
x-cache: miss
server-timing: processing;dur=105;desc="gc:45", db;dur=19, fetch;dur=1, render;dur=1, wasm, asn;desc="212238", edge;desc="YUL", country;desc="CA", theme;desc="143359049855", pageType;desc="cart", servedBy;desc="7fns", requestID;desc="acd0d3bd-fa9c-4ad0-a24a-73a0c7bad60b-1711547557", cfRequestDuration;dur=158.999920, earlyhints
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: acd0d3bd-fa9c-4ad0-a24a-73a0c7bad60b-1711547557
x-shardid: 126
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
etag: "cacheable:d3ecabd23848d3eb08b25a6e6d1cd6aa"
x-shopid: 6732291
x-frame-options: DENY
vary: Accept
content-type: text/html; charset=utf-8
content-language: en-CA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X3Zj9fRmo2MRkqbybHQdCKyYHpnBXw97tzkXzM7xcPVAtu68hinl8bl0Qq1XRIprqcQm9t9B%2F2Gu%2FocxYilJkGpVnz%2FNC6JRz0AXTqw88DWYLKif6Ta7MC4%2BWcominknxsAAkQppDKjOyg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 86afdcabfaf67148-YUL
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 126

GET
H3 200 milkdesktop22_1728x.jpg
jeffreestarcosmetics.com/cdn/shop/files/ 312 KB
313 KB 73ms
72ms Image
image/webp 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffreestarcosmetics.com/cdn/shop/files/milkdesktop22_1728x.jpg?v=1711482449

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

6d5bb51a541a4c9da38550bd8f5cf8eb53c6bdca9f080fc50460e8d668a32552

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:38 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=1036.255, imageryFetch;dur=36.704, imageryProcess;dur=757.162;desc="image", cfRequestDuration;dur=44.999838
source-length: 1889925
content-length: 319204
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 7651d78d-3e24-4585-a4c4-4b07d7063d56-1711484568
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 26 Mar 2024 20:22:49 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zytZJGwJp%2BwOYFDlTFRoWxQQ1nwEWxPiEfxh0QWDyHyjDzMWfiW5kMJKHpbJG%2ByrsXGx5lDnjQHNyZxW2CaPsmdICHZPLf8kz5SIj584IQGWtayPBHFzzU2HAGJVIEzBAj0IfirLPO%2FELQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86afdcad4d1e7148-YUL
x-sorting-hat-podid: 126

GET
H3 200 / Show response
jeffreestarcosmetics.com/cart/ 11 B
2 KB 101ms
101ms XHR
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffreestarcosmetics.com/cart/?view=ac_cart_subtotal_tiers

Requested by

Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/baf064dacw059a0243p359f28e4m038b1d93m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

fe9670ac491353425384a019c03db79ab25f9c92c9d4a8dace55c9f30279c928

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: */*
Referer: https://jeffreestarcosmetics.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=7889238
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
x-cache: hit, server
server-timing: processing;dur=15, db;dur=6, asn;desc="212238", edge;desc="YUL", country;desc="CA", theme;desc="143359049855", pageType;desc="cart", servedBy;desc="9d52", requestID;desc="24811940-f93d-43bb-b5f5-0381c5ad2dac-1711547558", cfRequestDuration;dur=72.000027, earlyhints
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 24811940-f93d-43bb-b5f5-0381c5ad2dac-1711547558
x-shardid: 126
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
etag: "cacheable:d3ecabd23848d3eb08b25a6e6d1cd6aa"
x-shopid: 6732291
x-frame-options: DENY
vary: Accept
content-type: text/html; charset=utf-8
content-language: en-CA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ICbtppKGsAICzhYWSR5TW0gnyA42%2B6dldN4goj16pxz3ZU%2BbOcaev%2FtkCQnV%2FOAOtANnffXHVAM%2F81k5Wy5ZrOQ26oI7zHM653pKu6ZIbiYQNDqyInJOZMvYveK8gMuZwoPXEX673UZ8Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 86afdcaeafc27148-YUL
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 126

GET
H3 200 blushdesktop1_1728x.jpg
jeffreestarcosmetics.com/cdn/shop/files/ 101 KB
102 KB 101ms
100ms Image
image/webp 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffreestarcosmetics.com/cdn/shop/files/blushdesktop1_1728x.jpg?v=1709919698

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

9ef94c828b7d861be52b3ac0bc2de3c0b8d422205dbc1ba4528477c8132fcb3d

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jeffreestarcosmetics.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:52:40 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=624.645, imageryFetch;dur=57.872, imageryProcess;dur=564.499;desc="image", cfRequestDuration;dur=72.000027
source-length: 1177346
content-length: 103250
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6732291
x-request-id: 7e13abe3-8b09-4e43-805a-9bad95fd48c2-1710184506
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Mar 2024 19:15:07 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2FGh9OqnmM%2BSMFUsrz6J1bZnJi%2F9Xubds5pcMiHPLdf8upEoZ%2BYnj1mSmWZCKy3T6PCnDRM793yD%2F%2BzssLPbJzY709fnillTayHWa3SQpBAHWuY5QFHwIPh4p4%2FmvT7UadnxK1STvfgDpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86afdcbf1b087148-YUL
x-sorting-hat-podid: 126

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
jeffreestarcosmetics.com/	1970-01-21 04:11:23	Name: secure_customer_sig Value:
jeffreestarcosmetics.com/	1970-01-21 04:11:23	Name: localization Value: CA
jeffreestarcosmetics.com/	1970-01-20 19:45:57	Name: cart_currency Value: USD
.jeffreestarcosmetics.com/	1970-01-20 19:27:13	Name: _cmp_a Value: %7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22sale_of_data_region%22%3Afalse%7D
.jeffreestarcosmetics.com/	1970-01-21 04:11:23	Name: _tracking_consent Value: %7B%22region%22%3A%22CAON%22%2C%22reg%22%3A%22%22%2C%22v%22%3A%222.1%22%2C%22con%22%3A%7B%22CMP%22%3A%7B%22a%22%3A%22%22%2C%22p%22%3A%22%22%2C%22s%22%3A%22%22%2C%22m%22%3A%22%22%7D%7D%7D
.jeffreestarcosmetics.com/	1970-01-21 04:11:23	Name: _shopify_y Value: 1c704807-8563-4a8a-a269-462a56b21a3d
.jeffreestarcosmetics.com/	1970-01-20 19:45:57	Name: _orig_referrer Value:
.jeffreestarcosmetics.com/	1970-01-20 19:45:57	Name: _landing_page Value: %2F
jeffreestarcosmetics.com/	1969-12-31 23:59:59	Name: receive-cookie-deprecation Value: 1
.jeffreestarcosmetics.com/	1970-01-20 19:25:49	Name: _shopify_s Value: 62e6c13e-7fdc-4d65-b57a-5cc1ff34069d
.jeffreestarcosmetics.com/	1970-01-20 19:25:49	Name: _shopify_sa_t Value: 2024-03-27T13%3A52%3A33.253Z
.jeffreestarcosmetics.com/	1970-01-20 19:25:49	Name: _shopify_sa_p Value:
jeffreestarcosmetics.com/	1970-01-20 19:25:49	Name: _sp_ses.b16e Value: *
.jeffreestarcosmetics.com/	1970-01-21 05:01:47	Name: rsci_vid Value: 9937ed61-5eba-64b0-5d0f-a9fd7bf2d3fd
.yotpo.com/	1970-01-21 04:11:23	Name: pixel Value: 89dbfc09-1edb-492a-77e1-38f4578aa9f6
.jeffreestarcosmetics.com/	1970-01-21 05:01:47	Name: _ga_81RXDPTBJQ Value: GS1.1.1711547553.1.0.1711547553.0.0.0
.jeffreestarcosmetics.com/	1970-01-20 19:27:13	Name: _gid Value: GA1.2.718365777.1711547554
.jeffreestarcosmetics.com/	1970-01-20 19:25:47	Name: _gat Value: 1
jeffreestarcosmetics.com/	1970-01-21 05:01:47	Name: __kla_id Value: eyJjaWQiOiJaR05rTW1NMU5UWXROV0k0TmkwMFltWmtMVGxtWldRdFpUZ3lZVEE1Tm1VMlpEbG0iLCIkcmVmZXJyZXIiOnsidHMiOjE3MTE1NDc1NTQsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vamVmZnJlZXN0YXJjb3NtZXRpY3MuY29tLyJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTcxMTU0NzU1NCwidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly9qZWZmcmVlc3RhcmNvc21ldGljcy5jb20vIn19
jeffreestarcosmetics.com/	1970-01-20 19:25:51	Name: shopify_pay_redirect Value: pending
.jeffreestarcosmetics.com/	1970-01-20 21:35:23	Name: _gcl_au Value: 1.1.1041787684.1711547555
.jeffreestarcosmetics.com/	1970-01-21 05:01:47	Name: _ga_0MGTFZ50PE Value: GS1.1.1711547554.1.0.1711547554.0.0.0
.jeffreestarcosmetics.com/	1970-01-21 05:01:47	Name: _ga Value: GA1.1.1134354709.1711547554
jeffreestarcosmetics.com/	1970-01-21 05:01:47	Name: _sp_id.b16e Value: 18fff6eb7e2e9002.1711547553.1.1711547555.1711547553
jeffreestarcosmetics.com/	1970-01-21 05:01:47	Name: __wtba Value: eyJ1aSI6eyJ0IjoxNzExNTQ3NTUzLjM5NywibSI6MCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIzLjAuMC4wIFNhZmFyaS81MzcuMzYifSwicSI6W1sicGFnZV92aWV3ZWQiLHsiZW50aXR5X3R5cGUiOiJob21lIiwiZW50aXR5X2lkIjoiIiwicGFnZSI6Ii8iLCJ0aW1lc3RhbXAiOjE3MTE1NDc1NTQuNjQ2fV1dLCJwaSI6eyJuYW1lIjoiLyIsImNvdW50IjoxfX0=
jeffreestarcosmetics.com/	1969-12-31 23:59:59	Name: discount_code Value: CLEAR
jeffreestarcosmetics.com/	1970-01-20 19:45:57	Name: cart Value: c67b68e15aac800476b57990c6217c69
.jeffreestarcosmetics.com/	1970-01-20 21:35:23	Name: _fbp Value: fb.1.1711547554761.248379805
.doubleclick.net/	1970-01-20 19:25:48	Name: test_cookie Value: CheckForPermission
.criteo.com/	1970-01-21 04:47:23	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 04:47:23	Name: uid Value: 6f03994d-fb7f-4468-b58f-cd26fcabd1e0
.jeffreestarcosmetics.com/	1970-01-21 04:55:11	Name: cto_bundle Value: zEGw019nWHMlMkZUYzZTTlcwQjMlMkJLeThaTlNDM2RqUk9zbTRSYTFRVmluOUZkNjNNY2xLbG9VQm5raUFYelFxWURPeEdjWmYlMkJBZEpRQURjODJZck1NVms0dnVEVFM2YnJTc2ZCSEdhNDZXeDBTeXVqVXlLcUFSb0RLenQxMUdleHdHbG1teUJzQUFCa3pIeTk1UGtIV3lVOHRvMkt4N1pwYnd3ZzFtU05qaDUzaUlySlklM0Q
jeffreestarcosmetics.com/	1970-01-20 19:45:57	Name: _r_experiment_1448 Value: %7B%22cartToken%22%3A%22c67b68e15aac800476b57990c6217c69%22%2C%22experiment%22%3A%7B%22experimentId%22%3A%221448%22%2C%22selectedInstance%22%3A%7B%22id%22%3A%221447%22%2C%22alias_name%22%3A%22%22%2C%22element_id%22%3A%22113198%22%2C%22traffic%22%3A%2220%22%7D%2C%22unselectedInstances%22%3A%5B%7B%22id%22%3A%221448%22%2C%22alias_name%22%3A%22%22%2C%22element_id%22%3A%22119096%22%2C%22traffic%22%3A%2280%22%7D%5D%7D%7D
jeffreestarcosmetics.com/	1970-01-20 19:25:49	Name: _rsession Value: 8c476afb802d4417
jeffreestarcosmetics.com/	1970-01-21 05:01:47	Name: _ruid Value: eyJ1dWlkIjoiODk3NWYxMGQtN2M0YS00NGE5LTkzMDMtZDViNGJmZGU5MmY5In0%3D
jeffreestarcosmetics.com/	1970-01-20 19:45:57	Name: cart_ts Value: 1711547556
jeffreestarcosmetics.com/	1970-01-20 19:45:57	Name: cart_sig Value: bfaa2d94e5d5d01a7e0397b8604f0a90
jeffreestarcosmetics.com/	1970-01-20 19:25:49	Name: keep_alive Value: b16cf380-9ff7-40f2-b6e5-a90657256116

33 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://jeffreestarcosmetics.com/(Line 3332) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://jeffreestarcosmetics.com/(Line 3332) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: %c[smsbump web pixel] color:cyan pixel script loaded
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: %c[smsbump web pixel] color:cyan version: 46184b326bc614905ba667fa988bdc50
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: %c[smsbump web pixel] color:pink pixel api [object Object]
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: console.trace
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: console.groupEnd
other	warning	URL: https://jeffreestarcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: %c[smsbump web pixel] color:pink cookie_data [object Object]
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: console.trace
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: console.groupEnd
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: %c[smsbump web pixel] color:pink cookie CREATE
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: console.trace
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: console.groupEnd
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: %c[smsbump web pixel] color:pink setting cookie __wtba: [object Object] Tue, 19 Jan 2038 03:14:07 GMT
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: console.trace
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: console.groupEnd
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: %c[smsbump web pixel] color:pink add event listeners
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: console.trace
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: console.groupEnd
other	warning	URL: https://connect.facebook.net/signals/config/171279846853517?v=2.9.151&r=stable&domain=jeffreestarcosmetics.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://jeffreestarcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jeffreestarcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: %c[smsbump web pixel] color:pink setting cookie __wtba: [object Object] Tue, 19 Jan 2038 03:14:07 GMT
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: console.trace
worker	info	URL: https://jeffreestarcosmetics.com/wpm@af064dacw059a0243p359f28e4m038b1d93/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2) Message: console.groupEnd
other	warning	URL: https://jeffreestarcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jeffreestarcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jeffreestarcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jeffreestarcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://d3hb14vkzrxvla.cloudfront.net/v1/93a2c230-eb12-4070-acd6-b7392ab6f134 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://jeffreestarcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jeffreestarcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.glosku.com
acsbapp.com
ajax.googleapis.com
amaicdn.com
app.restockrocket.io
beacon-v2.helpscout.net
cached.rebuyengine.com
cdn-loyalty.yotpo.com
cdn-swell-assets.yotpo.com
cdn-widgetsrepository.yotpo.com
cdn.acsbapp.com
cdn.rebuyengine.com
cdn.shopify.com
cdn.weglot.com
cdnjs.cloudflare.com
connect.facebook.net
consentmo-geo.com
customerapp.anncode.com
d18eg7dreypte5.cloudfront.net
d1stxfv94hrhia.cloudfront.net
d3hb14vkzrxvla.cloudfront.net
discountmanager.amai.com
dynamic.criteo.com
ekr.zdassets.com
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
gdpr.apps.isenselabs.com
gdprcdn.b-cdn.net
googleads.g.doubleclick.net
gum.criteo.com
jeffreestarcosmetics.com
jsccustomerservice.zendesk.com
p.yotpo.com
rebuyengine.com
shop.app
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.klaviyo.com
static.zdassets.com
staticw2.yotpo.com
stats.g.doubleclick.net
waves.retentionscience.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.merchant-center-analytics.goog
104.16.53.111
104.17.25.14
104.18.7.32
104.18.70.113
104.18.72.113
104.22.0.204
104.22.32.205
13.127.102.73
142.251.16.94
142.251.163.101
142.251.163.106
142.251.163.154
142.251.163.94
142.251.163.95
142.251.167.157
142.251.179.97
143.198.251.218
151.101.194.133
151.101.2.132
151.101.2.133
151.101.66.133
172.253.115.113
172.253.115.155
172.253.62.95
172.67.11.155
172.67.12.125
172.67.68.105
172.67.68.196
172.67.69.32
185.93.1.244
192.229.163.223
23.22.5.68
23.227.38.32
23.227.38.33
23.227.60.200
23.62.174.68
3.132.1.36
3.161.210.216
3.162.3.118
3.162.3.7
3.162.7.55
31.13.66.19
31.13.66.35
47.112.135.248
52.3.141.14
74.119.119.139
74.119.119.142
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
05edddad07671c347ad1494faa8660441213af6bf8ebf2ccf7569224c2a5a2b4
13753d9a0ddb0f10a14e3807f6241dff0de8c4813a587baf136280aa9cfea6d0
1511e97896db948e9e058259af4d24e6175730bbfa69517d161a12e0be9be417
1546aa34b7af4527b2eb497a351eb5fab9ea20c0cbc7dd28096ebeb2d0ff1d3f
15d2a1644d21426190a2e1ac405360081c1e3306d7d620f19cf144c28eddbf7f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1852f7c3ade045bb1648a64441d727ad65c46cdf4162bb78dad3e1005cbf247e
1900b83c725993f346411dfcafcd970be84ac03bd682c93f81e44512c124fc65
1b94e5acb84244aa8bfde22cefbc9b5ffbdd53b42de640274421c68b8939d317
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1bdea061b099a0124814c1f06200ed6b56602cde9c6c06b649c8f9c4f14de23b
1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f
1e0fb284dfac5a1db0eea756850a45bde214c49d22585550133189f2ca152e61
1e8ff7c362f70415bad137f8dfc71381b3859938058ea93497ce49431ca5041e
1fa6a6a3678a8ee96a48afd35a2f528e9cd3e082ea71f8bf57ff7fad542c8c00
200d393d052b3c836bd465f89accae4f2c9975b0d9dc5c5184a15ff5bea8d79c
21f1a123a3e5c681a3ca575ac7cd7af919cf596e28f8707e24e36936503296aa
241cde33f66fa1ec682848ea2008ee0dbd8f6c3b7c09a957ee5dc8a80c227330
2468c6d0f1c1f454aeefdbd83df77b42449233125c11d1347a548ef61887323f
2b94731d440087668033de043ac96ec34fca2186bb8c5acf1196106df93b1be4
2d9c5d2f7ac08283c4991901cb2e99b89f7bc2b83c0cde2da06ef4ae4b3bfdfd
2e994cb0b343d3edeb1b58566cc21a641fc7d06bf0f285d5988cca28b0089f20
31c4e5bf8620de1ea3b8503c3df70c096c9668f824d2c61efde5dac252104a51
32ae1f4874f0dc708000247f3fb1ad47327f08b5752bd1ed1242b02318e83af6
381b37762970831071baa2916dcb4008f0039de83e6db97e20085b3c61daff54
38b904a1cf83df048360fb2480571b749fd98d57e11f1afdffb5a74a78166fea
3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd
41b13fecfa34c5566dfa6bb5cba7e572e567cea0c92e5b51b0d8cef42937465c
43821947e0ab6bdb5429dbbcbcde95646d7d9348ec285bcf3de9fce9aa5deec6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46c2e87676af82866e8c4ab53ca12f086015e75f73b7656e429640e34d2e17b2
46e67dcdcfd822bbf3afa0d9312583afda802f25a614ab9fd9aa17bbd937f3a5
49c11210e9e2a81fec53d48665b554019d46504cacc040df514edcb1c065a8cd
4b6275c7977f0cd7698d38c7726149bbb2a9902d33e7dd48a192a889c19f5ab6
4b815979d86effe554c2c612fb559b096c95f4de32c796f64554f6db8efef34e
51c359916588443d85c516f76c343c7e6787b8216d8933ed4864d3fc824d795d
5201b1083f0b6a8306259bbf924f69cc1af9281003dc15829cb0a26b54b547f6
52a27a6a1c1821efdf20d91ece59d5f29ba3ba28cc8480e2f73f3007216e7729
5577d20df0e7bb5279ed60e5a0e1bc03a6798a14f817bee80ace7cf854930022
575c6454d5b68907556ef61d448e895eae146fb02cc59082f7c7e94e9b54fc2f
57f5c2709ee3352d1d2d542e3a09c199a883cc96e84f5380937021beeeeb3c50
5dfe5553008e2d963828274103d566d9e16dbbb26ba4ffc1f2af2c23b377da00
5e4ac44ea0dfbec2245c9514599ebdc71d1db9fcca12df1906fbc06908244f2c
6042b166cdc76df9094329890799d3832fc9d6d19ac22053c9a0f2088fe6634e
61c1d58c1ea5fff05d729d1f6e27e4c88480ab9a333ec16c4cdf289d58db0192
61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626
62d3251a394b7ae18ee0505daebd51ea87976fe96203af683f3eb1903a6929de
639ea89cd1d5b96c3f837e13bf460ff8b8f15d818b5f30aa9bdf100ee8696f2a
64f7e0ecc2bc95d54fbc1eddacd9942814787fa67571f845852c0dabac634a11
665e3e60538ea476ded6e28d149d6aa0657ef9109734a5899354494bf79deb5d
67fe368168d4d8dbfa1ce733163fe43075e50eb2696b487f84387ad27065282b
6a54c89db1fb4f8b04489cb7eebbbb0b62e8ab798660e22abc973232d80e8d12
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2361c0d0de589abacecbb7d54342976d313319dfed0715bf20de68853c16e9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d5bb51a541a4c9da38550bd8f5cf8eb53c6bdca9f080fc50460e8d668a32552
6ed50f35dfa84208081e6994ac3758e141451835192d3cf6b3f6cb9b623dea86
6f9962946bac4a4f7d65c952502594fa794f572936e53a54bb4462647a2e30e0
75d99bff989b8bfa9686c4b3f4c7a74a670257f3d2229151a5dac92b5d75150d
76ef3ef40191319e2bd2ce884324f286713946cc4073309b60996a0a71761918
7800b091411ef3bd2ce7e03f780f9c90d3fd26653157ac4355fd2267c5222751
7aa07cb9eb4dcbd11651911e5b51ddfcca63a7407e4e82f6cbe1e217688af9e3
7c27fecfd9db86f1d6da1e1da01c32a1708db7e55e645f5db4686fe8c9f9f258
808347cd92e2dd4fe36fae008e3f6e3c9d5f480de159b1352bb45508e118fe01
831c8c1de046a0ff1d57f59c4ce71dc65bd4c9dacc4cd950577c49281eff710a
88f66fbe6e960fb6a9266bc6a09e1b1a8a8d7d1ea555e5d851e9748bd099bb25
88f823cd241df676e35d8cb6c400f4940fb2a8c44ff9b5a14896efe9ed029895
8b880a457a131cb1f783b2b06c49ffed7355a1e1f080c49530a0ae0c3655829f
8bd8626ace6bbc147ea1fe58ae1165a6dcd79b0492213262aef227f722f94053
8e3ef3d4c0bc1eda9a0ec893aa5d46794f0fd897adce8ec493bbcbdac19e0094
8f644e23b79e6c1c3ed61fa20f5818630c17586f1e932367baba04e637ac8309
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
90c91c3158b038a688cd4a400bc1b33a49672f001404efab1f4e62c8e0ba5d3c
99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9cff48b2918dfd7bf3edc4226fb59739f4a2137622db8a859e8a46cc0861a14b
9ef94c828b7d861be52b3ac0bc2de3c0b8d422205dbc1ba4528477c8132fcb3d
9efc3f5b9a825c28d7679a389d8f9e77fc78bebde99071d41891b49b59347a04
9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6
a1b0f655869a326fc59e9567472f7a629652c394e2b55a9988a4f36f002e298b
a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f
a3c9f7f04fd3ace2d223fc29cf0f3f0c30a78ac5ff3538a510b87c8571d28cda
a61d6d8fb0c423e279e9a95b47312b747c7b49e8188128ca4e15bc9f8ea0cad6
a6eee58bc9d85eab55a8d76f49f03f44528975eb259573f418a7c78dbe425072
a95267db319f32a8e567c3a8018bf3a2a5199a95dddbbb1523f747eac4e655e2
a9dda4253a3edf4e05f605a04fcd4bc87b88e53456f964519a3667462cc84244
ab27a2834cdff464ac083b0b4fb2d9607e3024f86f022bc2efd826673416930d
adad0f387bdee702d1120265df725c20b92e9d1eaaca34557fd6208babd0cc1b
ae4d06ec5d6791cb37a0430fde397c89efcf26a7940a422ad87bb2e4ec97252f
afedd78bb0e1e4e837769d5d361f5d8bd3ba863cf5eaa77caa22f79e65aab7ae
b13f731e33ca920632336078d904c853eb745e0bfff9007d732a5979e82f4d68
b2dae0a5c9a0b003395edb9cc6626d1d276aeeb7f8a923148b5c246fdc5d3c83
b361da78f868ec5563e71ee83043c56ae242baf40b97fc16d0535be901afde0d
b4243f06574c94ddaf59ee6002236835be6cbe83a0554865520bfb52338d28a4
b5e3bbf3b396ac6e77914ab2b2747aa6d19836fad35e51ebfe8e0e7bedd5a7b8
b701c98e464a82589aa5dfa3ac2d36e9ef3fb403c435c8a0642b4474e86185b0
b791b7b3f41e97751f4b01eee942b720d3e6e141fc95aad5e302e4e602771a3a
b824e8c6d9f5635e8fc1b2a2ad0f7400b8fe7bb26c347d68cc30e43823bc0b97
b8cd90329cd1c01ece6d7198416368323c1c7fb2a8a4abb412415369e844b30a
b96c94c1b99dc9bf133428f309db1af557ec022820e19728b169b50ecce8cf8f
ba548478d053bb6421285c667cb31830ff18506fb39970e73610411dfd042cf0
bb8d8f1ac92076838afbc5d039b1f60ad83c1dcb38911112059afeae7dc4583d
bcaed90419730a8c13aa735118a799dfbb7e5819004edc6b1d902fc34be73fa9
c30f96a0ea18c8b9ab21f72623f8192fc27a16c7ed8478e869a6352b6250acac
c33ac6bac0d25dcb6f29eca048dfb3fcc7e0e50ef3df9aecb3f5375f7b1300b9
c340b0cf70897c277e0a16a1869a56ab4b6e5a78e14c0862f4e48038678ecadc
c52c73407a0d652b51d31bdcb5dff0050e9f916b58bca340d677fddb22b76572
c85808fb17dad6d17a6a86647928fc077aee349bc4aa37d129971c1a4ec4ed81
c9881931311b77f935225d7eeb7ebd0395480a7737a56d427778c98534ade38a
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
cee9e3ca775f03fba491dbcff01a55c929d3ad21076ec647445c96e5ba83a2c3
cface07e6e1951822c8f1da212c8a4317072380424668e58833250304ed8aaa9
d13b8eb6f5e95444487a5c7a4446d44a6eb4738b9e8f2007a124a38525c283e3
d32eb598d06797c30eb0ab0f472c07bb6798f03654f4829a964a70d5c4dec9da
d4aa3444bfbeeef5b54c3c84ed94595c16b297c7fcbe18602fdb9b194642d7ab
d83bc89cefaa62a09b8c0310d4ccf5a997bd7618861245d0f68a89826841ee22
da53b6c1335684d4e53097a8e6f2af93413341c465b9aa154bc297f1174c79f9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea5769a3218c9f801260d6f31e012cc152068fc321d4604d9f62fbeacd74577
ded3cc824f7bd6d490d247ad247bc13cd3205f3dca15e6afa78610dc8a4d1143
dfc338a4b91d444052bd51b4e5dc3b312aceedc1d5a01c67c5b4f84a3d6fc558
e0ad91996e3d3f195379a0b9fe37eba7f4e13721ef255d12b28429fbf2a58cca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c2891c066c83b534ee619c4731ea1de8bf1c1b130a0c1d8dc651f35bc5c913
eb20f71262a4a21f5257d53936882cedf4bd52d3337d9ddad538df870937957f
ec310e3dfe9341986278d037dd01640315e83de09165b28fbf93e1f274742ae6
ecbc8ec397d10fd2d87634bb247a4b1a05fd52bd9069bb29aab6fc494646cc2f
edc6615cbf86cc4784338f530963b5da942552f1fea45bb3b1db81f6b9eaea17
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cf1f743e4cd96c4f168e07c776c480d3bf331b5909ed620d1e0a363f1cab59
f52aece28683003958abe407c4045ee5da4e1cd29df6fc3c0843762218f0940d
f5478093cbd10c6f050a10a8b06ea68f587a3b237718cd1a1b1f9b8b37ccff4a
f62dc3f5f8ca06800b802f0b40c0e35308076893a773451f3c04b38f41af3f02
f679a8b86dd4434fe7476b92dd83f3d997cf89b0d064d45a512bbc4c444243a1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8287b2f4982c54b0d6a1533ee7d2f5f5e19d3b50f9607e08c51fbacbdd21180
f9ad420bf51c2930fc2a49d44209d202cb18acb2d8b82853a01023e69eab6885
fa75146bb8fd71c51ce0327a19d8d7fb3ca68061e66d3ddaef815be77f5311b9
fdc7c9e615b73858ee588266d4408f1adf8bbc41ad70d1f0eb422e4c635b4ec9
fe9670ac491353425384a019c03db79ab25f9c92c9d4a8dace55c9f30279c928

jeffreestarcosmetics.com Open in urlscan Pro 23.227.38.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

181 Requests

99 %HTTPS

0 %IPv6

34 Domains

50 Subdomains

45 IPs

6 Countries

4565 kBTransfer

12169 kBSize

38 Cookies

5 Outgoing links

Page URL History

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

jeffreestarcosmetics.com Open in urlscan Pro
23.227.38.32 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

99 %
HTTPS

0 %
IPv6

34
Domains

50
Subdomains

45
IPs

6
Countries

4565 kB
Transfer

12169 kB
Size

38
Cookies

181 HTTP transactions
0 data transactions