URL: https://xdwlzcx.cyou/
Submission: On April 16 via api from US — Scanned from NL

Summary

This website contacted 56 IPs in 7 countries across 38 domains to perform 239 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is xdwlzcx.cyou.
TLS certificate: Issued by GTS CA 1P5 on April 15th 2024. Valid for: 3 months.
This is the only time xdwlzcx.cyou was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
23 188.114.97.3 13335 (CLOUDFLAR...)
1 2620:127:f00f... 13335 (CLOUDFLAR...)
46 23.227.38.67 13335 (CLOUDFLAR...)
38 2620:127:f00f... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.18.147.46 13335 (CLOUDFLAR...)
2 2620:1ec:46::45 8075 (MICROSOFT...)
8 151.101.2.133 54113 (FASTLY)
9 151.101.66.133 54113 (FASTLY)
7 2620:127:f00f... 13335 (CLOUDFLAR...)
1 151.101.194.133 54113 (FASTLY)
1 151.101.130.133 54113 (FASTLY)
8 2a00:1450:400... 15169 (GOOGLE)
4 52.224.31.34 8075 (MICROSOFT...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:8e::84 54113 (FASTLY)
5 104.126.37.178 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.64.148.201 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 23.227.60.200 13335 (CLOUDFLAR...)
6 151.101.64.84 54113 (FASTLY)
1 142.250.186.163 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.67.202.194 13335 (CLOUDFLAR...)
2 54.164.134.147 14618 (AMAZON-AES)
1 2606:2800:233... 15133 (EDGECAST)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 172.217.16.142 15169 (GOOGLE)
3 2600:9000:249... 16509 (AMAZON-02)
1 172.217.18.8 15169 (GOOGLE)
1 216.58.206.36 15169 (GOOGLE)
10 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 104.26.9.183 13335 (CLOUDFLAR...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.101.1.195 54113 (FASTLY)
1 172.67.140.43 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700:311... 13335 (CLOUDFLAR...)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2600:9000:235... 16509 (AMAZON-02)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 13.57.77.176 16509 (AMAZON-02)
2 143.204.207.250 16509 (AMAZON-02)
2 35.84.122.13 16509 (AMAZON-02)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
3 35.190.43.134 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 104.17.25.14 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.122.77 16509 (AMAZON-02)
239 56
Apex Domain
Subdomains
Transfer
84 forwomenusa.com
forwomenusa.com
1 MB
24 xdwlzcx.cyou
xdwlzcx.cyou
2 MB
23 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 3278
static-tracking.klaviyo.com — Cisco Umbrella Rank: 3969
fast.a.klaviyo.com — Cisco Umbrella Rank: 4251
static-forms.klaviyo.com — Cisco Umbrella Rank: 3927
a.klaviyo.com — Cisco Umbrella Rank: 3873
167 KB
12 hextom.com
tms.hextom.com — Cisco Umbrella Rank: 103708
cdn3.hextom.com — Cisco Umbrella Rank: 308209
170 KB
10 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2345
241 KB
9 gstatic.com
fonts.gstatic.com
49 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 751
h.clarity.ms — Cisco Umbrella Rank: 5973
c.clarity.ms — Cisco Umbrella Rank: 1390
29 KB
6 tidiochat.com
widget-v4.tidiochat.com — Cisco Umbrella Rank: 21946
319 KB
6 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 920
6 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 710
151 KB
4 snapchat.com
intg.snapchat.com — Cisco Umbrella Rank: 14587
tr.snapchat.com — Cisco Umbrella Rank: 877
5 KB
4 cloudfront.net
d1bu6z2uxfnay3.cloudfront.net
d3k81ch9hvuctc.cloudfront.net
75 KB
3 reconvert-cdn.com
reconvert-cdn.com — Cisco Umbrella Rank: 36167
9 KB
3 shoppinggives.com
cdn.shoppinggives.com — Cisco Umbrella Rank: 55421
stores.api.shoppinggives.com — Cisco Umbrella Rank: 42188
81 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
282 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
22 KB
2 zip.co
gateway.us.zip.co — Cisco Umbrella Rank: 30968
447 B
2 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1149
28 KB
2 avada.io
cdn1.avada.io — Cisco Umbrella Rank: 62599
seo.apps.avada.io — Cisco Umbrella Rank: 38450
2 KB
2 growthsuite.net
analytics.growthsuite.net
app.growthsuite.net Failed
821 B
2 google.nl
www.google.nl — Cisco Umbrella Rank: 10632
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 87
394 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3076
www.google.com — Cisco Umbrella Rank: 2
315 B
2 quadpay.com
widgets.quadpay.com — Cisco Umbrella Rank: 57214
cdn.quadpay.com — Cisco Umbrella Rank: 51224
310 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 918
22 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
74 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 239
2 KB
1 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 904
9 KB
1 stilyoapps.com
www.stilyoapps.com — Cisco Umbrella Rank: 68778
385 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 233
766 B
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2955
382 B
1 uppercommerce.com
edt.uppercommerce.com — Cisco Umbrella Rank: 180815
20 KB
1 tidio.co
code.tidio.co — Cisco Umbrella Rank: 17277
488 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
274 B
1 merchant-center-analytics.goog
www.merchant-center-analytics.goog — Cisco Umbrella Rank: 5512
252 B
1 maxepv.com
www.maxepv.com — Cisco Umbrella Rank: 134905
35 KB
1 shop.app
shop.app — Cisco Umbrella Rank: 2966
554 B
239 38
Domain Requested by
84 forwomenusa.com xdwlzcx.cyou
forwomenusa.com
24 xdwlzcx.cyou xdwlzcx.cyou
forwomenusa.com
www.maxepv.com
cdn1.avada.io
10 cdn3.hextom.com cdn.shopify.com
10 cdn.shopify.com xdwlzcx.cyou
9 fonts.gstatic.com fonts.googleapis.com
9 static-tracking.klaviyo.com static.klaviyo.com
8 static.klaviyo.com xdwlzcx.cyou
static.klaviyo.com
6 widget-v4.tidiochat.com code.tidio.co
6 ct.pinterest.com www.maxepv.com
s.pinimg.com
5 analytics.tiktok.com forwomenusa.com
analytics.tiktok.com
4 a.klaviyo.com www.maxepv.com
4 h.clarity.ms www.maxepv.com
3 tr.snapchat.com www.maxepv.com
sc-static.net
3 reconvert-cdn.com xdwlzcx.cyou
reconvert-cdn.com
3 d1bu6z2uxfnay3.cloudfront.net xdwlzcx.cyou
d1bu6z2uxfnay3.cloudfront.net
3 www.googletagmanager.com forwomenusa.com
www.googletagmanager.com
www.google-analytics.com
3 www.google-analytics.com forwomenusa.com
www.google-analytics.com
www.maxepv.com
2 gateway.us.zip.co www.maxepv.com
2 stores.api.shoppinggives.com www.maxepv.com
2 sc-static.net intg.snapchat.com
2 c.clarity.ms 1 redirects
2 tms.hextom.com www.maxepv.com
2 analytics.growthsuite.net www.maxepv.com
2 www.google.nl xdwlzcx.cyou
2 stats.g.doubleclick.net www.googletagmanager.com
www.maxepv.com
2 s.pinimg.com forwomenusa.com
s.pinimg.com
2 connect.facebook.net forwomenusa.com
connect.facebook.net
2 www.clarity.ms xdwlzcx.cyou
www.clarity.ms
2 fonts.googleapis.com xdwlzcx.cyou
client
1 d3k81ch9hvuctc.cloudfront.net
1 cdnjs.cloudflare.com
1 cdn.optimizely.com www.maxepv.com
1 www.stilyoapps.com www.maxepv.com
1 c.bing.com 1 redirects
1 intg.snapchat.com xdwlzcx.cyou
1 cdn.polyfill.io xdwlzcx.cyou
1 cdn.shoppinggives.com xdwlzcx.cyou
1 edt.uppercommerce.com xdwlzcx.cyou
1 seo.apps.avada.io xdwlzcx.cyou
1 code.tidio.co 1 redirects
1 cdn1.avada.io xdwlzcx.cyou
1 www.google.com xdwlzcx.cyou
1 www.facebook.com xdwlzcx.cyou
1 cdn.quadpay.com widgets.quadpay.com
1 www.merchant-center-analytics.goog www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 widgets.quadpay.com xdwlzcx.cyou
1 static-forms.klaviyo.com static.klaviyo.com
1 fast.a.klaviyo.com static.klaviyo.com
1 www.maxepv.com xdwlzcx.cyou
1 shop.app xdwlzcx.cyou
0 app.growthsuite.net Failed cdn.shopify.com
239 52
Subject Issuer Validity Valid
xdwlzcx.cyou
GTS CA 1P5
2024-04-15 -
2024-07-14
3 months crt.sh
shop.app
E1
2024-03-27 -
2024-06-25
3 months crt.sh
forwomenusa.com
R3
2024-02-24 -
2024-05-24
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
maxepv.com
E1
2024-04-09 -
2024-07-08
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
static.klaviyo.com
R3
2024-03-13 -
2024-06-11
3 months crt.sh
static-tracking.klaviyo.com
R3
2024-03-21 -
2024-06-19
3 months crt.sh
cdn.shopify.com
E1
2024-03-05 -
2024-06-03
3 months crt.sh
fast.a.klaviyo.com
R3
2024-03-13 -
2024-06-11
3 months crt.sh
static-forms.klaviyo.com
R3
2024-02-20 -
2024-05-20
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01
2024-01-14 -
2024-06-27
5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-01-25 -
2024-04-24
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-31 -
2024-08-07
a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018
2023-07-14 -
2024-08-13
a year crt.sh
quadpay.com
GTS CA 1P5
2024-04-12 -
2024-07-11
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.google.nl
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
merchant-center-analytics.goog
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
growthsuite.net
GTS CA 1P5
2024-03-29 -
2024-06-27
3 months crt.sh
*.hextom.com
Amazon RSA 2048 M03
2024-02-15 -
2025-03-14
a year crt.sh
sni11811gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-29 -
2025-01-28
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
avada.io
GTS CA 1P5
2024-03-10 -
2024-06-08
3 months crt.sh
www.blast-engine.io
GTS CA 1D4
2024-03-13 -
2024-06-11
3 months crt.sh
uppercommerce.com
GTS CA 1P5
2024-03-03 -
2024-06-01
3 months crt.sh
cdn.shoppinggives.com
Amazon RSA 2048 M02
2023-11-20 -
2024-12-17
a year crt.sh
*.polyfill.io
Sectigo RSA Domain Validation Secure Server CA
2024-02-20 -
2025-02-19
a year crt.sh
reconvert-cdn.com
E1
2024-03-13 -
2024-06-11
3 months crt.sh
intg.snapchat.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-09 -
2024-07-09
a year crt.sh
stilyoapps.com
Amazon RSA 2048 M02
2023-06-30 -
2024-07-29
a year crt.sh
sc-static.net
Amazon RSA 2048 M03
2023-12-21 -
2025-01-18
a year crt.sh
api.shoppinggives.com
Amazon RSA 2048 M03
2023-10-20 -
2024-11-16
a year crt.sh
gateway.us.zip.co
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
tidiochat.com
GTS CA 1P5
2024-03-17 -
2024-06-15
3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-21 -
2025-02-20
a year crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1
2023-09-01 -
2024-09-04
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh

This page contains 6 frames:

Primary Page: https://xdwlzcx.cyou/
Frame ID: D158DCCBB9FBACEB9C2EB9DED3F03E80
Requests: 227 HTTP requests in this frame

Frame: https://xdwlzcx.cyou/wpm@cad39b03we51f70f0pbc988c4cmaac70d51/custom/web-pixel-shopify-custom-pixel@063/sandbox/modern/
Frame ID: 1CFB3D106AE0D84001F1A47988FCB665
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: AC90E6CAAFC61CDB208FE2E1A10A9DB0
Requests: 1 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_222_0/static/js/chunk-WidgetIframe-af3d0704fbf4e7df24d9.js
Frame ID: 541E5DDF7B6599FCDFF066B2416CF8D8
Requests: 4 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=7d54f07c-7685-4354-9a0f-576d9f30508f&u_scsid=5b95600d-8b41-4013-ba91-e5259a842824&u_sclid=98353532-e643-4501-9a8f-2c31370660a8
Frame ID: E5FBF2C674621B75D81D259AA1538B24
Requests: 1 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Frame ID: EF5DE63EA0206E3FE48767145D8FEA7D
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Women's Fashion Store | Women's Clothes Store Online - For Women USA

Detected technologies

Overall confidence: 100%
Detected patterns
  • zip\.co

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • klaviyo\.com

Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

239
Requests

98 %
HTTPS

51 %
IPv6

38
Domains

52
Subdomains

56
IPs

7
Countries

4934 kB
Transfer

11791 kB
Size

35
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 178
  • https://code.tidio.co/uuq154rok3swhwsz02kibnzoiabmvdyf.js?shop=for-women-usa.myshopify.com HTTP 302
  • https://widget-v4.tidiochat.com/1_222_0/static/js/render.af3d0704fbf4e7df24d9.js
Request Chain 187
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=56AC4E4D375C495F9411A98743A5C433&RedC=c.clarity.ms&MXFR=3AA3D3CB45EA61BB34F5C7A841EA6F08 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=56AC4E4D375C495F9411A98743A5C433&MUID=0666EE589CF766AD1E4FFA3B9DA067C4

239 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
xdwlzcx.cyou/
2 MB
200 KB
Document
General
Full URL
https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
693bb9ff2c19368680c7b274e4e7c107c9bbb53c56d169749bdc8214cc145222
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
875804f55a2d0bda-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 16 Apr 2024 23:40:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCGN%2Fe4Bry%2BZpP9cRjjH7eOC07drMAwnSAuPEn5zDibvoHXbACLjJ7BVF1nZNuDJI1uqsNUXSY%2FybegdbcCAr%2FxXYAhDwuydPSOpYpK14LybqSgNVvd9sM3esCFS6fIA5ZubJiVuyPpkKHU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
preloads.js
xdwlzcx.cyou/checkouts/internal/
0
0
Script
General
Full URL
https://xdwlzcx.cyou/checkouts/internal/preloads.js?locale=en-US
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nx0hYBUnmHF1A3llPu3DB%2Fg1ci3trt02XhQtQytuUHR%2FB0FsomjQKDTyDqCnxBJ0bpT%2BlJgSfdKCwg0%2FsO%2FOn6glYD5M%2BLvosee4RY31SgiaBM6owCM8b4EJJnkMfCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
875804fb9c080bab-AMS
alt-svc
h3=":443"; ma=86400
preloads.js
shop.app/checkouts/internal/
0
554 B
Script
General
Full URL
https://shop.app/checkouts/internal/preloads.js?locale=en-US&shop_id=42384720021
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff00:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HpG19r%2B0di3NTXTpjR6hUV5t4a1aKzQSRTVXzHYjN%2BpvXzxpVUaDBTOkY%2BiNKbeOoO0ni1WTdJAukuWpQOKchWhTKzMFXw3CT8QId9mlmqI4yRIQOa%2B%2B8GVgTHJynVdmLwOfjGMm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60
server-timing
cfRequestDuration;dur=16.000032, ipv6
timing-allow-origin
*
cf-ray
875804fbd8be971a-AMS
content-length
0
alt-svc
h3=":443"; ma=86400
load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js
forwomenusa.com/cdn/shopifycloud/shopify/assets/storefront/
12 KB
4 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-east1,gcp-us-central1
age
2887396
content-encoding
br
server-timing
imagery;dur=79.614, imageryFetch;dur=78.649, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
d47e67d7-3a3a-4ecb-84ab-6b9ab8821cfb-1710423420
last-modified
Thu, 14 Mar 2024 13:37:00 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VnJyyNaZJFygnHk1QIF3EBDmdy5QLwkhIp4hvN7BiyCOHfaeH%2BKXbUrg2k6e1Pd5bAX71orFqzIS7%2BY6Etu3CKN89HtgNfiHGrDCxNH4BqI9hcU%2FQ%2FfNTiT46wUsZP6bmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
cf-ray
875804fc9f8bb98c-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js>; rel="canonical"
x-sorting-hat-podid
-1
features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js
forwomenusa.com/cdn/shopifycloud/shopify/assets/storefront/
37 KB
14 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-east1,gcp-us-east1
age
2962655
content-encoding
br
server-timing
imagery;dur=31.046, imageryFetch;dur=28.458, cfRequestDuration;dur=17.999887
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
1f728878-86a0-4c15-9401-278f7f45042e
last-modified
Fri, 09 Feb 2024 22:13:48 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1YmTxEU1OT3GyQkQtHd%2BEvpgaSOi%2FF0O3E3Sf7EY5%2BQVFAL18Bmv5fMoLSanicZV7K9YK8cKuQmwlw9%2Fx1zHMMbna2Ps%2B8muQwfidKT7tLxfhc7PXU%2FqsZir%2BX%2FpxNlmUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
cf-ray
875804fc9f89b98c-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js>; rel="canonical"
x-sorting-hat-podid
-1
scripts.js
forwomenusa.com/cdn/shop/t/29/compiled_assets/
33 KB
2 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/compiled_assets/scripts.js?16853
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04ce9a5c22288d26ae22f6c736841beba843eea57803acff31bf2ba14f0aa360
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-central1
age
514046
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=181.031, imageryFetch;dur=67.380, cfRequestDuration;dur=13.999939, ipv6
alt-svc
h3=":443"; ma=86400
content-length
1732
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
2d647681-878e-40c6-892f-3221746d37a3-1712796575
last-modified
Thu, 11 Apr 2024 00:49:35 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=euqBqhbPQD%2FKa64jxBKjOjxWq6gDdkacy0En%2FcbZD1Zfwsw0kl9t1SV4i4vI59aRY2fUTxFdUKj3DFG4V%2B7Z3eWGVP3A0uaL22A2x6%2Bf4IgVM703McD%2BiVn8%2FV%2FKajeO%2FZ%2Fr6CukItAIGqitEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
875804fc8ec966cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/compiled_assets/scripts.js>; rel="canonical"
x-sorting-hat-podid
223
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i&display=swap
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b4f34c4f49ea2f2c810577d2963705cd5a7463630effe9c9d668284152f6113
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 Apr 2024 23:40:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 Apr 2024 21:41:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Apr 2024 23:40:16 GMT
base.css
forwomenusa.com/cdn/shop/t/29/assets/
101 KB
20 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/base.css?v=22923371910395077571687380841
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df989c44fa44645072b10d46ca05d321c9e1dd197b88ce1a07dc4c8fa9725066
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
2214014
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=179.421, imageryFetch;dur=168.812, cfRequestDuration;dur=13.000011, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
f11a9bed-5327-4f51-986a-a3a5431545f5-1709753682
last-modified
Wed, 06 Mar 2024 19:34:43 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qE26HPHfj%2BOg%2BnxwForcYbyozDi2VPTrYmywJUDc2BXCl%2BSpCybWrQ43w0QXHqdpgov7CBitaKCUX1RtwiBLoV5sSEohuaTrGp1zOi69xWG0XHv1LqnzvJy54U1Ck5%2BYMzU2DuozRMZRpSLf2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fbfe8c66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/base.css>; rel="canonical"
x-sorting-hat-podid
223
base-banner-animation.css
forwomenusa.com/cdn/shop/t/29/assets/
817 B
791 B
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/base-banner-animation.css?v=142525759880205592811687380841
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d906c4c1c5aa4f35fd464d7a2e026bcc3b44bafbc2ef2fa2812b7c4d0ad9ebca
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2948714
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=60.518, imageryFetch;dur=59.052, cfRequestDuration;dur=13.000011, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
93faa868-b5d8-422a-a453-74bfe98b3334-1710178444
last-modified
Mon, 11 Mar 2024 17:34:04 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mB88u7I9UeSRpI4oLHa5LgO20hubnCD9Rx1FGMjImdDS6g4HJS%2B%2BwDjpO6kjdzyuBQoNw9Zb4HS8Kvu8YXkKsGLV72wSezdsa1Kxyi%2BBDrhkEBorJLdDDP2ZDIoC%2BOAxrRsmdq%2BFn9P2xsKuhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fbfe8a66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/base-banner-animation.css>; rel="canonical"
x-sorting-hat-podid
223
component-card-banner-animation.css
forwomenusa.com/cdn/shop/t/29/assets/
2 KB
1 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-card-banner-animation.css?v=55904521405352394641687380842
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1feaa913ce618f2e916333354b2e9f3c72ec1fca73f90a750c85ead3363e9904
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2948714
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=103.303, imageryFetch;dur=101.841, cfRequestDuration;dur=13.999939, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
6d30a38c-7402-4dcf-9dd7-a53bbec91633-1710186337
last-modified
Mon, 11 Mar 2024 19:45:58 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tu91vVnDm9dTd7JSrnyQuAP5trHeUYVamz96to8e40r%2FiX5ZeArn%2F5m%2FfOuibQ2iWW6wrYuYANBwJgQqU%2F87rLOYlEP3xwsre6thRrV%2F30a%2B6Rio8OFFP%2F4r5ciabkcNCjikAFlPernzeMZa2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fbfe8b66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-card-banner-animation.css>; rel="canonical"
x-sorting-hat-podid
223
animated.css
forwomenusa.com/cdn/shop/t/29/assets/
6 KB
2 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/animated.css?v=54616323744978996581687380841
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c995f39b23a6e581a2f48d9049718e07787d1bb9bb2f738be113b2e1c0adbe0e
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
2965723
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=112.537, imageryFetch;dur=109.935, cfRequestDuration;dur=13.999939, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
b69888ca-a9d6-4a88-9e73-4c8c0bdd97a3-1709753682
last-modified
Wed, 06 Mar 2024 19:34:43 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I9Pvo7SG%2BDGJtwwOXlhXCNQAOgQHjt5YhkQVCvCYymsT4b8k8IcxTPXzKf8HP5hHCBDfoifo9WQSEjrqCn3Hod1YXPhuS8O%2BZc6LebT6AdnJuqvyG%2F%2BgnPbpxysPOYGmUlg2Wd4FmRIK9rFRhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fbfe9266cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/animated.css>; rel="canonical"
x-sorting-hat-podid
223
component-card.css
forwomenusa.com/cdn/shop/t/29/assets/
55 KB
10 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-card.css?v=12243491930720169821687380842
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2f0842cc58701f40155fb656896d5bf06a24b71661ecd1468de2020c8717be
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
966680
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=91.508, imageryFetch;dur=83.461, cfRequestDuration;dur=13.999939, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
94da8e37-acc5-4424-b82c-55e8c061d52d-1709756890
last-modified
Wed, 06 Mar 2024 20:28:11 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AX4l77R07uAJzXitleT%2FaCFb2XlOIGDMdi2k%2B%2FHr%2Fwu3oNU7NF3oeE%2BlE624GF4rTtlbPEOjM3uy20NF6gYUykGkmdyfDcZQofHB1xYZN7Y%2FkiaMNBq5hEFwbySwfDrkNA2vceEFbQHf62aiWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fbfe9166cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-card.css>; rel="canonical"
x-sorting-hat-podid
223
component-loading-overlay.css
forwomenusa.com/cdn/shop/t/29/assets/
4 KB
2 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-loading-overlay.css?v=170491267859233445071687380843
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b9e357abda2dcf1f51272566523f8ad8875c6056e848b92bb062128e75d5ecc
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
966680
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=65.239, imageryFetch;dur=63.823, cfRequestDuration;dur=12.000084, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
d4642df2-b3dd-49c4-a6ae-057653b2ef85-1710182335
last-modified
Mon, 11 Mar 2024 18:38:56 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6OK1cNAOwiYGRi%2B%2F%2Bl0%2F4houglSEpNx82H5OWj03tkL6oSxW49QvRunpAmMkFV2TgXcrMIRGOpxZVonqaTpr07Yj7tVhN%2FP8JKA05K04nGr7sH0GX6v%2BqbslyTLnZLj6Edu1Js65lsF%2BH0wzFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fbfe8d66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-loading-overlay.css>; rel="canonical"
x-sorting-hat-podid
223
component-loading-banner.css
forwomenusa.com/cdn/shop/t/29/assets/
19 KB
4 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-loading-banner.css?v=160158853675259399421687380843
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40d58e879584730be9263deeb66875b6ae9f4857f1e7be5e6674bfb8ccf02dad
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
966680
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=83.211, imageryFetch;dur=78.083, cfRequestDuration;dur=13.999939, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
b81d3f91-ec8b-41ca-8d67-8252887662b5-1709752545
last-modified
Wed, 06 Mar 2024 19:15:45 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSILMeSZxKRW8UgaE60dzPbuh6z7ksCcX56N9%2BF7rcTfPXQzUZiPTycQYaHKj6DY7Kc4yIIX2QAFPAHcorfDniW0aQLBsA3DwBOZ6y6kAuM7MHxJZVKqhyO6a8aXv7OTKCs3S3Lp3UeIIQfFGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fbfe9066cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-loading-banner.css>; rel="canonical"
x-sorting-hat-podid
223
component-quick-cart.css
forwomenusa.com/cdn/shop/t/29/assets/
14 KB
4 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-quick-cart.css?v=126678254764554091781687380844
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d133212c0636e4af8de33a4c79af9bc3513d0db77c4ae98e7e29a9c65ec5aa74
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
2948714
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=87.086, imageryFetch;dur=83.741, cfRequestDuration;dur=15.000105, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
667cd7d9-ce46-4d0b-836b-8eade3a1238d-1709764752
last-modified
Wed, 06 Mar 2024 22:39:12 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3sBLlvsTgV4Zi6e4GF12XIICqK8U7xI8RHFLFeSMEN7dD82SD%2FbF0s1KfIFIxZnzwICLplekpp73u9i3ddveW9bW5orFFvH89zJe%2BncjVJjt3%2BDntkKRiPhlsf%2BtsE0Vucamy30Z21Yd8iCLUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fbfe8e66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-quick-cart.css>; rel="canonical"
x-sorting-hat-podid
223
component-predictive-search.css
forwomenusa.com/cdn/shop/t/29/assets/
17 KB
4 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-predictive-search.css?v=104537003445991516671687380844
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6debbdb418f81138c6c8d9a573c682c89c980f48bc44fad26cb1be2627a1d2eb
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2948714
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=55.085, imageryFetch;dur=51.305, cfRequestDuration;dur=13.000011, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
47c779d3-f400-4afb-b626-2f484f4226c5-1710186337
last-modified
Mon, 11 Mar 2024 19:45:57 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4bQNRrZ%2F4tlFzDk3ZH%2Bpq%2FPz8bFSh9yL0i4sZAwuu%2FJWDafbSI%2BfkjJI4hwhv2bF7B3j%2FCu4k8sasEbWMXvLQv3nVdmrmMnkcn%2BKs1YrSYbjKgDpAABPWwE2afQ9bIGwOZgfwaNAPqukbtiKmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc0e9a66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-predictive-search.css>; rel="canonical"
x-sorting-hat-podid
223
vendor.js
forwomenusa.com/cdn/shop/t/29/assets/
153 KB
49 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/vendor.js?v=50823196851932006391687380848
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c107dd973707f4b64ca3e2fde011b99695ea384e4b821983d44151c20be139
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2948714
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=116.345, imageryFetch;dur=51.816, cfRequestDuration;dur=16.000271, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
cd396b41-d452-4174-97a8-bfbcfda71c86-1710186337
last-modified
Mon, 11 Mar 2024 19:45:58 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uLDaSVa7PiLUYHIgx6PkRebMmXwmSH1axFs%2B%2BSRrBmOUjOgIyJJaur7gDL9Gq0u8prYqwm3Ex9rhy3PaJ2T3y9YzndApWVkfq3ajPwcm3xi43701mFqYxLI5EQXwzVyIgYtCO32%2BOpLzkZf2rA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc0e9d66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/vendor.js>; rel="canonical"
x-sorting-hat-podid
223
global.js
forwomenusa.com/cdn/shop/t/29/assets/
25 KB
7 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/global.js?v=6139048740553227541687380846
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01fa0ba1c2d3d0f205a144a641432860cc1d2528db734501e0a4ac6fdb7c7d1d
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
966680
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=153.111, imageryFetch;dur=147.828, cfRequestDuration;dur=19.999981, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
b2af06cf-fe04-48b4-b257-3760329533f3
last-modified
Thu, 29 Feb 2024 16:53:24 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4w4NkWL45zrrt5K0lPmGJicJ2nfyOpHXCnCfibzmF%2BuKgKdBaSABMp0Q8SdmzuhcR04PbrLVoVulgxtEtK%2FysZwTWxQOUNVegjcMete%2B12ZeHUsoY6MwCoZ6TgDnUe7A9iRrnn5Vmsj8ipF8Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc0e9c66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/global.js>; rel="canonical"
x-sorting-hat-podid
223
lazysizes.min.js
forwomenusa.com/cdn/shop/t/29/assets/
8 KB
4 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/lazysizes.min.js?v=122719776364282065531687380847
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96168f75aafd51751c96aa73e57e77c4e3928f92cba9aa7949452db8478fd84d
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
2955503
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=95.984, imageryFetch;dur=95.029, cfRequestDuration;dur=13.000011, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
717167fe-c292-44a5-adcc-15923e8b5ea5-1709756891
last-modified
Wed, 06 Mar 2024 20:28:11 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Pa4tcIm6TttrUDnwFDwZVGmyT%2BbeGUDdm%2FWULt4Qh85gImdJkdIoMQ3rdOjngrwCWeVBBeKnL3j%2BU%2FHdI7CnzuNob3L7Fvpi2SrJrCtp5DU%2B2T4QlxGLbwasiTfCHO8njoiOgc1LfrwIHysMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc0e9b66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/lazysizes.min.js>; rel="canonical"
x-sorting-hat-podid
223
predictive-search.js
forwomenusa.com/cdn/shop/t/29/assets/
10 KB
3 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/predictive-search.js?v=149417193411660522631687380847
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f24c1af8bbe0ba77217b6f7c4ce30637aea4ac8f173464616b7b0cfbe0b59963
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
2259388
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=73.965, imageryFetch;dur=71.526, cfRequestDuration;dur=13.000011, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
854a56ec-8bfe-4024-af5c-87b6e7cb7ecf
last-modified
Fri, 12 Jan 2024 00:31:34 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MuQ1GNM6b3iFQfoXoSSUgjnuIMygMymjzWQOjMoFzSBcmwdhu%2FOdsTHhQ%2B9pdFAXCwXZwhoncQCcEyK861z9FF0UOYwi0wO7kGemvEWsc%2FXSq%2BGbRm7pELedBIP7Dv8IrBgXJQflL2H%2FkC%2FjhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8eca66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/predictive-search.js>; rel="canonical"
x-sorting-hat-podid
223
banner-animation.js
forwomenusa.com/cdn/shop/t/29/assets/
3 KB
1 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/banner-animation.js?v=31722358347073312901687380841
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29926beed89331905750af3f5bd58c97f028d54eadfc6016adcc2aedbeb26c6c
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
966679
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=52.460, imageryFetch;dur=49.206, cfRequestDuration;dur=14.999866, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
150b8e23-e115-483e-bacf-dbb7b293c934-1710186359
last-modified
Mon, 11 Mar 2024 19:46:19 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2F0xxNVKt6w2iA5%2FJcZ%2Bplj%2BSc%2FjXYZsAm5Qbn7xyKw%2FU1NXMtlYov8PDUkCqhqHYR7%2BiP8O8aUglRNx8FXGvIsziscxK5agtWS9%2FQ68ogE%2Fa8ORtE6pMog4a3Z303BkPsdh3u88NPTD28wcvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ecb66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/banner-animation.js>; rel="canonical"
x-sorting-hat-podid
223
ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~
www.maxepv.com/
99 KB
35 KB
Script
General
Full URL
https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.147.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f99a3f767eb976876e0f8a5219ed4b41a360852f8ba643b18b8e16d663573c12
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-backend-connect-time
0.000
content-encoding
br
x-backend-status
200
x-backend-server
hydra-mesh8-1
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
no-cache
referrer-policy
never, no-referrer
x-backend-response-time
0.012
server
cloudflare
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-robots-tag
none
cf-ray
875804fce91f96f1-AMS
expires
Thu, 01 Jan 1970 00:00:01 GMT
vendor.css
forwomenusa.com/cdn/shop/t/29/assets/
1 KB
923 B
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/vendor.css?v=164616260963476715651687380848
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e425e717e6e3fc49d52c62157fa134e0aa8cb7d43e0253f4e6ce772cb1c032
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
966679
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=210.269, imageryFetch;dur=208.927, cfRequestDuration;dur=13.999939, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
a44dadb5-8410-46c9-b3fd-0f4d018babb7-1709756800
last-modified
Wed, 06 Mar 2024 20:26:40 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tObxWH75fhv67f9nhXKDe7KofOf95pAkWzGnviokopTsPrhjfRICnN4UCtoEC5IIUbzSS0o0rFOH5BZVZzclZVDcwcfm7aZYCdiUzKQavGuhvPxhJLdZvl7gQDiDQr580mcaZeC%2Ft2241trOYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ecd66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/vendor.css>; rel="canonical"
x-sorting-hat-podid
223
component-product-form.css
forwomenusa.com/cdn/shop/t/29/assets/
6 KB
2 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-product-form.css?v=140087122189431595481687380844
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b047ddae2663d76e079ee8dac055f1af2395e770c98ad969acddef4cc2be4b
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
249019
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=50.217, imageryFetch;dur=48.580, cfRequestDuration;dur=13.000011, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
e75d523a-5d60-4f4b-a8e7-a2eb3c5fdc98-1709765178
last-modified
Wed, 06 Mar 2024 22:46:18 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewB%2FCWesUmOQ1cQqhmxhwll0sJHbq7bJYEAqfyjNrXKkHM9ilOfg5wAi0TD0GmxMZ9piKxhI%2FDPOhTRJ6krTSVV7fVLvXq%2B0pKuc5bK57lTHFO2fRNuC%2FfiB52GM3FZY6DEw2hZSkSRQdlc%2BJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ece66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-product-form.css>; rel="canonical"
x-sorting-hat-podid
223
component-review.css
forwomenusa.com/cdn/shop/t/29/assets/
1 KB
1 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-review.css?v=100129706126506303331687380845
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f6d0511e1ce14ea7ff68e0a08b01292df6704ea9cb465bff825446c468ab079
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
966679
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=97.371, imageryFetch;dur=95.735, cfRequestDuration;dur=13.999939, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
168eeb28-dd1b-4bc3-836f-d47c3d5f090e-1709764374
last-modified
Wed, 06 Mar 2024 22:32:54 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uALP3YsNFfa7W1SXrxdjHaf6e2UgoGnvdcUB9vSI8tCaHXjCfrlFUFZMSQwIOkg6CZSXFuNrA7ab%2BK09tAzWqiCWcVOfAuer%2FUmNZJ%2FcBBb3GL4BfxpeFqaAQwNmZInJGcpYbg2ffk4nIQMu8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ecf66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-review.css>; rel="canonical"
x-sorting-hat-podid
223
component-price.css
forwomenusa.com/cdn/shop/t/29/assets/
2 KB
2 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-price.css?v=139205013722916111901687380844
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29ac1174cbc093fb820d9b26e37fe808d03cde535c30f626f8b9378f4f5d3129
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2463675
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=169.828, imageryFetch;dur=57.148, cfRequestDuration;dur=16.000032, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
ee84189a-6d39-420e-b460-1b8e8c30a2ad-1710182336
last-modified
Mon, 11 Mar 2024 18:38:56 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LMMvUVvd9uZCMH%2BvtKD8KfMkHkIYDTCtUntk3mfL1pZG1hqyNbtu8FCBLHSaZwi1v3PULDr5F6r%2F7Twu8Dh4gzHwd%2BPZrobc0AgIc4lHQfG7oGDPOg207j7s%2BnFYccSpmTkEF4fILsPuzzFhLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ed066cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-price.css>; rel="canonical"
x-sorting-hat-podid
223
component-badge.css
forwomenusa.com/cdn/shop/t/29/assets/
1 KB
966 B
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-badge.css?v=20633729062276667811687380842
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f29ff8111bcf370d791e1e69f8caf806de0d42d1bf1e7d6163e257d102cf6db
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
1036383
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=645.254, imageryFetch;dur=77.605, cfRequestDuration;dur=17.000198, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
20c247bd-9415-4b53-a2cb-56878ddad5e7-1710178140
last-modified
Mon, 11 Mar 2024 17:29:01 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xoTr57frtldYiHdnNnOFCYI%2BuMfKaAes0pfYlSpVBq7yhXhOmQB%2BoVpAeikQCrmmELXLy7cSKnsesnpGlzDnvNF0uDaoEMht566NPoXZXY12Zs2RwHH4qam1g1rLQafohbyElCbJ%2FQhOtFW9Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ed166cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-badge.css>; rel="canonical"
x-sorting-hat-podid
223
component-rte.css
forwomenusa.com/cdn/shop/t/29/assets/
10 KB
3 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-rte.css?v=74468535300400368301687380845
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729d6080310b94fdbbb9fbe483feeea1f05330c8d8697e3c1305d7bbca3567a2
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2948714
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=58.643, imageryFetch;dur=55.664, cfRequestDuration;dur=20.000219, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
ef972ea0-24c3-43d3-befc-cefb9095e18a-1710182336
last-modified
Mon, 11 Mar 2024 18:38:56 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pU3fuf7zOGxHgXMu2JqmC1FAP6ILdHp7XFSXgIP0oFNB3HivTj%2Fhx3T%2Bc%2BI0tZUD4MwDDHiOpLE0%2FUQwYHzPPlb%2B7o4WF6Tf9goFrEr2bgL%2B3eLX4kgNghajD2beo62QPd7wPQAzmE9RtSv0EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ed266cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-rte.css>; rel="canonical"
x-sorting-hat-podid
223
component-share.css
forwomenusa.com/cdn/shop/t/29/assets/
5 KB
2 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-share.css?v=44588194783764334011687380845
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b97728f6d4038abbfccb6cb29aa65c8c2435ddda76040dc742419907f9b5e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-central1
age
2965711
content-encoding
br
server-timing
imagery;dur=111.731, imageryFetch;dur=55.107, cfRequestDuration;dur=17.000198, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
d6f006c0-84b2-4008-8930-0be2edfe30f1
last-modified
Thu, 02 Nov 2023 05:29:30 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrM79t6ma8nNoPRoAV%2ByZhfPIAmdCjq17y8INUbja4QUsBCHc%2B0GyRhurNOiEdA0ZYql7yLp6LDOjSCf1gRQXzLScYDJsdtW0AD%2FYGaz6gC2toRbhS2T6Aiza3AMcp3%2FSOhGXBiRSKBfdh22pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ed366cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-share.css>; rel="canonical"
x-sorting-hat-podid
223
component-newsletter.css
forwomenusa.com/cdn/shop/t/29/assets/
5 KB
2 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-newsletter.css?v=54058530822278129331687380844
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492ad805551c89fe6b5c6b582242e362af636c8477f20a3d96f44effcb753878
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
1090079
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=56.626, imageryFetch;dur=54.080, cfRequestDuration;dur=15.000105, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
d2b93b12-109b-4570-b775-436594d79e53-1709765421
last-modified
Wed, 06 Mar 2024 22:50:22 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCQn6ysKZvl5HrDSnoN6%2F5Bt7aaw3Pfq8XLGLlXPG08BtO8WLzsjIa%2FoznxjESYM%2Bte%2BXxToKOgkDVlTjy2WrqWu37KWD%2BLXe253U02pY31T2EyxGOFEBULsD9FJR20%2FzSdJbWHwNY%2BLavTnVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ed466cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-newsletter.css>; rel="canonical"
x-sorting-hat-podid
223
component-slider.css
forwomenusa.com/cdn/shop/t/29/assets/
2 KB
2 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-slider.css?v=37888473738646685221687380845
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78c6a17c9f5fab867ad9ac03c0121379cb7b8c3a291ed4bd8bb3df9c1f9dcba6
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
2955502
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=74.055, imageryFetch;dur=72.780, cfRequestDuration;dur=14.000177, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
470a81fe-9fc1-4867-a46c-fb65f1e4c3d8-1709845602
last-modified
Thu, 07 Mar 2024 21:06:42 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLGMng%2FgMnkQZbgTGsC6Cxhkrf4RZzMZISIpbGjZVyl9B0qyPq7Gx7RsYaiMPkH38XkWMtSAvrfepfz1VLcDC6s7pl2sY%2FdUz38lbdwtwbHXdstR3QF7Qua40l1k07GYx%2BAhMTC807y1fCCqdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ed566cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-slider.css>; rel="canonical"
x-sorting-hat-podid
223
component-list-social.css
forwomenusa.com/cdn/shop/t/29/assets/
3 KB
1 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-list-social.css?v=102044711114163579551687380843
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d1e34bdfaaf5b197e92d82ae1a1e31c0823c15ee7a7f24702efb4123b6ab12
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
1417968
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=126.897, imageryFetch;dur=125.017, cfRequestDuration;dur=18.000126, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
2fb0f8d4-b2fa-4ddf-8a28-091b45fe6a08-1710178445
last-modified
Mon, 11 Mar 2024 17:34:05 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k6rZ7rPd6WFM7pPlshCPcK141kZ7dufPfu8wSTrWirH4gM3hfmTzEAmeGEFQQcSIvBTLGS4ZSLeg9nt%2BpgCRfxzurWWEZ6%2BPr6oX7wCof2obzplNhqx878CkqKiWZOtrJR37aie8Fs%2BLUvyeCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ed766cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-list-social.css>; rel="canonical"
x-sorting-hat-podid
223
flagBs.js
forwomenusa.com/cdn/shop/t/29/assets/
377 KB
264 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/flagBs.js?v=119002448183918949901687904929
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43423c0ebdb87f7f7f09c18c407ac757cbc2208d746de39c7d3827e6cbe03858
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
1036383
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=91.625, imageryFetch;dur=72.737, cfRequestDuration;dur=18.999815, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
89d2b18b-3469-40c9-849e-787ab2c41936-1710186359
last-modified
Mon, 11 Mar 2024 19:46:19 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YKQJIu2WlZ8nBn4lyHxOBdMciDCL%2F9NLfwPMUM3UGJhN7z5p6F9Ew%2BVjj91cARwX8lAsWNRM1e%2BLgaq4b9ZyuzwZBY7p1%2FM6lIFTB1%2Bp78D3EOujK04jIh2S7PNeWFE3O51ZaSJAYQW%2FN%2BZGvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ecc66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/flagBs.js>; rel="canonical"
x-sorting-hat-podid
223
i84r47yqi0
www.clarity.ms/tag/
667 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/i84r47yqi0
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6ebbcad9962ec13003c11a21aa75b2df9de48918943cf1318c3f81257d81a56f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Tue, 16 Apr 2024 23:40:16 GMT
x-azure-ref
20240416T234016Z-17d488f697fvv6d8fgtsg71vr000000002v000000000d9bb
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
667
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
klaviyo.js
static.klaviyo.com/onsite/js/
4 KB
2 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SeQPVd
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f854305daf9a5d65e5d7f44943ab42a822cd07a045863ea4172b63f6c600daed
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:16 GMT
age
2799
x-cache
HIT, HIT
content-length
1264
x-served-by
cache-lga21942-LGA, cache-ams21035-AMS
server
nginx
x-timer
S1713310817.786649,VS0,VE76
etag
"9c0475932a71368b13f0aa614e526ea1"
allow
GET, OPTIONS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-language
en-us
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
content-type
application/javascript
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
43, 0
component-product-form.css
forwomenusa.com/cdn/shop/t/29/assets/
6 KB
0
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-product-form.css?v=140087122189431595481687380844
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b047ddae2663d76e079ee8dac055f1af2395e770c98ad969acddef4cc2be4b
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-east1,gcp-us-central1
age
249019
content-encoding
br
server-timing
imagery;dur=50.217, imageryFetch;dur=48.580, cfRequestDuration;dur=13.000011, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
e75d523a-5d60-4f4b-a8e7-a2eb3c5fdc98-1709765178
last-modified
Wed, 06 Mar 2024 22:46:18 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewB%2FCWesUmOQ1cQqhmxhwll0sJHbq7bJYEAqfyjNrXKkHM9ilOfg5wAi0TD0GmxMZ9piKxhI%2FDPOhTRJ6krTSVV7fVLvXq%2B0pKuc5bK57lTHFO2fRNuC%2FfiB52GM3FZY6DEw2hZSkSRQdlc%2BJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ece66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-product-form.css>; rel="canonical"
x-sorting-hat-podid
223
component-slider.css
forwomenusa.com/cdn/shop/t/29/assets/
2 KB
0
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-slider.css?v=37888473738646685221687380845
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78c6a17c9f5fab867ad9ac03c0121379cb7b8c3a291ed4bd8bb3df9c1f9dcba6
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-east1,gcp-us-east1
age
2955502
content-encoding
br
server-timing
imagery;dur=74.055, imageryFetch;dur=72.780, cfRequestDuration;dur=14.000177, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
470a81fe-9fc1-4867-a46c-fb65f1e4c3d8-1709845602
last-modified
Thu, 07 Mar 2024 21:06:42 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLGMng%2FgMnkQZbgTGsC6Cxhkrf4RZzMZISIpbGjZVyl9B0qyPq7Gx7RsYaiMPkH38XkWMtSAvrfepfz1VLcDC6s7pl2sY%2FdUz38lbdwtwbHXdstR3QF7Qua40l1k07GYx%2BAhMTC807y1fCCqdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ed566cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-slider.css>; rel="canonical"
x-sorting-hat-podid
223
component-review.css
forwomenusa.com/cdn/shop/t/29/assets/
1 KB
0
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-review.css?v=100129706126506303331687380845
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f6d0511e1ce14ea7ff68e0a08b01292df6704ea9cb465bff825446c468ab079
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-east1,gcp-us-east1
age
966679
content-encoding
br
server-timing
imagery;dur=97.371, imageryFetch;dur=95.735, cfRequestDuration;dur=13.999939, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
168eeb28-dd1b-4bc3-836f-d47c3d5f090e-1709764374
last-modified
Wed, 06 Mar 2024 22:32:54 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uALP3YsNFfa7W1SXrxdjHaf6e2UgoGnvdcUB9vSI8tCaHXjCfrlFUFZMSQwIOkg6CZSXFuNrA7ab%2BK09tAzWqiCWcVOfAuer%2FUmNZJ%2FcBBb3GL4BfxpeFqaAQwNmZInJGcpYbg2ffk4nIQMu8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ecf66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-review.css>; rel="canonical"
x-sorting-hat-podid
223
vendor.css
forwomenusa.com/cdn/shop/t/29/assets/
1 KB
0
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/vendor.css?v=164616260963476715651687380848
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e425e717e6e3fc49d52c62157fa134e0aa8cb7d43e0253f4e6ce772cb1c032
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-east1,gcp-us-east1
age
966679
content-encoding
br
server-timing
imagery;dur=210.269, imageryFetch;dur=208.927, cfRequestDuration;dur=13.999939, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
a44dadb5-8410-46c9-b3fd-0f4d018babb7-1709756800
last-modified
Wed, 06 Mar 2024 20:26:40 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tObxWH75fhv67f9nhXKDe7KofOf95pAkWzGnviokopTsPrhjfRICnN4UCtoEC5IIUbzSS0o0rFOH5BZVZzclZVDcwcfm7aZYCdiUzKQavGuhvPxhJLdZvl7gQDiDQr580mcaZeC%2Ft2241trOYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ecd66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/vendor.css>; rel="canonical"
x-sorting-hat-podid
223
component-newsletter.css
forwomenusa.com/cdn/shop/t/29/assets/
5 KB
0
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-newsletter.css?v=54058530822278129331687380844
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492ad805551c89fe6b5c6b582242e362af636c8477f20a3d96f44effcb753878
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-east1,gcp-us-central1
age
1090079
content-encoding
br
server-timing
imagery;dur=56.626, imageryFetch;dur=54.080, cfRequestDuration;dur=15.000105, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
d2b93b12-109b-4570-b775-436594d79e53-1709765421
last-modified
Wed, 06 Mar 2024 22:50:22 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCQn6ysKZvl5HrDSnoN6%2F5Bt7aaw3Pfq8XLGLlXPG08BtO8WLzsjIa%2FoznxjESYM%2Bte%2BXxToKOgkDVlTjy2WrqWu37KWD%2BLXe253U02pY31T2EyxGOFEBULsD9FJR20%2FzSdJbWHwNY%2BLavTnVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ed466cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-newsletter.css>; rel="canonical"
x-sorting-hat-podid
223
component-price.css
forwomenusa.com/cdn/shop/t/29/assets/
2 KB
0
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-price.css?v=139205013722916111901687380844
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29ac1174cbc093fb820d9b26e37fe808d03cde535c30f626f8b9378f4f5d3129
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-central1
age
2463675
content-encoding
br
server-timing
imagery;dur=169.828, imageryFetch;dur=57.148, cfRequestDuration;dur=16.000032, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
ee84189a-6d39-420e-b460-1b8e8c30a2ad-1710182336
last-modified
Mon, 11 Mar 2024 18:38:56 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LMMvUVvd9uZCMH%2BvtKD8KfMkHkIYDTCtUntk3mfL1pZG1hqyNbtu8FCBLHSaZwi1v3PULDr5F6r%2F7Twu8Dh4gzHwd%2BPZrobc0AgIc4lHQfG7oGDPOg207j7s%2BnFYccSpmTkEF4fILsPuzzFhLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ed066cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-price.css>; rel="canonical"
x-sorting-hat-podid
223
component-badge.css
forwomenusa.com/cdn/shop/t/29/assets/
1 KB
0
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-badge.css?v=20633729062276667811687380842
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f29ff8111bcf370d791e1e69f8caf806de0d42d1bf1e7d6163e257d102cf6db
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-central1
age
1036383
content-encoding
br
server-timing
imagery;dur=645.254, imageryFetch;dur=77.605, cfRequestDuration;dur=17.000198, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
20c247bd-9415-4b53-a2cb-56878ddad5e7-1710178140
last-modified
Mon, 11 Mar 2024 17:29:01 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xoTr57frtldYiHdnNnOFCYI%2BuMfKaAes0pfYlSpVBq7yhXhOmQB%2BoVpAeikQCrmmELXLy7cSKnsesnpGlzDnvNF0uDaoEMht566NPoXZXY12Zs2RwHH4qam1g1rLQafohbyElCbJ%2FQhOtFW9Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ed166cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-badge.css>; rel="canonical"
x-sorting-hat-podid
223
component-list-social.css
forwomenusa.com/cdn/shop/t/29/assets/
3 KB
0
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-list-social.css?v=102044711114163579551687380843
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d1e34bdfaaf5b197e92d82ae1a1e31c0823c15ee7a7f24702efb4123b6ab12
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-east1
age
1417968
content-encoding
br
server-timing
imagery;dur=126.897, imageryFetch;dur=125.017, cfRequestDuration;dur=18.000126, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
2fb0f8d4-b2fa-4ddf-8a28-091b45fe6a08-1710178445
last-modified
Mon, 11 Mar 2024 17:34:05 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k6rZ7rPd6WFM7pPlshCPcK141kZ7dufPfu8wSTrWirH4gM3hfmTzEAmeGEFQQcSIvBTLGS4ZSLeg9nt%2BpgCRfxzurWWEZ6%2BPr6oX7wCof2obzplNhqx878CkqKiWZOtrJR37aie8Fs%2BLUvyeCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ed766cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-list-social.css>; rel="canonical"
x-sorting-hat-podid
223
component-share.css
forwomenusa.com/cdn/shop/t/29/assets/
5 KB
0
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-share.css?v=44588194783764334011687380845
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b97728f6d4038abbfccb6cb29aa65c8c2435ddda76040dc742419907f9b5e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-central1
age
2965711
server-timing
imagery;dur=111.731, imageryFetch;dur=55.107, cfRequestDuration;dur=17.000198, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
d6f006c0-84b2-4008-8930-0be2edfe30f1
last-modified
Thu, 02 Nov 2023 05:29:30 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrM79t6ma8nNoPRoAV%2ByZhfPIAmdCjq17y8INUbja4QUsBCHc%2B0GyRhurNOiEdA0ZYql7yLp6LDOjSCf1gRQXzLScYDJsdtW0AD%2FYGaz6gC2toRbhS2T6Aiza3AMcp3%2FSOhGXBiRSKBfdh22pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ed366cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-share.css>; rel="canonical"
x-sorting-hat-podid
223
component-rte.css
forwomenusa.com/cdn/shop/t/29/assets/
10 KB
0
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-rte.css?v=74468535300400368301687380845
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729d6080310b94fdbbb9fbe483feeea1f05330c8d8697e3c1305d7bbca3567a2
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-central1
age
2948714
content-encoding
br
server-timing
imagery;dur=58.643, imageryFetch;dur=55.664, cfRequestDuration;dur=20.000219, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
ef972ea0-24c3-43d3-befc-cefb9095e18a-1710182336
last-modified
Mon, 11 Mar 2024 18:38:56 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pU3fuf7zOGxHgXMu2JqmC1FAP6ILdHp7XFSXgIP0oFNB3HivTj%2Fhx3T%2Bc%2BI0tZUD4MwDDHiOpLE0%2FUQwYHzPPlb%2B7o4WF6Tf9goFrEr2bgL%2B3eLX4kgNghajD2beo62QPd7wPQAzmE9RtSv0EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fc8ed266cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-rte.css>; rel="canonical"
x-sorting-hat-podid
223
fender_analytics.f692ee00c71150d7db91.js
static-tracking.klaviyo.com/onsite/js/
31 KB
13 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/fender_analytics.f692ee00c71150d7db91.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SeQPVd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5WJy..Lo4mK2jnII0rHa1l5haINArMgZ
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:16 GMT
x-amz-request-id
41Y2RTP149KA3F25
age
3062
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
12748
x-amz-id-2
mKL1xWMRGO3xerTYlPL0yRvVbZ5DZgnzOEYw7UzT/IairFK8mTlaNUFMOeD5za6kjnB4D8Fzjtw=
x-served-by
cache-lga21947-LGA, cache-ams21062-AMS
last-modified
Thu, 11 Apr 2024 15:48:20 GMT
server
AmazonS3
etag
"cb6418619f08d5e582cf68f2d2432438"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
f762585ddd3a013913c4e420e75aa2819d1084f2
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
9, 857
static.500134348b1f0969ffe3.js
static-tracking.klaviyo.com/onsite/js/
2 KB
1 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SeQPVd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
pOOHfwEpxidpf1C5y5x2xTnzSKHLx9Qw
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:16 GMT
x-amz-request-id
ENY9D5YSSWTZMA0V
age
3062
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
1029
x-amz-id-2
7YTZXjqkIvOweXIi7oeSA0xceDuWnmsMjEiNKqUFwDsP8LixUujiplLZJYiO/I8qfIFeO9cu6W1SD2AsFigCFg==
x-served-by
cache-lga21976-LGA, cache-ams21062-AMS
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"64de10774c3382fe4adddab07ea17f0d"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
182878, 890
runtime.c7512673339d90d039c9.js
static.klaviyo.com/onsite/js/
20 KB
9 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/runtime.c7512673339d90d039c9.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SeQPVd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e00405228d32a6313f875d22f53fc45f0a4d334b550cdb1e311f4c5ea51b161

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
GkOtr2ddjn_R3yJS983dja_.OGWbv5MA
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:16 GMT
x-amz-request-id
8PZZX4HW7W1X6HD8
age
3063
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
8207
x-amz-id-2
JiMl6BJgbTEwho0dgfSav//Z4b3mwhi2ai2XeNHEtvRgFlkgZkm6Kz24iCU30CeEZWVQCxAvISbojjXd+SDrgRZNrz99H8EcV3KrBoyVVFc=
x-served-by
cache-lga21963-LGA, cache-ams21061-AMS
last-modified
Fri, 12 Apr 2024 20:04:19 GMT
server
AmazonS3
etag
"4d6bb987a429dbd7632467dab730ee3b"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
af58ae95e66fb66d3e228300cb50f14f38233295
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
40, 1014
sharedUtils.616df14b2a706a7b4c44.js
static.klaviyo.com/onsite/js/
48 KB
19 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.616df14b2a706a7b4c44.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SeQPVd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09048b15fbd7d6f712c4c85a7ddc7319a73dde5b7691da9effab476ee1aa2965

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
rGLAaboyf2SI0GZbqgcaBQR3V9GErVvR
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:16 GMT
x-amz-request-id
41Y8ZYBMV2DRPKWG
age
3063
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
19177
x-amz-id-2
A2gdlJTMw9Ju1eZt0IuiLcJVt/dzA2sVXWKi12ClWLPxibsltu/kB8nrCa7ab/NZ4BtkC4SAtWCtL3FKxRnqfg==
x-served-by
cache-lga21977-LGA, cache-ams21061-AMS
last-modified
Thu, 11 Apr 2024 15:48:20 GMT
server
AmazonS3
etag
"3eba7f4ef27fe40851e8b2762258e839"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
f762585ddd3a013913c4e420e75aa2819d1084f2
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
3, 1016
vendors~signup_forms~onsite-triggering.ba8577cded4f82f41b4c.js
static.klaviyo.com/onsite/js/
20 KB
8 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms~onsite-triggering.ba8577cded4f82f41b4c.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SeQPVd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ebed3b028151175ddbdb2ac46ca52fc7a72d55359bc957c9b9c2705c1448719

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
vJM4obSNKo7d1l_Qj32_Kc12tVwTdbDL
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:16 GMT
x-amz-request-id
EEGXKF88YXC8NPZJ
age
3063
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
7593
x-amz-id-2
cwXvv3KouO51X6WGhW8rxx/B6Yj8cg8jOQdFxJijT0Uwjz1u9RvpIZs5wuXVSU6G2jut4lATJ1k=
x-served-by
cache-lga21920-LGA, cache-ams21061-AMS
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"22aed99ec57b7723369b1e2785344f4d"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
81, 768
vendors~signup_forms.e707d6d405eecdf67185.js
static.klaviyo.com/onsite/js/
12 KB
5 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms.e707d6d405eecdf67185.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SeQPVd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb8d8f1ac92076838afbc5d039b1f60ad83c1dcb38911112059afeae7dc4583d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
d1sGNARk9_X6XBw0Yedk.EyRlErC5pwP
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:16 GMT
x-amz-request-id
EEGM630EYS73AH5S
age
3063
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
4477
x-amz-id-2
r8KJqBzRjklkSCg8LqB1GiaqybsCBbykYNlPGEV3CdBpouwQrZEBacjrag28AXFeLT1dPivFeug=
x-served-by
cache-lga21965-LGA, cache-ams21061-AMS
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"05af735bb01844f826e4e4e8be8d4529"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
66970, 764
default~signup_forms~onsite-triggering.d4f1b628101215e6995c.js
static.klaviyo.com/onsite/js/
30 KB
10 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.d4f1b628101215e6995c.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SeQPVd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233f8d0da86dd56d6fc5682693e764e5b2e5edd48f739256f12c0edb6b6d3ad0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5PzSqwWDqi2eTOFfYwjQf01KD7GxXbBC
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:16 GMT
x-amz-request-id
41YBGJ0WVEV7SKS3
age
3063
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
9567
x-amz-id-2
YXgoJPrG2T6cKuxAUAmlfpxviu616yFljqFbf22/dVkgRFRvGvnQYLrcoz6vL+coGS2zU7rM2sbSk/vVNi9VZeYAlICSuahe
x-served-by
cache-lga21975-LGA, cache-ams21061-AMS
last-modified
Thu, 11 Apr 2024 15:48:20 GMT
server
AmazonS3
etag
"60d00174aa98bd484102dfcb1d9f3c38"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
f762585ddd3a013913c4e420e75aa2819d1084f2
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
305559, 770
signup_forms.8f980028619ad7e27714.js
static.klaviyo.com/onsite/js/
14 KB
6 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/signup_forms.8f980028619ad7e27714.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SeQPVd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d154632ae37eb690df9e6e55fc911dcc855c251c29f320e2f4fac54b8c3d28b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
GpyCVQ_kOZccsRF7csDWZxIETpCKNwUP
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:16 GMT
x-amz-request-id
41Y0B427RN3M32KJ
age
3062
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
5524
x-amz-id-2
nTQskSYchRWQEoFgN8uiYjrbBu5KYFfrJsFOQQyGZrWqE/tBXjp6F4fKelUBaNm2gpcYE+3leQg=
x-served-by
cache-lga21928-LGA, cache-ams21061-AMS
last-modified
Thu, 11 Apr 2024 15:48:20 GMT
server
AmazonS3
etag
"47e84954ebf6877e7f6c565008d27cd4"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
f762585ddd3a013913c4e420e75aa2819d1084f2
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
3, 364213
post_identification_sync.c45bc1da7d619d242b74.js
static-tracking.klaviyo.com/onsite/js/
7 KB
3 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/post_identification_sync.c45bc1da7d619d242b74.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SeQPVd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
920e1736ea49bdb9d6ee3ffaf68ba619094bb41aa118607675e92a3bb64ba320

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
lnC4.nH51ldd_9HmeP4wZUvnrxE5OciH
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:16 GMT
x-amz-request-id
PNJW5WCAZ83YW8FP
age
3063
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
2959
x-amz-id-2
bn8YZuQgBgaGk206kQR/9+qR3cgGMs/ohR8sUEZ5+LbT1a/F6VjUtfCX5ZMsOFbFYnlitOHcSXg=
x-served-by
cache-lga21964-LGA, cache-ams21062-AMS
last-modified
Thu, 11 Apr 2024 15:48:20 GMT
server
AmazonS3
etag
"c1a42a7ee79d1073850b10a66eae473a"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
f762585ddd3a013913c4e420e75aa2819d1084f2
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
2, 181
tapita-schema-config.json
cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/
815 B
813 B
Fetch
General
Full URL
https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/tapita-schema-config.json?v=1692139614
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f360a8a02173b01269c3b03b3afccf015e99b51e9e410101c970c2af83bd661b
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
41683
server-timing
imagery;dur=90.581, imageryFetch;dur=64.662, cfRequestDuration;dur=23.000002, ipv6
alt-svc
h3=":443"; ma=86400
content-length
284
x-xss-protection
1; mode=block
x-request-id
78390dcc-1670-433d-85a0-ebed21e4332f-1713269133
last-modified
Tue, 16 Apr 2024 12:05:33 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IOV%2FdePwF2EPCh4Lp%2B0pu1g%2FwIfGnEQ5FmDz%2B5YOacL59OKje9xT%2F5g8RBYwJHmu5Yirzn3I1f%2BoXARUUmM6BgRBalYccN%2FGTsVaNQkCuWczHM5HqRg0aWoeug7kxC%2BH%2F%2F2OJS5EeT1bUhXG0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/tapita-schema-config.json>; rel="canonical"
cf-ray
875804fe1bbeb8c4-AMS
tapita-meta-data.json
cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/
264 B
1 KB
Fetch
General
Full URL
https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/tapita-meta-data.json?v=1692138159
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
634cda7d6781876ff282d2d38f1f00daf5492562c4c14cd9bc605fdb120ca452
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-central1
age
41683
server-timing
imagery;dur=96.670, imageryFetch;dur=74.385, cfRequestDuration;dur=19.999981, ipv6
alt-svc
h3=":443"; ma=86400
content-length
99
x-xss-protection
1; mode=block
x-request-id
a304aa62-544e-421d-8f12-25d36df49537-1713246874
last-modified
Tue, 16 Apr 2024 05:54:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8DxTcshfNbNu2AV0gfTCKNrskARFnmBEK57hWMZoUj%2B%2B86RF92WdkRLHl5RlOle1hInz8i497aZQNlFK6noje5Coq8F1ypE352Zp5DF0%2BAkA%2FeJhuMmpMOesKnKiL1eW70OK4nIEjKTSFBvctQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/tapita-meta-data.json>; rel="canonical"
cf-ray
875804fe1bc1b8c4-AMS
tms-translator.min.js
cdn.shopify.com/extensions/6bc613ac-4d3c-486f-b9a4-063627428416/hextom-translate-and-currency-27/assets/
450 KB
91 KB
Script
General
Full URL
https://cdn.shopify.com/extensions/6bc613ac-4d3c-486f-b9a4-063627428416/hextom-translate-and-currency-27/assets/tms-translator.min.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
602729964b63519a84c73eea267b9c6afdf5f6b0ac9b252e29db5edbfe964d52
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
27330
server-timing
imagery;dur=54.164, imageryFetch;dur=34.222, cfRequestDuration;dur=13.000011, ipv6
alt-svc
h3=":443"; ma=86400
content-length
92103
x-xss-protection
1; mode=block
x-request-id
78f9cc82-e33d-44db-b7e6-6af43a5fef5e-1713283474
last-modified
Tue, 16 Apr 2024 16:04:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zntXYPJXt7n8X3aOlvnZWP50birtez9UDzXCHFZ0dZFCprmhwcP9Xm7IU6OtfHVrvdoGWK%2FhKd4fGODw4Ukl%2BjGqCDwNWHynbW29dXw9JQDx25MksjsOt44m3%2B8fSya68LUDyob9DT0mrKUwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/6bc613ac-4d3c-486f-b9a4-063627428416/hextom-translate-and-currency-27/assets/tms-translator.min.js>; rel="canonical"
cf-ray
875804fe1fbf6560-AMS
gs.js
cdn.shopify.com/extensions/e7731275-480c-4944-8f6b-666aa3ea3284/growth-suite-81/assets/
35 KB
7 KB
Script
General
Full URL
https://cdn.shopify.com/extensions/e7731275-480c-4944-8f6b-666aa3ea3284/growth-suite-81/assets/gs.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28a8b5d529e15cd5b20246dd751fecf5511984a2143134071fe82371ad6e1a9b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
1444295
server-timing
imagery;dur=52.253, imageryFetch;dur=30.880, cfRequestDuration;dur=16.000032, ipv6
alt-svc
h3=":443"; ma=86400
content-length
7002
x-xss-protection
1; mode=block
x-request-id
c1b395dd-7151-4a8a-afa9-e174545da4e0-1711845764
last-modified
Sun, 31 Mar 2024 00:42:44 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uadVHxscl28EsJlFlShUXJWqKoY9Kv4pGe%2BCKkQPTXuLex3I111t6uXynmj9cTzGCL8enZZNXDNVhKoSIeX85UjZf4FJEp37bd4pYhlEW9LvX%2FmYaO%2FiHQZatIf4KB4aawvROGqhJye5FWUGBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/e7731275-480c-4944-8f6b-666aa3ea3284/growth-suite-81/assets/gs.js>; rel="canonical"
cf-ray
875804fe1fc16560-AMS
gs.css
cdn.shopify.com/extensions/e7731275-480c-4944-8f6b-666aa3ea3284/growth-suite-81/assets/
883 B
792 B
Stylesheet
General
Full URL
https://cdn.shopify.com/extensions/e7731275-480c-4944-8f6b-666aa3ea3284/growth-suite-81/assets/gs.css
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
651780b201fb4078991003d83f9f95da06871f24d0d56c00e8ed9a45e73a863e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
1444296
server-timing
imagery;dur=337.215, imageryFetch;dur=34.290, cfRequestDuration;dur=14.999866, ipv6
alt-svc
h3=":443"; ma=86400
content-length
269
x-xss-protection
1; mode=block
x-request-id
5cf491e1-2fa1-4e2d-aca2-bfb6bb21478d-1711845764
last-modified
Sun, 31 Mar 2024 00:42:45 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FsTXx%2FmyfRA31Qjj6CIuVTaKsn9viodKYVqup6j851bIgxOzMbjjdR%2FRuwvwBOgn5aN2AI%2FISYK4ZjTfCA7EWeDlxwu26XJf9yw8gbUXXO7DQHDdkt2FRPkQpzvLfytR1m7nlCrwv1xCVqtAsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/e7731275-480c-4944-8f6b-666aa3ea3284/growth-suite-81/assets/gs.css>; rel="canonical"
cf-ray
875804fe1fbe6560-AMS
component-header-classic.css
forwomenusa.com/cdn/shop/t/29/assets/
5 KB
2 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-header-classic.css?v=155095848855437264891687380843
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67bb2d8e23e35701fcf1c22530283627c42c7db0a51dc09ec4f930615ae448fe
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
2955503
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=49.166, imageryFetch;dur=47.161, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
62a304b6-fefb-4dc8-8c65-3dc5aa69d85c-1709759768
last-modified
Wed, 06 Mar 2024 21:16:28 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T07O4Lep9SCBdV2cK8TgUuio5yDSEnUDG504Vs7x%2Fho2NT9IJNzqftJCIj1ry%2F1uusl2raMHJ5ftq8lxwc6T8z6WHkWGn2lEotxPW6whxcyKsCALlZTON%2B5OfhOT1iEvEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fdabee66eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-header-classic.css>; rel="canonical"
x-sorting-hat-podid
223
New_Logo_Test_gold_horizontal_no_transparent.jpg
forwomenusa.com/cdn/shop/files/
4 KB
5 KB
Image
General
Full URL
https://forwomenusa.com/cdn/shop/files/New_Logo_Test_gold_horizontal_no_transparent.jpg?v=1659974613&width=300
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
871ab2d627391767ff4257217949285ae3bd772096e619e6dcaf806e6bdecaec
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
350616
x-permitted-cross-domain-policies
none
source-type
image/jpeg
server-timing
imagery;dur=160.633, imageryFetch;dur=39.253, imageryProcess;dur=120.168;desc="image", cfRequestDuration;dur=16.000032
source-length
9825
content-length
3823
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
2d08f2b8-c3e8-4f07-9e06-734d0a4ffe2f-1709759768
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 06 Mar 2024 21:16:08 GMT
server
cloudflare
x-download-options
noopen
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pb6QbJsVUCfIeWS3gu5j0q6WFKv1HvDY6ahENT7FOcXENQiPYH3YPToCgUiUL67bIl8EexIzwPngbyjKjGjgmO5t%2F6lZ7NioZ2stoBK4NxgI0QmJkC8R3k76Djr8uVC1qA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
875804fdbbef66eb-AMS
x-sorting-hat-podid
223
disclosure.css
forwomenusa.com/cdn/shop/t/29/assets/
411 B
1 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/disclosure.css?v=39954821399009248211687380846
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
201dc2db4b50da50435c045c69c1e96e007ab008db34eecad115a4e37f854b8f
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
2965722
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=106.924, imageryFetch;dur=99.139, cfRequestDuration;dur=15.999794
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
ec9493ec-e3b7-4238-a608-23232e9e76ce-1709753682
last-modified
Wed, 06 Mar 2024 19:34:43 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pOQaHmIuKm83wJRXrUclNKgdZQdq%2FhNwnFOXkMZ5jTh9W3hbuw0nPOOw%2Fj%2BU0fQd22UaB5TbfEC85roEJ8ks%2BJBkUPUWDRbfhLwFTRrTKLjVttijbNOHVtly8Abgfhuf%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fdbbf166eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/disclosure.css>; rel="canonical"
x-sorting-hat-podid
223
halo-languages.js
forwomenusa.com/cdn/shop/t/29/assets/
1 KB
1 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/halo-languages.js?v=55060268145941624611687380846
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e9cecd92fe51fb9c53fc454d0baaf8fff59c89550ee63f8d318a44fdf446d2
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
33999
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=67.501, imageryFetch;dur=65.253, cfRequestDuration;dur=14.999866
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
88e41594-cf60-4d0c-938a-9f5e92537469-1710182338
last-modified
Mon, 11 Mar 2024 18:38:58 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=62wW84c0wzDNS5W6GfVQCtH6FuTEdM6WRUA5cPl8l2mREpK88XqUPmcp4ZLJA5kpQ%2FAFoTv6SR8ePHRk54QPA7aVWtoqWI3HvKG2%2BIW0GuwuWLicg4RCt13cy72v%2Bw9oXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fdbbf366eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/halo-languages.js>; rel="canonical"
x-sorting-hat-podid
223
klaviyo.js
static.klaviyo.com/onsite/js/
4 KB
79 B
Other
General
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SeQPVd
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f854305daf9a5d65e5d7f44943ab42a822cd07a045863ea4172b63f6c600daed
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
via
1.1 varnish
content-encoding
br
content-security-policy
object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
age
2799
x-cache
HIT
content-length
1264
x-served-by
cache-ams21035-AMS
server
nginx
x-timer
S1713310817.914956,VS0,VE1
etag
"9c0475932a71368b13f0aa614e526ea1"
vary
Accept-Encoding
access-control-allow-methods
GET
content-language
en-us
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
access-control-max-age
86400
accept-ranges
bytes
access-control-allow-headers
allow
GET, OPTIONS
x-cache-hits
1
component-megamenu.css
forwomenusa.com/cdn/shop/t/29/assets/
25 KB
5 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-megamenu.css?v=42043206499831543051687380844
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae19bf74256141418585e80bbb39f48febb94d647ed428327354094cff75f3ec
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
966680
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=143.475, imageryFetch;dur=137.464, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
daccd04e-6ff1-419d-9088-5a3a8d92bd18-1709755661
last-modified
Wed, 06 Mar 2024 20:07:41 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6YQzV3ZpJZ5j7FBF9nYk4ahMhj%2FKdwXsxd0uv4eLSmX5obVPVgXBwX%2FtBLEwVWzDsbE3EB4%2Fob6QSnPmIwBJ0F%2B0Doy305GB9Z7JpQOb%2FPnlvqYpLl8IXRytPGxVdGs0NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fdbbf766eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-megamenu.css>; rel="canonical"
x-sorting-hat-podid
223
component-menu-mobile.css
forwomenusa.com/cdn/shop/t/29/assets/
19 KB
4 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-menu-mobile.css?v=142921020132518462881687380844
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
557cabac2f3a14cbf105ccd5c2e9a8166cc36a2bd3dd2e9d9b3b5682d697fc6e
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
966679
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=79.022, imageryFetch;dur=75.332, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
fc77933e-7b79-411d-acce-3127227b5b55-1710182336
last-modified
Mon, 11 Mar 2024 18:38:56 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNqCu6LXxdLtxX2onYvUGXtNHsVTUKhTK1VnQIq5QnSMk8d6INoo69FhqN4JgqDdZnk7xO2SU5%2FWNtEQksDyAF22t0cNYn9AuVMaOsDS6gLxz065Oa2xpZ8O9mlYY66YCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fdbbf866eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-menu-mobile.css>; rel="canonical"
x-sorting-hat-podid
223
currencies.js
cdn.shopify.com/s/javascripts/
2 KB
2 KB
Script
General
Full URL
https://cdn.shopify.com/s/javascripts/currencies.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1428820bbb8fb270f3e255bcd9e38a36dfbc5c17ae7b61c0539b18b1fa01a56b
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
80697
server-timing
imagery;dur=26.658, imageryFetch;dur=17.318, cfRequestDuration;dur=13.999939, ipv6
alt-svc
h3=":443"; ma=86400
content-length
1296
x-xss-protection
1; mode=block
x-request-id
6c8a16f1-ae3e-40f8-b402-452618c949e5-1713087714
last-modified
Sun, 14 Apr 2024 09:41:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2FOGqnJUvtvB0X%2BrneRn5t9EDjo2%2BgDYDwPiQEmZkZCPY%2BYam4%2BqJdVcSNxCfmfrZsgVlEvTUZvCAk%2FgJ2Y3eTObx9Z8PPvZmfcDEEru5r%2FnJ9B%2Fls5aQ4a0IWyKrj81p%2B7I%2FjrimsHah8cZ0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=90060
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/javascripts/currencies.js>; rel="canonical"
cf-ray
875804fe1fc26560-AMS
jquery.currencies.min.js
forwomenusa.com/cdn/shop/t/29/assets/
14 KB
4 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/jquery.currencies.min.js?v=93165953928473677901687380847
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a678040352f67e9641a1c3edadf1ae5f279ab2bc8d60619667df740c15d94af2
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
966679
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=97.685, imageryFetch;dur=96.697, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
1a57e943-7533-4e05-8ef8-cd91b464479b-1709752545
last-modified
Wed, 06 Mar 2024 19:15:45 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=85I02o9OGVqYdYZ0pRq4i7iVwunWaLxixBsPQNYofP2%2BHSznNqpOuQ3h85ZJhXalM9R1MTuzlzc0eX72%2B4UPFYtxN2Ml%2FFon5ExzhSZx4b87kDjbpbjnSuh2SZsVZyi0fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fdbbfb66eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/jquery.currencies.min.js>; rel="canonical"
x-sorting-hat-podid
223
MOBILE_BANNER_SPRING_638_x_870_px_1_1.jpg
forwomenusa.com/cdn/shop/files/
128 KB
129 KB
Image
General
Full URL
https://forwomenusa.com/cdn/shop/files/MOBILE_BANNER_SPRING_638_x_870_px_1_1.jpg?v=1710380519&width=1100
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbd647af04cc8a2ccb4c6d5c1c22eb4faae57381b085a80bb0fdd44dc8876ae
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2258859
x-permitted-cross-domain-policies
none
source-type
image/jpeg
server-timing
imagery;dur=594.755, imageryFetch;dur=81.728, imageryProcess;dur=469.712;desc="image", cfRequestDuration;dur=16.000032
source-length
187366
content-length
130838
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
c58fb7a2-fa77-48c8-a7e0-7243028c1070-1710385178
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Mar 2024 02:59:39 GMT
server
cloudflare
x-download-options
noopen
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dwOcvfPFIKgdUX8XTRP9zTx06Kc25yrUl6cAimXdx%2FBjIQwkXvjBxbsXU7c0WczjqVCfaOpfY3rCXwgyGRtAn84uL%2BVBnjlM0MovUuLB2tQJoh40teQLnaksVbtee%2FDEZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
875804fdbbfc66eb-AMS
x-sorting-hat-podid
223
WEBSITE_BANNE_SPRING_1.jpg
forwomenusa.com/cdn/shop/files/
163 KB
164 KB
Image
General
Full URL
https://forwomenusa.com/cdn/shop/files/WEBSITE_BANNE_SPRING_1.jpg?v=1710380519&width=1770
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc308b39ac887fac596a6c825e9b23ec3b98b1ea3cc0dffec8642017ac318364
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
41683
x-permitted-cross-domain-policies
none
source-type
image/jpeg
server-timing
imagery;dur=914.943, imageryFetch;dur=58.859, imageryProcess;dur=855.240;desc="image", cfRequestDuration;dur=16.999960
source-length
537354
content-length
167192
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
01f7e160-a930-4f4d-9e08-86df25ecd11a-1712485944
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 10:32:25 GMT
server
cloudflare
x-download-options
noopen
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7z5EuuVpF%2FvmeQT374I%2FGGlWOKS%2BDvzXnFwkNDPNUpJbX7Hk7%2F4rtNWKbOGNsutrB4DdlNI2y%2ByPXXdJyHeAzpRrWo2hNceN5Km%2F%2BG62tE%2BGy0OOU%2FuTHiQur9jeQCpHSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
875804fdbbfd66eb-AMS
x-sorting-hat-podid
223
component-spotlight-banner-animation.css
forwomenusa.com/cdn/shop/t/29/assets/
3 KB
1 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-spotlight-banner-animation.css?v=172451371582546386711687380845
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0022153fa5178056cbcaba09d68743ac52ead36e78795b611c286393fa542fc
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
299919
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=81.860, imageryFetch;dur=80.228, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
1a507429-8144-42c0-91e7-336854bb77d7-1709759732
last-modified
Wed, 06 Mar 2024 21:15:52 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hVnbVsyD532SLDvTKfi8UPSGz8E0xQ8PavIgIMOsbPywStgFuboJ4vtkr0O27ftqAvfA%2BBp%2FLpGdDVBY00dNr8mb09g0Vo3jDR7fQwEFVE1HRyWUYTyEmGYxJfhgqXC38g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fdbbfe66eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-spotlight-banner-animation.css>; rel="canonical"
x-sorting-hat-podid
223
clarity.js
www.clarity.ms/s/0.7.31/
61 KB
26 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.31/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/i84r47yqi0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d6f3a8301ffa9a9aa6a748ccc535a559242cd73451bb4d236b7e72ff64123703

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-encoding
br
last-modified
Tue, 16 Apr 2024 12:25:01 GMT
etag
W/"0x8DC5E103CD38F71"
vary
Accept-Encoding
x-azure-ref
20240416T234016Z-17d488f697fvv6d8fgtsg71vr000000002v000000000d9bm
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
b7645dd3-101e-0065-2d01-90809f000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
onsite
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/
922 B
1 KB
XHR
General
Full URL
https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=SeQPVd
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.e707d6d405eecdf67185.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cb7506783b48eae070e9b443cb2e68710bc4c112f8978f19ab38e52714b451f7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
Strict-Transport-Security max-age=900

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:17 GMT
strict-transport-security
max-age=900
age
4815604
x-cache
HIT, HIT
content-length
922
x-served-by
cache-bos4676-BOS, cache-ams21067-AMS
server
nginx
allow
GET, HEAD, OPTIONS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
max-age=10
access-control-allow-credentials
true
vary
Cookie
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
171, 0
full-forms
static-forms.klaviyo.com/forms/api/v7/SeQPVd/
72 KB
9 KB
XHR
General
Full URL
https://static-forms.klaviyo.com/forms/api/v7/SeQPVd/full-forms
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.e707d6d405eecdf67185.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5bdf03e733daecd0f14c4e78246bddee97f8f744999f5ec371e940dfc11f0e89

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
VROMvNJw0xBNMzTwTcQUB3d7eexsogH4
content-encoding
gzip
via
1.1 varnish
date
Tue, 16 Apr 2024 23:40:17 GMT
x-amz-request-id
7RMS21DRS2X2K23Z
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
client-geo-continent
EU
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
full-forms/shared full-forms/SeQPVd custom-fonts/SeQPVd
content-length
8666
x-amz-id-2
lVMmiueRq5vwkKlt4pdTcimDcowGeLrLHXv0o6NtbcFG3Wc/8aaQ6Vz4TeFTMPtUdwKvQgGLz+0=
x-served-by
cache-ams21076-AMS
client-geo-country
NL
last-modified
Wed, 10 Jan 2024 17:33:05 GMT
server
AmazonS3
x-timer
S1713310817.032159,VS0,VE634
etag
"82fef79265ce22f99893a48975b4fac7"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
client-geo-continent, client-geo-country
cache-control
max-age=5
accept-ranges
bytes
x-cache-hits
0
bcad39b03we51f70f0pbc988c4cmaac70d51m.js
forwomenusa.com/cdn/wpm/
79 KB
27 KB
Script
General
Full URL
https://forwomenusa.com/cdn/wpm/bcad39b03we51f70f0pbc988c4cmaac70d51m.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f24701d988c5a62023b09fee2074e471aedfe50a93a959fc0e3726d3fd9a6c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
640265
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=67.561, imageryFetch;dur=41.105, cfRequestDuration;dur=12.000084
alt-svc
h3=":443"; ma=86400
content-length
27319
x-xss-protection
1; mode=block
x-request-id
a4d342dc-64ad-4f59-8572-8ce2e7479c8c-1712670550
last-modified
Tue, 09 Apr 2024 13:49:10 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8UhhS0jbGFAshotc00JOHX5nHeizSmnIh2rpfAajgig%2Bwx2QjJyeTUGvXU%2Fmye2SoeLp4J0i9cMHf2Xn7EQoxTQlR%2F0yOxCT8B4Cv%2FooI3SuYBHfIr9RdJAjrm0BlwqnXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
875804feac5a66eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/wpm/bcad39b03we51f70f0pbc988c4cmaac70d51m.js>; rel="canonical"
x-sorting-hat-podid
-1
trekkie.storefront.88baf04046928b6edf6574afd22dbd026cc7d568.min.js
forwomenusa.com/cdn/s/
113 KB
24 KB
Script
General
Full URL
https://forwomenusa.com/cdn/s/trekkie.storefront.88baf04046928b6edf6574afd22dbd026cc7d568.min.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a26474c44436a2dee51f7d857c42b873a3d0e20e47919cc4e6c62a73e49c59fb
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
359122
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=150.612, imageryFetch;dur=133.737, cfRequestDuration;dur=13.999939
alt-svc
h3=":443"; ma=86400
content-length
23934
x-xss-protection
1; mode=block
x-request-id
db6ec114-57b9-417c-bbd3-2a91f223ee73-1712951694
last-modified
Fri, 12 Apr 2024 19:54:54 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ek1UAob4rAjYPHe4d2oyQMkhqaFvBsZkrkVeFg3vZV2QYOskJhA8WKob5evaM7Ytf7Wa1W3WSMmmp1klhisXtYdoym4KeK%2BUk3JZdt35KECPWoj6frL5VB84JYjHlWgTaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
875804feac5b66eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/trekkie.storefront.88baf04046928b6edf6574afd22dbd026cc7d568.min.js>; rel="canonical"
x-sorting-hat-podid
-1
shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
forwomenusa.com/cdn/shopifycloud/shopify/assets/
8 KB
4 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-east1
age
2957708
content-encoding
br
server-timing
imagery;dur=79.652, imageryFetch;dur=78.836, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
e8ce648a-b088-45b4-887d-d98e49d46c6f
last-modified
Fri, 23 Feb 2024 18:46:29 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qgH2wA6X2Bh%2B40XxR4HhSgfIbCK3SsnS14KKJSwpyG99eRp86WrfvBV4xu7OlgVpuFSqOWZUVo4zTxGGi%2BBu7tbR2DoeQ2QTN9kZHS7IBf7QUiBRnPL0HsxP2jhKElem6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
cf-ray
875804feac5c66eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js>; rel="canonical"
x-sorting-hat-podid
-1
shopify-boomerang-1.0.0.min.js
forwomenusa.com/cdn/shopifycloud/boomerang/
58 KB
19 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-east1,gcp-us-east1
age
2958017
content-encoding
br
server-timing
imagery;dur=23.938, imageryFetch;dur=23.730, cfRequestDuration;dur=11.999846
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
170fda9d-99d0-4dd0-8390-07960f4981d8
last-modified
Fri, 09 Feb 2024 22:13:48 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WqzWMZaC708EAmYW64JUS63gL7mKzprgUpLkShs4eHZVDVw36BouhsRYrCal1GgiTygPEFOBcvoTJclaACxelaVV9HK4LiA%2F6813mFyaX7oQPI3%2FgBWS%2BU8vkMF1SAJq8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=3600, must-revalidate
cf-ray
875804feac5e66eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-sorting-hat-podid
-1
truncated
/
306 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
css2
fonts.googleapis.com/
7 KB
649 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
620ec7947095b6f875ce7694812120d60ef68ae4d44a9762a4b370a42b8d06ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 Apr 2024 23:40:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Apr 2024 23:40:17 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 10:56:42 GMT
x-content-type-options
nosniff
age
305015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 10:56:42 GMT
pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2
fonts.gstatic.com/s/poppins/v21/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 06:18:17 GMT
x-content-type-options
nosniff
age
321720
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8724
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 06:18:17 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 07:42:03 GMT
x-content-type-options
nosniff
age
316694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 07:42:03 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 01:05:01 GMT
x-content-type-options
nosniff
age
167716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Apr 2025 01:05:01 GMT
disclosure.css
forwomenusa.com/cdn/shop/t/29/assets/
411 B
0
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/disclosure.css?v=39954821399009248211687380846
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
201dc2db4b50da50435c045c69c1e96e007ab008db34eecad115a4e37f854b8f
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-east1,gcp-us-central1
age
2965722
content-encoding
br
server-timing
imagery;dur=106.924, imageryFetch;dur=99.139, cfRequestDuration;dur=15.999794
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
ec9493ec-e3b7-4238-a608-23232e9e76ce-1709753682
last-modified
Wed, 06 Mar 2024 19:34:43 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pOQaHmIuKm83wJRXrUclNKgdZQdq%2FhNwnFOXkMZ5jTh9W3hbuw0nPOOw%2Fj%2BU0fQd22UaB5TbfEC85roEJ8ks%2BJBkUPUWDRbfhLwFTRrTKLjVttijbNOHVtly8Abgfhuf%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fdbbf166eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/disclosure.css>; rel="canonical"
x-sorting-hat-podid
223
collect
h.clarity.ms/
0
292 B
XHR
General
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/x-clarity-gzip
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://xdwlzcx.cyou
Date
Tue, 16 Apr 2024 23:40:17 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 07:42:03 GMT
x-content-type-options
nosniff
age
316694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 07:42:03 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 01:05:01 GMT
x-content-type-options
nosniff
age
167716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Apr 2025 01:05:01 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 10:56:42 GMT
x-content-type-options
nosniff
age
305015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 10:56:42 GMT
/
xdwlzcx.cyou/wpm@cad39b03we51f70f0pbc988c4cmaac70d51/custom/web-pixel-shopify-custom-pixel@063/sandbox/modern/ Frame 1CFB
40 KB
17 KB
Document
General
Full URL
https://xdwlzcx.cyou/wpm@cad39b03we51f70f0pbc988c4cmaac70d51/custom/web-pixel-shopify-custom-pixel@063/sandbox/modern/
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/wpm/bcad39b03we51f70f0pbc988c4cmaac70d51m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb9589c6fd37544ebb070656a42f87a3cb04a99ddfdbbf7150bd53688202bc05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://xdwlzcx.cyou/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
875804ff9ecf0bab-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 16 Apr 2024 23:40:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HNjh7n6T7LolNcfLjYYEllYNHkhSzULbQXQhfaLRFGs4V%2BOB9bOyDqkvOkqbXUb2sx2WeMCp4SlyO1BszZJFbx%2FES%2BC%2F9m8RJOmsKeKIOez9PgrCgbKL4iLZMgIlkCA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
produce_batch
xdwlzcx.cyou/.well-known/shopify/monorail/unstable/
548 B
524 B
Ping
General
Full URL
https://xdwlzcx.cyou/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/s/trekkie.storefront.88baf04046928b6edf6574afd22dbd026cc7d568.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TM4jXBTn2MoExm%2Bk0vbqUGE6ddkEqUKOLPWaOx%2BOK8iUqWsbp8Ej62sM7ghZ435ileMbvKO17ivipHhIp0ekY3pXlhMz9jkNRbzkzcqCmpPJxb3NL32G59%2BJ1xP5rz8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
875804ffdee20bab-AMS
alt-svc
h3=":443"; ma=86400
produce_batch
xdwlzcx.cyou/.well-known/shopify/monorail/unstable/
548 B
525 B
Ping
General
Full URL
https://xdwlzcx.cyou/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/s/trekkie.storefront.88baf04046928b6edf6574afd22dbd026cc7d568.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LoEVwXA1S6GogQaLCo7sEXHxdFJTvorQaUFckuapXEGgVPqAhG1zSPZKqFsXNb%2Fyge2c1Qcjfhif9VMejHigYQ%2B%2FlFCtkmD%2BlfK2ctDBG0TMlowgAZuDrbVr9Me8Z1s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
875804ffdee50bab-AMS
alt-svc
h3=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/
218 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/s/trekkie.storefront.88baf04046928b6edf6574afd22dbd026cc7d568.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 16 Apr 2024 23:40:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=12, mss=1294, tbw=2766, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
rrHVn6MyHm04IcvmDKSwmQ/6T7GQLK8Qk6IDcyIs+osDlPIwjpbkTuWZ8cJZIcLXq9AafJ5l+WS/+1slSzuUHQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/s/trekkie.storefront.88baf04046928b6edf6574afd22dbd026cc7d568.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 Apr 2024 23:39:22 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
55
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 17 Apr 2024 01:39:22 GMT
core.js
s.pinimg.com/ct/
5 KB
2 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/s/trekkie.storefront.88baf04046928b6edf6574afd22dbd026cc7d568.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62e7cb03e8f65ceb4f43a5a56a3b9c3950158fae3fea85699e3f4c68672f4c2f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
x-cdn
fastly
etag
"2a48a6694c41c203319b5f6018c2bbbc"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
1899
events.js
analytics.tiktok.com/i18n/pixel/
4 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHIF61JC77U02NQHR8JG&lib=ttq
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/s/trekkie.storefront.88baf04046928b6edf6574afd22dbd026cc7d568.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-178.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
560b35c2ffd37972f26c343beda7c6795fa913116cf68c1345784d88b14b9a68

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
4b450a2b.5d3759e5
date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2404162340176C22E9F36393C191864E-6A402BB8310EDF5C-00
x-cache
TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time
91,104.126.37.174
server-timing
cdn-cache; desc=MISS, edge; dur=82, origin; dur=9, inner; dur=4
content-length
1404
pragma
no-cache
server
nginx
x-tt-logid
202404162340176C22E9F36393C191864E
x-cache-remote
TCP_MISS from a23-220-105-216.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,23.220.105.216
x-tt-trace-host
012420985527fc129e691c2ed999163838e44feb1509ae61bb748397c30c0582c4e591654989d2e55e7572e30ab5ce5acf9b08d7bd22d4f0c48714a05897918c72198b6d2c88a3f471d3e30a97e46ad04ee8bd701f7008f51597b4af51b2920b1d3ca4663860e39c794b6ba40727052d50
expires
Tue, 16 Apr 2024 23:40:17 GMT
js
www.googletagmanager.com/gtag/
301 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J68QT427YG
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/s/trekkie.storefront.88baf04046928b6edf6574afd22dbd026cc7d568.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7d7ad94ea8c7ce8f60f9669ae0be40b2447fa5f3695be2e4ee2dcd27911de9b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101689
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 Apr 2024 23:40:17 GMT
worker.modern.js
xdwlzcx.cyou/wpm@cad39b03we51f70f0pbc988c4cmaac70d51/web-pixel-92602592@54f3ea9d23f4af69f7d812fb978ff7ee/sandbox/
548 B
550 B
Other
General
Full URL
https://xdwlzcx.cyou/wpm@cad39b03we51f70f0pbc988c4cmaac70d51/web-pixel-92602592@54f3ea9d23f4af69f7d812fb978ff7ee/sandbox/worker.modern.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BrxQvisa2NodjlRywmLBAvc0nkeZweiem83bgYENaley81EyUPiaX4x6%2FnqyImWZQusShPT5sntUIsuj6%2BEA8lNpfqytukq2LSe6KI8EskoN5TuCb3fG2G128kRjUKw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
875805002f0b0bab-AMS
alt-svc
h3=":443"; ma=86400
worker.modern.js
xdwlzcx.cyou/wpm@cad39b03we51f70f0pbc988c4cmaac70d51/web-pixel-55640288@bb41bf091d86ec09beb5141ead6fafc0/sandbox/
548 B
554 B
Other
General
Full URL
https://xdwlzcx.cyou/wpm@cad39b03we51f70f0pbc988c4cmaac70d51/web-pixel-55640288@bb41bf091d86ec09beb5141ead6fafc0/sandbox/worker.modern.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xbNY7HbsNXiYNH8%2BzbtgHMgyFFY6GveCMyuV6izISjoFPWK53DAMazj3%2B06BUX5sO3j7TKHLoMa9dn907mz9xryoOpl1ScVeQYy%2BCY%2FtaEFx0DlbTcG0GFXS94OWNiA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
875805002f0c0bab-AMS
alt-svc
h3=":443"; ma=86400
worker.modern.js
xdwlzcx.cyou/wpm@cad39b03we51f70f0pbc988c4cmaac70d51/web-pixel-18972896@0.1.0-99c70b3e91db3b02f187f0b0b5db3b0a/sandbox/
548 B
555 B
Other
General
Full URL
https://xdwlzcx.cyou/wpm@cad39b03we51f70f0pbc988c4cmaac70d51/web-pixel-18972896@0.1.0-99c70b3e91db3b02f187f0b0b5db3b0a/sandbox/worker.modern.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lvbVNfwMjmvYdRPjhHkG1w1gx%2B1R7DkVerxHAJRE8EgTy2YMgieu6e0kFRPmqND7o0O6%2BS9OJ3Upxes%2BUk89wxQkoVZSPhSUJ%2FRUd8FZ0yxdQ4lLuQamo6CXKjJjW70%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
875805002f0d0bab-AMS
alt-svc
h3=":443"; ma=86400
worker.modern.js
xdwlzcx.cyou/wpm@cad39b03we51f70f0pbc988c4cmaac70d51/web-pixel-shopify-app-pixel@063/sandbox/
548 B
548 B
Other
General
Full URL
https://xdwlzcx.cyou/wpm@cad39b03we51f70f0pbc988c4cmaac70d51/web-pixel-shopify-app-pixel@063/sandbox/worker.modern.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KysH5YK7kz316nVuFf9NZENLZXUHpu3Fr9s33PNc4ikH%2FBapieJ7fr6fzsyaeco7lb65mrrwmRbEyP1iYnWb92g9s3VYB3syt38NjtWgvRUEjVmE2qEPXN8i1KGQ2OY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
875805002f0e0bab-AMS
alt-svc
h3=":443"; ma=86400
produce_batch
xdwlzcx.cyou/.well-known/shopify/monorail/unstable/
548 B
525 B
Ping
General
Full URL
https://xdwlzcx.cyou/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/s/trekkie.storefront.88baf04046928b6edf6574afd22dbd026cc7d568.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gr0e1CSvyY4wFrJf0EwY7luUgYEidk2WwzWD2zYn1gYXQI4nEflEOAP4tS%2BZqDNa7mOCfazUWH9poVBhLsMQvi6U%2Bvmc8eM8t88fn9k0YO%2FaM2aj%2B9U5jDJ8DAACy5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
875805005f2c0bab-AMS
alt-svc
h3=":443"; ma=86400
produce_batch
xdwlzcx.cyou/.well-known/shopify/monorail/unstable/
548 B
532 B
Ping
General
Full URL
https://xdwlzcx.cyou/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/s/trekkie.storefront.88baf04046928b6edf6574afd22dbd026cc7d568.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S54OhdJLcMGWHd1%2BbuvnWUJ%2FOrxXzlQV%2FrRI6LnjemlZeGrs28so7xffM1t8Hy8FgIhn%2BXgnZLSRHgYHwWTN7pCDD%2BlIpalZlKwti%2BkmdnCsAeAon5y0%2FGVlZI%2BZ9LM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
875805005f320bab-AMS
alt-svc
h3=":443"; ma=86400
produce_batch
xdwlzcx.cyou/.well-known/shopify/monorail/unstable/
548 B
531 B
Ping
General
Full URL
https://xdwlzcx.cyou/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/s/trekkie.storefront.88baf04046928b6edf6574afd22dbd026cc7d568.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25qfXJQ559Z4H7%2FNZHd2Utgq1CXBlYQjmPxNjlgaa%2Fg5EyPjXZE%2FK15AbOrUOq6B0BGhNMz9LGacfQB9XYQQ%2B%2BAoK3AqwAs2nZNEsdLESqV1hJOcCQ%2FWDYtwix1oc%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
875805005f330bab-AMS
alt-svc
h3=":443"; ma=86400
main.6192ffb7.js
s.pinimg.com/ct/lib/
69 KB
20 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.6192ffb7.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6982e83b9ea7682534a77808bc53b3e516bc5d26dc406de1a2ea81c2fdf63a33

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
x-cdn
fastly
etag
"0c0f2aed16e51276069e2c6e45c878c1"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
19940
3051643961618415
connect.facebook.net/signals/config/
75 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/3051643961618415?v=2.9.153&r=stable&domain=xdwlzcx.cyou&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00cf2cd83ed8ccd00c99085695cccf0bee691f9e8f3daa32b3313458a4582244
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 16 Apr 2024 23:40:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=64, mss=1294, tbw=63202, tp=-1, tpl=-1, uplat=165, ullat=0
pragma
public
x-fb-debug
RgaUhngjsSuV77c1soEmTB7NYYBLA2F257FHZJkkJUbQ3yq8LqEjcpeTnIO/wGRI7LBNux1JEQK8muK5mWfbXQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
component-policies-block.css
forwomenusa.com/cdn/shop/t/29/assets/
2 KB
2 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-policies-block.css?v=110383863142232988001687380844
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ece5c58d867b0ee2a8a8c47559d89167f653ab791208006523c8348712d3f4bb
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
299919
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=57.114, imageryFetch;dur=55.303, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
1ae23053-566f-414e-be89-42caaf87da86-1709766269
last-modified
Wed, 06 Mar 2024 23:04:29 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dk7gyY5o9D0KYIW4NKdldfy5n8jSVuVvrsMTqdrh9TGuiIStJmKJnWwMe%2B6Fdi7GuXWGx0Ig6f1rUWzwxBWWbhk34OFraOe2GZMtH5jntRMViS8cAcJDpVbfBVZ4Yff8mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805017dbe66eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-policies-block.css>; rel="canonical"
x-sorting-hat-podid
223
component-custom-service-block.css
forwomenusa.com/cdn/shop/t/29/assets/
5 KB
2 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-custom-service-block.css?v=177873360551507631191687380843
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d373418e62d89aff5bb979d69ca5534b6567583d83c3bcda7d2d770049f578a0
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
299919
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=71.686, imageryFetch;dur=69.472, cfRequestDuration;dur=14.999866
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
f771872e-7b20-45f4-94cd-7a428257a945-1709760745
last-modified
Wed, 06 Mar 2024 21:32:25 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tH%2B7tfsyAlP5BCEWiGBrduxMIRrXkoebW%2BGwRaYZGXnPp9QSd5iJdirKsmoxb24uNfg8V8CuBkcetS5uEqsxFiNjA8wbUZJubmm9JTO%2BWDJSO8Neu7AQRCnr3ae9iRKvDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805017dbf66eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-custom-service-block.css>; rel="canonical"
x-sorting-hat-podid
223
component-custom-service-banner-animation.css
forwomenusa.com/cdn/shop/t/29/assets/
774 B
1 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-custom-service-banner-animation.css?v=78866783077572825401687380843
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8b3ddc5ca3a41b853cf1175f303bf5c4d2ba54bc9a5f4537e09a5a5c3e20003
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
299919
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=123.796, imageryFetch;dur=122.161, cfRequestDuration;dur=19.999981
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
5616adf2-0248-4eff-aadd-3bcd372fad73-1710179373
last-modified
Mon, 11 Mar 2024 17:49:33 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQYr65bKJsEHchYZEgBDuZtlFAiQuHrsOpDB7rA8Ukuyjm3cJUi23J%2BKfbsfjINSy2SXfIKeKCbevqS46nmo5vjM0RYYwRRLBUo0Q4zaN%2BhZj%2FQX2xidcMsHz%2FbVMfMmsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805017dc066eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-custom-service-banner-animation.css>; rel="canonical"
x-sorting-hat-podid
223
component-spotlight-block.css
forwomenusa.com/cdn/shop/t/29/assets/
14 KB
3 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-spotlight-block.css?v=125816778925963053681687380845
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0832cb1fe59f8d3fbed28ac35f2a22a8b8f5b12c0761c24c25f34803e72755e1
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
908505
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=77.957, imageryFetch;dur=73.929, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
c3a4f1b0-8a93-4f4a-b0ad-a3a69c9a0569-1710176370
last-modified
Mon, 11 Mar 2024 16:59:31 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bj5i4%2Bs2bOzEATaq0ezcPIBQ0AxU2totA4F4emJeDItvmsyKfv4Wvy9y8zF8N7dW5g8G7rYIi0R0vaUP7wwW3gMUHjyiQoJQWU88LvC6U3PevhWuOKp32TvrNoDZb7pDhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805017dc166eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-spotlight-block.css>; rel="canonical"
x-sorting-hat-podid
223
component-instagram.css
forwomenusa.com/cdn/shop/t/29/assets/
8 KB
3 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-instagram.css?v=159903776130793417771687380843
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a31490bb9cf22b014b9ddf65dcba39941b4ad3c5c9351771183b735424db97ae
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
299911
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=78.404, imageryFetch;dur=75.674, cfRequestDuration;dur=15.000105
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
c00b52b7-6803-4ade-81d8-b2a3bf7175bc-1710878871
last-modified
Tue, 19 Mar 2024 20:07:51 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4KFW9nvPhhnBqTOkQc3I0ZsEl59fFqNexnC1QIbBA9DorJ%2BWxWdG0bOmAFRnp1ogAxhcjDqZfbAaJmNfvK1j4lVPyeuGqhXcJhq72fyTFtzUTnndAUQxcPCIhiUHGk7mmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805018dc266eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-instagram.css>; rel="canonical"
x-sorting-hat-podid
223
component-spotlight-banner-animation.css
forwomenusa.com/cdn/shop/t/29/assets/
3 KB
0
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-spotlight-banner-animation.css?v=172451371582546386711687380845
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0022153fa5178056cbcaba09d68743ac52ead36e78795b611c286393fa542fc
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-east1,gcp-us-central1
age
299919
content-encoding
br
server-timing
imagery;dur=81.860, imageryFetch;dur=80.228, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
1a507429-8144-42c0-91e7-336854bb77d7-1709759732
last-modified
Wed, 06 Mar 2024 21:15:52 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hVnbVsyD532SLDvTKfi8UPSGz8E0xQ8PavIgIMOsbPywStgFuboJ4vtkr0O27ftqAvfA%2BBp%2FLpGdDVBY00dNr8mb09g0Vo3jDR7fQwEFVE1HRyWUYTyEmGYxJfhgqXC38g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fdbbfe66eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-spotlight-banner-animation.css>; rel="canonical"
x-sorting-hat-podid
223
component-featured-collection.css
forwomenusa.com/cdn/shop/t/29/assets/
4 KB
2 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-featured-collection.css?v=45470080217047350371687380843
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa26c32a0c07c6d91a0c8a7a89feff7c66327409586d70677750b74ebc2a14bc
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
2463676
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=56.309, imageryFetch;dur=54.179, cfRequestDuration;dur=14.000177
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
36e97645-ce44-4f2c-b454-db421446a0f6-1710182342
last-modified
Mon, 11 Mar 2024 18:39:02 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YqgBIa%2F2cKu2OW48Po%2B5Y%2F%2BdbR9t%2BzqjaosUa1rTlEZrUVWvJsx5n5lEz8TnXbbHHWKTW9Kx%2Btc6uKj7aRug7cawqDrc%2FfukxkVebJalhktVj3nMPU6tX1HVCQP%2FWDUe9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805019dc866eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-featured-collection.css>; rel="canonical"
x-sorting-hat-podid
223
component-featured-collection-banner-animation.css
forwomenusa.com/cdn/shop/t/29/assets/
364 B
1 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-featured-collection-banner-animation.css?v=36117234772926891321687380843
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd29d1d28a6ef4857c6392647268a8ad1d5b539fcdd8d6884155a748aef441a2
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
41684
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=139.954, imageryFetch;dur=138.765, cfRequestDuration;dur=15.000105
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
aaa6be1a-e93a-46d7-9504-ec1fc01c00c6-1710362554
last-modified
Wed, 13 Mar 2024 20:42:34 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K4kj2hPg%2F%2BPns%2FF7352StGUncUfL9ARXELA%2F7%2B42EFPROG%2FRODWotWJpAtMiwHabZLMUCUIo3aa4k%2BmR9xTHKB%2FCq6iO6oWQN4G5Ng1%2FoqFfk5%2BbkwWSGNw2YIAxmEO2nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805019dc966eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-featured-collection-banner-animation.css>; rel="canonical"
x-sorting-hat-podid
223
section-footer.css
forwomenusa.com/cdn/shop/t/29/assets/
14 KB
4 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/section-footer.css?v=158167541774743431731687380848
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
207a0ecfef9ac71d1a30301131828c74b83b7ee333e556432c84426f49b8f081
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
2948715
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=66.783, imageryFetch;dur=63.597, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
1140e592-773e-43a1-9f5d-c7089542d390-1709765178
last-modified
Wed, 06 Mar 2024 22:46:18 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v3vmuuTm7%2BK3SnpAAVzqHQRO9tEsTjW0iyzJ2HnUdZ6J4I4xUidsD3UJzViU3ssSNC%2BWDY0Foy05DALGRC33EOTCDANsa25%2BcKnsu7d9Uu7YP087HOlgmT4fnxOkLiRoGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805019dca66eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/section-footer.css>; rel="canonical"
x-sorting-hat-podid
223
component-list-payment.css
forwomenusa.com/cdn/shop/t/29/assets/
492 B
1 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-list-payment.css?v=14796597056156653981687380843
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294d6aa53130f464df3f947fda12349bc401322adc59286332c258146a1803dd
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
4014043
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=60.477, imageryFetch;dur=59.580, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
106913b6-166a-4f28-96e9-90cc1e6395f4
last-modified
Wed, 21 Feb 2024 11:34:13 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gqbJDpWufI8CLmplVbujsQTizRptYHCWKJEmiH3qFqhn4epBs52XqDknOkOOhRae4UGEG2TeVJBhee9i%2BnnArZobaLbnUc8No%2FiBtvRS3rx7H5hb4833RZ%2BwWlt40UTkyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805019dcc66eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-list-payment.css>; rel="canonical"
x-sorting-hat-podid
223
email-decode.min.js
xdwlzcx.cyou/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://xdwlzcx.cyou/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 17:26:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6610342c-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L6iuHPr9Jlg2SxbmZq13f49pHpq%2BCSFgQVSFt9S1%2FoINKHycQ0LlipvGsqtfBv5Smji4ivqZsb%2B6SOi90DRudkgt4TySSjKQDb2kfN%2FkKPCscZteZmAfz2ux5gx0bhw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
875805019fd00bab-AMS
expires
Thu, 18 Apr 2024 23:40:17 GMT
slider.js
forwomenusa.com/cdn/shop/t/29/assets/
6 KB
2 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/slider.js?v=17042112586619479101687380848
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f552490a710dfeec5ef58aa5f0c387da223a57ab3fd76162d81c66fe35bca918
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
2948715
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=211.143, imageryFetch;dur=92.410, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
c5dde9db-62a9-4f9e-b820-ba3469430731-1710182341
last-modified
Mon, 11 Mar 2024 18:39:02 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Me65g%2F2kksEr5njrIcgU0XAEt7Zt0go3wZtHp5ZbvYGFaFdm4JOxAj0xFtOmAQs4efeGCMO2MjbMnvYLIg%2Bd1J%2BK6G0RtqGNCFshafvnBQ9DSoLIFYM1LmqRiGIWWk%2FcEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805019dcf66eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/slider.js>; rel="canonical"
x-sorting-hat-podid
223
theme.js
forwomenusa.com/cdn/shop/t/29/assets/
285 KB
41 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/theme.js?v=12118190094981532181688096236
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1007852ed9d5b4adb273800cdec71df43aa4556c7fb4b5817b21811ee6395f9
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
350614
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=89.297, imageryFetch;dur=62.472, cfRequestDuration;dur=13.999939
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
76faac06-9427-4095-944d-77866154c2d7-1709752545
last-modified
Wed, 06 Mar 2024 19:15:45 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vNOBx9IiYtCmjj9iT1ZmSV%2Foq%2BK43KnDW3%2FMol02oK6717mcL1MK7wgkzI1Ls%2Br%2Fk8KFVDShjP5Z%2F2Mp0HL57mB3rdwkji1h80IgzWo438tg48huO1m0fBaHo9hlzDLmWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805019dd066eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/theme.js>; rel="canonical"
x-sorting-hat-podid
223
recently-viewed-product.js
forwomenusa.com/cdn/shop/t/29/assets/
15 KB
4 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/recently-viewed-product.js?v=47044952892190988281687380847
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57ee2de8faff638ccaf23883167c06ae6aabcaed73b6274143f7aad98bd9d25
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
2948715
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=109.455, imageryFetch;dur=107.693, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
57d1e869-0324-4e10-9aa2-01366e9b9163-1709756892
last-modified
Wed, 06 Mar 2024 20:28:12 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MVpDSTlU6NyFdOBmh5HihBHy2PbD1QiMhVuMMX%2B%2B8ksqR%2F1UMpCx1rznIlop6Qty8ESWFN1qdnktjcNKRc6u2lIfGv9Qui4ay5f7VwY6Ys5l5i8AdVofTGv%2BlW%2FqQ3o8GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805019dd166eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/recently-viewed-product.js>; rel="canonical"
x-sorting-hat-podid
223
halo-recently-viewed.js
forwomenusa.com/cdn/shop/t/29/assets/
12 KB
3 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/halo-recently-viewed.js?v=142697884143385922891688096663
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f188c4fc9d23c7bbfbb05af211fba269c3f7c5f2f3e43bf5c8c4cc11264e3e5
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2948715
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=70.711, imageryFetch;dur=49.865, cfRequestDuration;dur=17.000198
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
9fd639d2-19c7-4716-8790-f27c7d29c6f8-1710186362
last-modified
Mon, 11 Mar 2024 19:46:22 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P52JwNVr%2Fl%2BHwe%2BZroUNb%2FA8TNm70gF4oXJtlfCQnFGZ89tnO5hDF8%2BqF%2FyJJ8DiNN3ds7MZEKRMHStnA4GNHV8TfZHFgyVPG6YIYkj5Z0sXn9PFmvRBd39JsvqTcw%2FKtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805019dd266eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/halo-recently-viewed.js>; rel="canonical"
x-sorting-hat-podid
223
halo-toolcart.js
forwomenusa.com/cdn/shop/t/29/assets/
3 KB
2 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/halo-toolcart.js?v=42785986117642242551687380847
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bfeb921e28793a9fee9e86b54061dba44432f7481ee143bac3b3d093805de5
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
95980
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=112.255, imageryFetch;dur=111.188, cfRequestDuration;dur=12.000084
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
4ee600b9-66cc-4572-b4e8-b59334141dca-1709766612
last-modified
Wed, 06 Mar 2024 23:10:12 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tED%2BylpycdseCRp5xMBTBcgMf%2BKqU6gf5juK4Kvjm8sgDY%2FM%2B5CrnoYEOrt%2FpPDCfrYAF6TZrUPHpx7zFcU7mgKq36a9vEUEUrPpu%2Fg%2F6SXX6vjg9mZdBogPIsDAb5wjYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805019dd366eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/halo-toolcart.js>; rel="canonical"
x-sorting-hat-podid
223
quadpay-shopify.js
widgets.quadpay.com/
42 KB
11 KB
Script
General
Full URL
https://widgets.quadpay.com/quadpay-shopify.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.201 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
738e16e15ac242cf1102a61bec958c5cdc6b21eff9cb46228c51aead91121cee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 11 Aug 2021 12:26:08 GMT
server
cloudflare
age
4746
cf-polished
origSize=43284
etag
W/"0b0b8fac8ed71:0"
vary
Accept-Encoding
x-powered-by
ASP.NET
content-type
application/x-javascript
cf-ray
87580501e874b8c7-AMS
alt-svc
h3=":443"; ma=86400
uppush-notification.min.js
cdn.shopify.com/extensions/48b129f8-d940-4eee-afa5-9d74edff33cb/uppush-146/assets/
459 KB
130 KB
Script
General
Full URL
https://cdn.shopify.com/extensions/48b129f8-d940-4eee-afa5-9d74edff33cb/uppush-146/assets/uppush-notification.min.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebb184bd44c4a682e06c76bed4222cf53419e6f199e22319a6b88b2ae4e3af1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
387943
server-timing
imagery;dur=78.055, imageryFetch;dur=42.641, cfRequestDuration;dur=13.000011, ipv6
alt-svc
h3=":443"; ma=86400
content-length
131919
x-xss-protection
1; mode=block
x-request-id
066152cc-1eb4-468f-8369-eabef0756edf-1712922872
last-modified
Fri, 12 Apr 2024 11:54:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PrRqcvLl6yh2ndnzIzP2U4%2BQO51EzxCREiy%2FJeclPuBuyipgWjYK%2BV8MzOsl1KGnQ%2BNbR%2Bjzk1JPl027rfaorl1v4y3IWX%2FVjT5qsxfqoQ7ZFr8LtfSt9fO%2B4%2BrL160olY2Tk2N5tOkX9T61nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/48b129f8-d940-4eee-afa5-9d74edff33cb/uppush-146/assets/uppush-notification.min.js>; rel="canonical"
cf-ray
8758050199cb6560-AMS
destination
www.googletagmanager.com/gtag/
222 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=MC-XQTWMW8CYM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J68QT427YG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b733c8695c26f3f29e0d19c072b552462c1a2347d361516d20ab762141c52bfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82742
x-xss-protection
0
last-modified
Tue, 16 Apr 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Apr 2024 23:40:17 GMT
collect
region1.analytics.google.com/g/
0
252 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-J68QT427YG&gtm=45je44f0v887745805za200&_p=1713310817252&_gaz=1&gcs=G111&gcd=13t3t3t2t5&npa=0&dma_cps=sypham&dma=1&cid=1773397371.1713310818&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dp=%2F&dt=Women%27s%20Fashion%20Store%20%7C%20Women%27s%20Clothes%20Store%20Online%20-%20For%20Women%20USA&dl=https%3A%2F%2Fforwomenusa.com%2F&sid=1713310817&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2068
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J68QT427YG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 16 Apr 2024 23:40:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xdwlzcx.cyou
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
243 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J68QT427YG&cid=1773397371.1713310818&gtm=45je44f0v887745805za200&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13t3t3t2t5&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J68QT427YG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 16 Apr 2024 23:40:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xdwlzcx.cyou
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
408 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J68QT427YG&cid=1773397371.1713310818&gtm=45je44f0v887745805za200&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13t3t3t2t5&npa=0&z=2049536670
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 16 Apr 2024 23:40:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
856
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 17 Apr 2024 00:26:01 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 04:02:19 GMT
x-content-type-options
nosniff
age
329878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 04:02:19 GMT
SPRING_AND_SUMMER_STYLES_BANNER_WEB_3.jpg
forwomenusa.com/cdn/shop/files/
133 KB
134 KB
Image
General
Full URL
https://forwomenusa.com/cdn/shop/files/SPRING_AND_SUMMER_STYLES_BANNER_WEB_3.jpg?v=1709775736&width=1780
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f78ea41d8d58318f3b93a4e4e175be94cb1e0b749de6a93507467fc36fb7f1c
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
41684
x-permitted-cross-domain-policies
none
source-type
image/jpeg
server-timing
imagery;dur=232.747, imageryFetch;dur=69.141, imageryProcess;dur=162.828;desc="image", cfRequestDuration;dur=13.999939
source-length
141848
content-length
135750
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
d57f3d3b-1c72-4636-8788-0441ec4f5c5a-1712641961
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 09 Apr 2024 05:52:42 GMT
server
cloudflare
x-download-options
noopen
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SbdK%2FbfMShYeyvGzOiiWUl18cs4gpNGa%2BjBjF0kZx00y%2FrjVkkua%2BSxzkBvIlbPq4m%2FCftvy3AxxTcfYFzfJh7l5IQOhA9uZ5uST6hJ%2F6zaaQoKUldfc40B8tZHAGtlkDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87580501edf266eb-AMS
x-sorting-hat-podid
223
component-menu-mobile.css
forwomenusa.com/cdn/shop/t/29/assets/
19 KB
0
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-menu-mobile.css?v=142921020132518462881687380844
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
557cabac2f3a14cbf105ccd5c2e9a8166cc36a2bd3dd2e9d9b3b5682d697fc6e
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-central1
age
966679
content-encoding
br
server-timing
imagery;dur=79.022, imageryFetch;dur=75.332, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
fc77933e-7b79-411d-acce-3127227b5b55-1710182336
last-modified
Mon, 11 Mar 2024 18:38:56 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNqCu6LXxdLtxX2onYvUGXtNHsVTUKhTK1VnQIq5QnSMk8d6INoo69FhqN4JgqDdZnk7xO2SU5%2FWNtEQksDyAF22t0cNYn9AuVMaOsDS6gLxz065Oa2xpZ8O9mlYY66YCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fdbbf866eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-menu-mobile.css>; rel="canonical"
x-sorting-hat-podid
223
instantpage.js
cdn.shopify.com/extensions/189bc278-2da0-4bdf-b900-6613b439e00a/tapita-seo-speed-64/assets/
5 KB
2 KB
Script
General
Full URL
https://cdn.shopify.com/extensions/189bc278-2da0-4bdf-b900-6613b439e00a/tapita-seo-speed-64/assets/instantpage.js
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
edb36df4d8ca59543709db801835fdc74378c6772c8e4a14c55df4b9a0d2f13b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
1263549
server-timing
imagery;dur=44.771, imageryFetch;dur=27.471, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
content-length
1249
x-xss-protection
1; mode=block
x-request-id
aa35b836-8d50-4434-90f9-b4a77c7d60dc-1712047263
last-modified
Tue, 02 Apr 2024 08:41:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCcYRJiE7OoLy%2FAHsn5FsjpEkgQzxKmltkk5LVp4sPxpXn7MFdHOSTarhK%2Bs%2ByVITq4eyKgZsoG5lYrTCSIEnhWf6vW6MMqwE65vceRcM7YvxpFsrtadRVEcvHZNbtFLxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/189bc278-2da0-4bdf-b900-6613b439e00a/tapita-seo-speed-64/assets/instantpage.js>; rel="canonical"
cf-ray
87580501fd4b0a48-AMS
main.MTFhN2NkNDczMg.js
analytics.tiktok.com/i18n/pixel/static/
419 KB
111 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMg.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHIF61JC77U02NQHR8JG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-178.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1cf1ce808611aa58204592daedb747e8b944b7ceb287a41f9c24b51db01099fd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
5d375be6
date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202404081246324A137334957C43F2E5B6
x-tt-trace-id
00-2404081246324A137334957C43F2E5B6-5B35ECA3DCE0B4BD-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
016fb8011f91e353179974a16b49dee133462cfb54bf0784c6c8bfe7525afc753f8b441f120fa584f3de88613cff55b7da4f71a0647d5fc5ccf990dd3d7f30d1c2b52e9817396a08ae97310ed84663c17de71b735fb0b40bd5839b8e2f3d5da6a7
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
112821
/
ct.pinterest.com/user/
320 B
300 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2613061182023&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1713310817609&dep=2%2CPAGE_LOAD
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
1101417772070663
content-length
186
pin-unauth
dWlkPU1qYzFNVEZtTkRZdFl6QXlOUzAwWldRMUxUaGtaVEl0TlRRMllXTXlOV1ZrTVRneg
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xdwlzcx.cyou
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
9d4f0d0ca52e1b70a6f58614c6949c6ee8fcb26a
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/
320 B
372 B
XHR
General
Full URL
https://ct.pinterest.com/user/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22sh-e948626c-7ABA-483B-F85C-79515AA7E2F4%22%7D&tid=2613061182023&cb=1713310817617&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=600
x-pinterest-rid
1532457219801740
content-length
186
pin-unauth
dWlkPU1tRTFORGN4TkdRdFpqUXhaaTAwTkdNM0xXSmlZbUV0T0RSaVlUYzBaR0U0WldObA
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xdwlzcx.cyou
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
9d4f0d0ca52e1b70a6f58614c6949c6ee8fcb26a
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
440 B
Fetch
General
Full URL
https://ct.pinterest.com/v3/?tid=2613061182023&pd=%7B%22np%22%3A%22shopify%22%2C%22external_id%22%3A%227623e54515a4fc316281d9cb94e07bfc803b04db8a926b8e6ba5afe5a2ee57cb%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fxdwlzcx.cyou%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226192ffb7%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22123.0.6312.122%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1713310817644
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 16 Apr 2024 23:40:17 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://xdwlzcx.cyou
pinterest-version
9d4f0d0ca52e1b70a6f58614c6949c6ee8fcb26a
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
3508160321352279
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
component-blog-post.css
forwomenusa.com/cdn/shop/t/29/assets/
2 KB
2 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-blog-post.css?v=21447609856237084971687380842
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c1ad2087b589f44f1a4656fe079e868644ecaa3bf55826d5a12667f68a75ed
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
299911
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=93.248, imageryFetch;dur=91.911, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
3a3d7393-5993-4dfe-9460-7bc3dca5e0cb-1710179373
last-modified
Mon, 11 Mar 2024 17:49:33 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2F%2FJNGMM893voc7fyiojZou3ArZ%2Bs5Xzbuc2xAkfZn0wQcyfbTjsXWiXZk4Zr8244LD%2FdScHdSD1DUtiCRD5hmJ7wSSwZ0T8DxKTgLZVcjN6I0xGQ8zgNxwaaA9cEFOaBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805026e1e66eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-blog-post.css>; rel="canonical"
x-sorting-hat-podid
223
component-blog-post-banner-animation.css
forwomenusa.com/cdn/shop/t/29/assets/
2 KB
1 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-blog-post-banner-animation.css?v=82290037139764118691687380842
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6708ad7e9454960e82e1a74cd3ef076240c43e81bc3d2523b5898ab4831c55f
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
2948261
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=100.784, imageryFetch;dur=99.759, cfRequestDuration;dur=19.000053
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
cd29eaaa-cc58-4d9e-991c-4fa247c32547-1709761535
last-modified
Wed, 06 Mar 2024 21:45:35 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RZ7xBkdEeXs1d2oixJwjYAkswqQuVwBBboEQb9kFYXUsuJuGYlXUp%2Be5TOouRS5jKMhJ9XQR0jXjYnLSiXcsNC8j5%2BqSSwUQLPRifYZP7YHEqIIwwwfsMpZBDFiPoI7u9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805026e1f66eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-blog-post-banner-animation.css>; rel="canonical"
x-sorting-hat-podid
223
halo-product-list-view-popup.css
forwomenusa.com/cdn/shop/t/29/assets/
5 KB
2 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/halo-product-list-view-popup.css?v=180201079361501606901687380846
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9382162d917a935063ad657437e928ab4dd27a07582d2501cf054a82ad89998c
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
2965710
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=165.407, imageryFetch;dur=163.887, cfRequestDuration;dur=15.000105
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
8836b57b-ec9a-4cc8-9815-d8f98d46ef25-1709753683
last-modified
Wed, 06 Mar 2024 19:34:43 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5BgN5MVpAKbyzM6JFTLrYqGorGMPoZLTkOiE8%2FECEA8AxFguj0tAFZoS8thQqyHCUwmVrLmtSFYYwF90gUm%2Bvh5zD8DssFmWiXSaFVvNV0qfJE41QUuxL1Ml%2BvjaiKjH1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805026e2266eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/halo-product-list-view-popup.css>; rel="canonical"
x-sorting-hat-podid
223
component-recently-viewed.css
forwomenusa.com/cdn/shop/t/29/assets/
11 KB
3 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-recently-viewed.css?v=57247641032407485911687380844
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
939548648d32399e592b20a344f692752a40d9f8f8c344e37ba9101ded9acedf
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2123602
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=53.957, imageryFetch;dur=50.102, cfRequestDuration;dur=14.000177
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
ee56d8f1-236b-42d2-922e-a003173c3131-1710186362
last-modified
Mon, 11 Mar 2024 19:46:22 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JUdBqARz2EhLah3x2YWSa3vA7GfgAyyN7NFx%2BSXLQn1edJ%2BVorqKZPha7zf7c0eDddrP1hOoQkhEl1UIh37N5XHzmUNcDtfdNUTudWJirnpDWYyfCQAnzVo%2Fw%2BE1914lJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805026e2366eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-recently-viewed.css>; rel="canonical"
x-sorting-hat-podid
223
component-compare-product.css
forwomenusa.com/cdn/shop/t/29/assets/
3 KB
2 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-compare-product.css?v=130598250319952806501687380842
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1de555264d0eea20a57d2eeadc1c89720fcdf21cc75758b98e172379dadd4b
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
1090079
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=146.573, imageryFetch;dur=144.588, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
e884a342-e558-4653-ae88-7244979ffdf6-1710186362
last-modified
Mon, 11 Mar 2024 19:46:23 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ar3vOuX8fYRxER4Z3Dd6qM7im73ixKY0G7hevg6oTZAagcur6bORrg%2FmSdA9z3oYJ1hDpMmpwWZW9wnP2dBLc%2Ff4RtRbo8lpOIjn%2F5%2ByLsVd9abmSFSu3uggbr1apepG2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805026e2466eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-compare-product.css>; rel="canonical"
x-sorting-hat-podid
223
component-warning-popup.css
forwomenusa.com/cdn/shop/t/29/assets/
1 KB
1 KB
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-warning-popup.css?v=143029987110804031811687380845
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b6e3ff867fa5c751d8e25c0e92361bdef2587cbce2f518d30018acc2c726eae
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2948711
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=81.639, imageryFetch;dur=79.968, cfRequestDuration;dur=20.999908
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
341b1393-57ba-4fbd-867f-19291d3be4dc-1710182348
last-modified
Mon, 11 Mar 2024 18:39:09 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ejZ7SNp67pGe003VTGNEnOBWaMcP5b6OCYCINS2NqcGKbLCS4morjYAx%2BAGt57NMl%2BUSfnMJXsgK0YywBJxyOUnj8YjpoOSGgBPacmws0NxCK2B6rDtzYJWcqVoBgG7iFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875805026e2666eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-warning-popup.css>; rel="canonical"
x-sorting-hat-podid
223
component-quick-cart.css
forwomenusa.com/cdn/shop/t/29/assets/
14 KB
0
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-quick-cart.css?v=126678254764554091781687380844
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d133212c0636e4af8de33a4c79af9bc3513d0db77c4ae98e7e29a9c65ec5aa74
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-east1,gcp-us-central1
age
2948714
content-encoding
br
server-timing
imagery;dur=87.086, imageryFetch;dur=83.741, cfRequestDuration;dur=15.000105, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
667cd7d9-ce46-4d0b-836b-8eade3a1238d-1709764752
last-modified
Wed, 06 Mar 2024 22:39:12 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3sBLlvsTgV4Zi6e4GF12XIICqK8U7xI8RHFLFeSMEN7dD82SD%2FbF0s1KfIFIxZnzwICLplekpp73u9i3ddveW9bW5orFFvH89zJe%2BncjVJjt3%2BDntkKRiPhlsf%2BtsE0Vucamy30Z21Yd8iCLUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fbfe8e66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-quick-cart.css>; rel="canonical"
x-sorting-hat-podid
223
pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 06:46:44 GMT
x-content-type-options
nosniff
age
320013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8596
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 06:46:44 GMT
collect
www.merchant-center-analytics.goog/mc/
0
252 B
Ping
General
Full URL
https://www.merchant-center-analytics.goog/mc/collect?v=2&tid=MC-XQTWMW8CYM&gtm=45ve44f0v9121202314za200&_p=1713310817252&gcs=G111&gcd=13t3t3t2t5&npa=0&dma_cps=sypham&dma=1&cid=1773397371.1713310818&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dp=%2F&dt=Women%27s%20Fashion%20Store%20%7C%20Women%27s%20Clothes%20Store%20Online%20-%20For%20Women%20USA&dl=https%3A%2F%2Fforwomenusa.com%2F&sid=1713310817&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2274
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=MC-XQTWMW8CYM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 16 Apr 2024 23:40:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xdwlzcx.cyou
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
produce_batch
xdwlzcx.cyou/.well-known/shopify/monorail/unstable/
548 B
520 B
Ping
General
Full URL
https://xdwlzcx.cyou/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/wpm/bcad39b03we51f70f0pbc988c4cmaac70d51m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GoMU09Ua4qTX0YrRPjSmfcWt49C64Uckgotvc23fLHsADhlm3Ms4pkHgNrLfIvCE3w3d3TNPugwm6cFar%2FbII1%2Fgss671ATidroF6xm2o6bowRrADdVEn21mgDFSLVg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
8758050328980bab-AMS
alt-svc
h3=":443"; ma=86400
maxi_dress_370x440_1_720x.jpg
forwomenusa.com/cdn/shop/files/
99 KB
100 KB
Image
General
Full URL
https://forwomenusa.com/cdn/shop/files/maxi_dress_370x440_1_720x.jpg?v=1711198231
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
292f343e54285b212c317cbc907f4de6c2f6f9952bb6ab5f7aba95c1118e95db
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
140236
x-permitted-cross-domain-policies
none
source-type
image/jpeg
server-timing
imagery;dur=152.690, imageryFetch;dur=45.026, imageryProcess;dur=106.921;desc="image", cfRequestDuration;dur=13.999939
source-length
94192
content-length
101530
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
8978ffb8-cc21-485e-96e7-253ce1f392f2-1711201214
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 23 Mar 2024 13:40:15 GMT
server
cloudflare
x-download-options
noopen
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqZtV8F7NBq12ul9xDa8yzKcZbbFRF8MDzX07ChPqTm0Uoou6b2qFLtqf%2BtXPUD4TeS0z3eE9%2FWBK0%2B0%2BUQ3PjbKnlJWWoYPYYgoSj9WjQBsCW1JadQwDQou0fLHcSH6ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
875805033e6b66eb-AMS
x-sorting-hat-podid
223
party_2_dress_370x440_3646430b-c947-4ffc-adce-7a89d2d896ce_720x.jpg
forwomenusa.com/cdn/shop/files/
36 KB
37 KB
Image
General
Full URL
https://forwomenusa.com/cdn/shop/files/party_2_dress_370x440_3646430b-c947-4ffc-adce-7a89d2d896ce_720x.jpg?v=1711284654
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbff4c18730315732850afe4021a8967698716fcbf5a4f9f8af6f80db41694f6
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
140236
x-permitted-cross-domain-policies
none
source-type
image/jpeg
server-timing
imagery;dur=232.964, imageryFetch;dur=73.089, imageryProcess;dur=158.781;desc="image", cfRequestDuration;dur=13.000011
source-length
44688
content-length
37164
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
16573097-144c-4ae9-a4cf-bbc260d18200-1712310569
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Apr 2024 09:49:29 GMT
server
cloudflare
x-download-options
noopen
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SlScK1ZqEmCUhAR4vIuhuHjH%2FHiqUIh6gDkJ22eJJAEoqZ4I59XBAgr%2B1UiUtwaw3%2B77Rh3miPR6nZ656%2Fb0Gc5HHlaH%2Fg5YGFrSDNLKGH6nyWgVEWp%2B%2F4dq5ayyCs7qnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
875805033e6c66eb-AMS
x-sorting-hat-podid
223
midi_2_dress_370x440_59227a80-e601-4dd2-ba1d-a4065bc82b43_720x.jpg
forwomenusa.com/cdn/shop/files/
49 KB
50 KB
Image
General
Full URL
https://forwomenusa.com/cdn/shop/files/midi_2_dress_370x440_59227a80-e601-4dd2-ba1d-a4065bc82b43_720x.jpg?v=1711284653
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f193fe0e88c8b698f67f15f83a0dd83920e74a4910f678e3f2fd1b633c9c0998
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
41683
x-permitted-cross-domain-policies
none
source-type
image/jpeg
server-timing
imagery;dur=164.435, imageryFetch;dur=59.029, imageryProcess;dur=104.767;desc="image", cfRequestDuration;dur=16.000032
source-length
52477
content-length
50442
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
b72932c9-6ffe-4c8d-bcc5-6a3ed39c8c05-1711308849
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 24 Mar 2024 19:34:09 GMT
server
cloudflare
x-download-options
noopen
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2QXLmw%2Fq9%2B5dkZbRWXOHdwxX6Vav6OqXpYedd4%2F81Ki%2BbRk1yW14f4poC2p6d57MABrZ5GGo6tUHP5GJAhHZ77v2Yug431WyDGqP61rmcRO0vLigLe%2BEvj7H9bPGaXVyKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
875805033e6d66eb-AMS
x-sorting-hat-podid
223
component-quick-cart.css
forwomenusa.com/cdn/shop/t/29/assets/
14 KB
0
Stylesheet
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/component-quick-cart.css?v=126678254764554091781687380844
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:7:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d133212c0636e4af8de33a4c79af9bc3513d0db77c4ae98e7e29a9c65ec5aa74
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-east1,gcp-us-central1
age
2948714
content-encoding
br
server-timing
imagery;dur=87.086, imageryFetch;dur=83.741, cfRequestDuration;dur=15.000105, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
667cd7d9-ce46-4d0b-836b-8eade3a1238d-1709764752
last-modified
Wed, 06 Mar 2024 22:39:12 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3sBLlvsTgV4Zi6e4GF12XIICqK8U7xI8RHFLFeSMEN7dD82SD%2FbF0s1KfIFIxZnzwICLplekpp73u9i3ddveW9bW5orFFvH89zJe%2BncjVJjt3%2BDntkKRiPhlsf%2BtsE0Vucamy30Z21Yd8iCLUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
875804fbfe8e66cc-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/component-quick-cart.css>; rel="canonical"
x-sorting-hat-podid
223
check_project
analytics.growthsuite.net/ Frame
0
0
Preflight
General
Full URL
https://analytics.growthsuite.net/check_project
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.194 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xdwlzcx.cyou
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PATCH, PUT
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87580503cd0d0e48-AMS
date
Tue, 16 Apr 2024 23:40:17 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713310817&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=e5%2BBlYfLhUfy4zi94hDfGMPR2pz7YNXazOck1dk2oYw%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1713310817&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=e5%2BBlYfLhUfy4zi94hDfGMPR2pz7YNXazOck1dk2oYw%3D
server
cloudflare
via
1.1 vegur
consent-tracking-api.js
forwomenusa.com/cdn/shopifycloud/consent-tracking-api/v0.1/
13 KB
5 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2233f7923068135dcc980d690c43a755bac5137a52c26ec676e6229a09054d19
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
684
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=323.641, imageryFetch;dur=27.508, cfRequestDuration;dur=11.999846
alt-svc
h3=":443"; ma=86400
content-length
4249
x-xss-protection
1; mode=block
x-request-id
ff1b145f-071a-43a5-9831-9627815913d7-1713308974
last-modified
Tue, 16 Apr 2024 23:09:34 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GZsJZ6PnG1oDnpX7M5lH10WnARuT30aBhkbHyPBODYA9EArCpBPhwMMtU1GiI8Ex5Ow812Y0SSSdjd%2By7sRgvPpNLlHJVrYDrenF%2FalIzKLzXVQ31zo0SSR8vex5ihT%2FYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
accept-ranges
bytes
cf-ray
875805033ae5b98c-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-sorting-hat-podid
-1
tms_install_check
tms.hextom.com/
77 KB
4 KB
XHR
General
Full URL
https://tms.hextom.com/tms_install_check?shop=for-women-usa.myshopify.com
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.134.147 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-134-147.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cef0ff4052a72e5e32367ba8755723b2ea6b7b75815e6028f2aa1071d99f29d9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Language, Cookie, Origin
content-language
en
content-type
application/json
access-control-allow-origin
https://xdwlzcx.cyou
access-control-allow-credentials
true
content-length
4020
cart.js
xdwlzcx.cyou/
548 B
558 B
Fetch
General
Full URL
https://xdwlzcx.cyou/cart.js
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tp5gbCv0lnZgPD6GZpjVXVvWBjQN4mdFda%2F7z%2BvjhzsWJp7kPwI32%2FyyD4jwANDI6FqaD1lrrvDu%2F0yop92aasZ5kjyLXQd1izr%2BHbskqjSaewjym8WX6HXwUD%2FxKp0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8758050378bd0bab-AMS
alt-svc
h3=":443"; ma=86400
check_project
analytics.growthsuite.net/
13 B
821 B
Fetch
General
Full URL
https://analytics.growthsuite.net/check_project
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.194 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2430f1a2ad2982d0067885488a4c89e21ad1d7c83b115ba8f1b20acc88dfaea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1713310817&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=e5%2BBlYfLhUfy4zi94hDfGMPR2pz7YNXazOck1dk2oYw%3D
x-request-id
0ea8bb93-046e-40a0-9ddb-229e0aaf6b48
x-runtime
0.003994
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"2430f1a2ad2982d0067885488a4c89e2"
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713310817&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=e5%2BBlYfLhUfy4zi94hDfGMPR2pz7YNXazOck1dk2oYw%3D"}]}
access-control-expose-headers
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
vary
Origin
cf-ray
875805045d520e48-AMS
quadpay.js
cdn.quadpay.com/v1/
1 MB
299 KB
Script
General
Full URL
https://cdn.quadpay.com/v1/quadpay.js?tagname=quadpay-widget
Requested by
Host: widgets.quadpay.com
URL: https://widgets.quadpay.com/quadpay-shopify.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48E1) /
Resource Hash
dfa6a77ca8b1c091e2f73e622f2a670b5405bd8e7d5ceb269b6e15da70d6a49c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
7M8sspOHvZJ7RP8dbf9BrA==
age
19234
x-cache
HIT
content-length
305797
x-xss-protection
1; mode=block
x-ms-lease-status
unlocked
last-modified
Thu, 04 Apr 2024 18:16:13 GMT
server
ECAcc (ama/48E1)
etag
0x8DC54D34FBAF97F
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
501e3fd3-b01e-0056-2f2a-900651000000
cache-control
max-age=3600
x-ms-version
2009-09-19
expires
Wed, 17 Apr 2024 00:40:17 GMT
cart.js
xdwlzcx.cyou/
548 B
554 B
Fetch
General
Full URL
https://xdwlzcx.cyou/cart.js?random=1713310817842
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2Be2MpjzI5lwy4Keid2i8gNOA%2F8AUuNWRyI9sy0zJwNLK3BR9KZZAzpBy656qSWLYPG%2B8Sk2Z04DE%2B8aZA3rPFyKYEWTS%2BvTNwqUxnx5LyeTRXp3GutDgaPsw6nuKtE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8758050398cd0bab-AMS
alt-svc
h3=":443"; ma=86400
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=3051643961618415&ev=PageView&dl=https%3A%2F%2Fxdwlzcx.cyou%2F&rl=&if=false&ts=1713310817914&sw=1600&sh=1200&v=2.9.153&r=stable&a=shopify&ec=0&o=4126&fbp=fb.1.1713310817911.134553996&hmd=7b7a7879d5ee6c3265e24039&pl=https%3A%2F%2Fforwomenusa.com%2F&cs_est=true&ler=empty&cdl=API_unavailable&it=1713310817428&coo=false&eid=sh-e948626c-7ABA-483B-F85C-79515AA7E2F4&rqm=GET
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1294, tbw=2758, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 16 Apr 2024 23:40:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/
15 B
35 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2078523567&t=pageview&_s=1&dl=https%3A%2F%2Fforwomenusa.com%2F&dp=%2F&ul=nl-nl&de=UTF-8&dt=Women%27s%20Fashion%20Store%20%7C%20Women%27s%20Clothes%20Store%20Online%20-%20For%20Women%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEIhBAAAACgCIAB~&jid=795450840&gjid=402799302&cid=1773397371.1713310818&tid=UA-152619282-2&_gid=1547442583.1713310818&_slc=1&did=BwiEti&z=334559599
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
ec47d2d49803e1366b244f7e4d141ad857f1790a0084dd8b80152b128b717662
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Apr 2024 23:40:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xdwlzcx.cyou
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
151 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-152619282-2&cid=1773397371.1713310818&jid=795450840&gjid=402799302&_gid=1547442583.1713310818&_u=aCDAgEIhBAAAAGgCIAB~&z=1504025309
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 16 Apr 2024 23:40:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xdwlzcx.cyou
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify_38a7e.js
analytics.tiktok.com/i18n/pixel/static/
139 KB
37 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_38a7e.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-178.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
5d375e97
date
Tue, 16 Apr 2024 23:40:17 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240408124538835843693CD9FEC2279E
x-tt-trace-id
00-240408124538835843693CD9FEC2279E-1E93971DE01D37DD-00
vary
Accept-Encoding
x-cache
TCP_HIT from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
010e31fdea860714cf1cf97495f6a32b563f7a4b8bc57f00321ddccaedff2eb4186a14c1a965e9fe560ec89fc48a34c18ca976d3b8bcb1d367c1525ecef1aa05c1b122910b5ddc5ca58b93e58f22d30dfbe145382d721b3530c831c61646dab36c
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=8
content-length
36830
pixel
analytics.tiktok.com/api/v2/
0
703 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-178.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
5d375f33
date
Tue, 16 Apr 2024 23:40:18 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2404162340181864D6C32710C9A624CA-0F136CD660C2DE1D-00
x-cache
TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing
inner; dur=38, cdn-cache; desc=MISS, edge; dur=8, origin; dur=131
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202404162340181864D6C32710C9A624CA
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
131,104.126.37.174
x-tt-trace-host
012420985527fc129e691c2ed999163838e44feb1509ae61bb748397c30c0582c4516b65d2f2aba49da9f0f1486ccf234b68d26ccabab671054da89bac454e10f2f413fccc249a2421f68d65a984a9fcd9b6a833ab8b2e774a366aeeeb2938739d
access-control-allow-headers
Authorization,*
expires
Tue, 16 Apr 2024 23:40:18 GMT
/
ct.pinterest.com/v3/
35 B
441 B
Fetch
General
Full URL
https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22sh-e948626c-7ABA-483B-F85C-79515AA7E2F4%22%7D&tid=2613061182023&cb=1713310818035&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22shopify%22%2C%22external_id%22%3A%227623e54515a4fc316281d9cb94e07bfc803b04db8a926b8e6ba5afe5a2ee57cb%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fxdwlzcx.cyou%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226192ffb7%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22123.0.6312.122%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 16 Apr 2024 23:40:18 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://xdwlzcx.cyou
pinterest-version
9d4f0d0ca52e1b70a6f58614c6949c6ee8fcb26a
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=600
x-pinterest-rid
8953392625131173
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
halo.image-banner-slide.js
forwomenusa.com/cdn/shop/t/29/assets/
683 B
1 KB
Script
General
Full URL
https://forwomenusa.com/cdn/shop/t/29/assets/halo.image-banner-slide.js?v=123854488726055376771687380847
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/shop/t/29/assets/theme.js?v=12118190094981532181688096236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e4d972798540aa57435b35fbf9f196251ade1eb4b6dd1c581efe37a14be06d6
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
2078408
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
imagery;dur=73.523, imageryFetch;dur=71.438, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
4e07c775-255c-4b72-975d-640622101b74-1709863115
last-modified
Fri, 08 Mar 2024 01:58:36 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2BPCUo%2F9X8YptX1fAhMtHeAkUAPywPopNOuGWOmfWZLWyoYKT7okPROVCJ6Ifxs%2Bry9tnaA4vAcPIE10%2FhXZNwYWetplrP9bWcGv29VD8GdF795E8TP2lgfwGOmlihSkpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
87580504ef7166eb-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0423/8472/0021/t/29/assets/halo.image-banner-slide.js>; rel="canonical"
x-sorting-hat-podid
223
reviews-scripttag.min.js
d1bu6z2uxfnay3.cloudfront.net/js/frontend/version-14/
50 KB
14 KB
Script
General
Full URL
https://d1bu6z2uxfnay3.cloudfront.net/js/frontend/version-14/reviews-scripttag.min.js?version=178
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:8800:3:3ee2:8ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f2343f9d9793a2f6b87b35ef6ba162221c70e64846e5e97ccda6ace2ed046fa

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 07:31:09 GMT
content-encoding
br
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P6
age
1094949
x-cache
Hit from cloudfront
last-modified
Tue, 02 Apr 2024 07:46:39 GMT
server
cloudflare
etag
W/"c738-615184e6d5c5a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bc5ZEBgu21J4beJyZJWKGesnpAXdANH0pLKZPNO7236piJlZq8LQZgYSHQs2nst%2FvwcImjrO2u85VPoskpaeYNE1%2BxPwQT5bU2rIPUfRJVbFSI0sEY%2ByVO%2BFKrUY3Deo4XTif2nDq6rWWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
86ef98dc8f11923e-FRA
x-amz-cf-id
p_hCSPfuJ_a5cQWTvGXb4CCb2OePYVEqzHevRswKx1lZbuUq6t2WuQ==
expires
Sat, 04 May 2024 07:31:09 GMT
js
www.googletagmanager.com/gtag/
305 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J68QT427YG&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6f11d45fd8e48c0514ecf297d51baf4248a9bb22141d92588a44072d4c4f072e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103498
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 Apr 2024 23:40:18 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-152619282-2&cid=1773397371.1713310818&jid=795450840&_u=aCDAgEIhBAAAAGgCIAB~&z=2103938681
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 16 Apr 2024 23:40:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
107 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-152619282-2&cid=1773397371.1713310818&jid=795450840&_u=aCDAgEIhBAAAAGgCIAB~&z=2103938681
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 16 Apr 2024 23:40:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
live_growthsuite-min.js
app.growthsuite.net/xdwlzcx.cyou/
0
0

collect
h.clarity.ms/
0
292 B
XHR
General
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/x-clarity-gzip
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://xdwlzcx.cyou
Date
Tue, 16 Apr 2024 23:40:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
ella_market.min.js
cdn3.hextom.com/js/themes/
534 KB
136 KB
Script
General
Full URL
https://cdn3.hextom.com/js/themes/ella_market.min.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/6bc613ac-4d3c-486f-b9a4-063627428416/hextom-translate-and-currency-27/assets/tms-translator.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2e00:b:75a7:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
572a925d3348ae95c135bbad68b566b49d3b576c2785cd96841810d4f5904bc4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 16:35:16 GMT
content-encoding
gzip
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-version-id
null
x-amz-cf-pop
FRA56-P5
age
25503
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
138185
last-modified
Wed, 10 Apr 2024 23:27:22 GMT
server
AmazonS3
etag
"5cfed31fc236997ce44d8b97750cfb5b"
content-type
text/javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
grEEQKWaneFhKAGt9_C2rc2HDNeQ_aNXynSxqyuFkcg-9_TtrmwAOA==
act
analytics.tiktok.com/api/v2/pixel/
0
703 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-178.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
5d376113
date
Tue, 16 Apr 2024 23:40:18 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2404162340181BEFE1D838A624A74691-6C35AF9D72F228D4-00
x-cache
TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing
inner; dur=23, cdn-cache; desc=MISS, edge; dur=12, origin; dur=120
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202404162340181BEFE1D838A624A74691
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
121,104.126.37.174
x-tt-trace-host
012420985527fc129e691c2ed999163838e44feb1509ae61bb748397c30c0582c48b5f3b82434b5bb33abdb5d8448bf88b7cf34c8556901845f0f2dcb2a0082024293b48d28811eb9707353ede198919f89e23e58193a6031989ccabaae3e57f8c
access-control-allow-headers
Authorization,*
expires
Tue, 16 Apr 2024 23:40:18 GMT
reviews-importer.css
d1bu6z2uxfnay3.cloudfront.net/css-version-14/assets/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://d1bu6z2uxfnay3.cloudfront.net/css-version-14/assets/css/reviews-importer.css?version=178
Requested by
Host: d1bu6z2uxfnay3.cloudfront.net
URL: https://d1bu6z2uxfnay3.cloudfront.net/js/frontend/version-14/reviews-scripttag.min.js?version=178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:8800:3:3ee2:8ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bd10c150911ada11116b8171f11156e47e7aded490da16aa3bfc60d8424a85f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 05 Mar 2024 11:23:02 GMT
content-encoding
gzip
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P6
age
3673036
x-cache
Hit from cloudfront
content-length
549
last-modified
Thu, 16 Nov 2023 07:17:36 GMT
server
cloudflare
etag
"57f-60a3fd0700e43-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l64GKgpG70u6iYxFStW0AYkVvjs7KcWKN7KVFnwdMkFn9J1SYgZJxBIwIqD12uQDdlrNw%2FPnzSqgY4%2FJi0y9FbWfBJiHSFRGrDaXFDfu%2FZNhrwGw6getnPpv0XoRm8REy2LzMOg0nafo3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
85f9bb4b9b953609-FRA
x-amz-cf-id
WO2xu5wwjpP8kvs4JuHrjvftXeIvUH7eQE3gWlmMurzXjX4Tg0ThfQ==
expires
Wed, 05 Mar 2025 11:23:02 GMT
truncated
/
2 KB
0
Stylesheet
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e2c051c3c58cdada09cc0db823f19ee4bef89204eb6ca206476b714703b919d

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
text/css;charset=UTF-8
tms_install_check
tms.hextom.com/
77 KB
4 KB
XHR
General
Full URL
https://tms.hextom.com/tms_install_check?shop=for-women-usa.myshopify.com
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.134.147 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-134-147.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cef0ff4052a72e5e32367ba8755723b2ea6b7b75815e6028f2aa1071d99f29d9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Language, Cookie, Origin
content-language
en
content-type
application/json
access-control-allow-origin
https://xdwlzcx.cyou
access-control-allow-credentials
true
content-length
4020
module.js
cdn1.avada.io/flying-pages/
2 KB
2 KB
Script
General
Full URL
https://cdn1.avada.io/flying-pages/module.js?shop=for-women-usa.myshopify.com
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45a9e148648291b5b3bae2ed5bc178eecff740ddd35cad84920675f5d66afb0a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
db5256a51cdd86d8babb7cf6fb323e1559dd3377
date
Tue, 16 Apr 2024 23:40:18 GMT
via
1.1 varnish
content-encoding
br
expires
Tue, 16 Apr 2024 06:25:26 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache
HIT
x-cache
HIT
x-served-by
cache-ams21045-AMS
last-modified
Mon, 08 Apr 2024 04:24:31 GMT
server
cloudflare
x-github-request-id
B9CA:20AD8F:A201792:A48859D:6613723B
x-timer
S1712597796.678431,VS0,VE1
etag
W/"6613717f-9cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sAwnRh6O%2FiepMErvuvDjN1hpYpS9V%2FAEI93ryllHvIJjDq%2FM4VjdIku%2F2EW%2BldZcwD8WFT01YQpGe%2FzG1XFdFmq%2FnaRqCdM2%2FlmvXqfVdWEn7sQxZn7geu8n3HydCTu66PGjzj%2BmW%2BSFv54%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2678400
x-origin-cache
HIT
cf-ray
87580507fec6661a-AMS
x-cache-hits
2
for-women-usa.myshopify.com.20231212120418.scripttag.js
d1bu6z2uxfnay3.cloudfront.net/storage/scripts/
582 B
1 KB
Script
General
Full URL
https://d1bu6z2uxfnay3.cloudfront.net/storage/scripts/for-women-usa.myshopify.com.20231212120418.scripttag.js?shop=for-women-usa.myshopify.com
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:8800:3:3ee2:8ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21ef168fb4acaf9f49730d4a5ebe9f0f1c7735766b3913fab16d71114565f6fc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 07:03:53 GMT
content-encoding
gzip
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P6
age
1787785
x-cache
Hit from cloudfront
content-length
322
last-modified
Tue, 12 Dec 2023 12:04:18 GMT
server
cloudflare
etag
"246-60c4ed99fc8ad-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIgZiK%2BvmUG7vQVSB6oaSdcH%2FRQMwPQUNwQcX8USBQDWnQ%2FxHlVONGvQG28Gwg29IDdm5NnZ2VSSGXn%2FgFjlbIk5ue%2BNDyRWbOXxNgQnAyrKL8KTNkknicbtjejAzKhpWswYU6iN5sliTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
85b5746f0a0565e0-FRA
x-amz-cf-id
GjIoj4Coxh49TQZyytghaJzeD5rX7MSEcIYXPn8XoejB-VhAQcbiUA==
expires
Fri, 19 Apr 2024 03:17:39 GMT
loader.js
cdn.shopify.com/proxy/228fa495175e2f510bedb37eabc3b864b88393ec7f5f4cfee21e85b38ab7e6b7/api.goaffpro.com/
13 KB
4 KB
Script
General
Full URL
https://cdn.shopify.com/proxy/228fa495175e2f510bedb37eabc3b864b88393ec7f5f4cfee21e85b38ab7e6b7/api.goaffpro.com/loader.js?shop=for-women-usa.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
a84735f44eb4367c8e8decb39eecd11601c01cdd21a5fbf9c6ae641b8f3ea89b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
default-src 'none'; sandbox;
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
content-disposition
attachment
server-timing
imagery;dur=163.138, imageryFetch;dur=137.455, cfRequestDuration;dur=338.000059
alt-svc
h3=":443"; ma=86400
content-length
3543
x-xss-protection
1; mode=block
x-request-id
8d3b5e68-cf58-4b1d-90da-fb16d4216039-1713310818
referrer-policy
same-origin
last-modified
Tue, 16 Apr 2024 23:29:44 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=73xgzJiE%2FGlefe1Jv2T7doGhSeUIMw7YlnHEdkuJ7QkkHJ0PvQGgkU1%2F4saYb4pwq1P4GO0EOeOlfp%2BtaGzLrQTOT02kMBWy%2FfFeKCnEp%2FDG2sHul%2FHcV5T46HGvLuNceQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/proxy/228fa495175e2f510bedb37eabc3b864b88393ec7f5f4cfee21e85b38ab7e6b7/api.goaffpro.com/loader.js>; rel="canonical"
cf-ray
8758050788880a48-AMS
render.af3d0704fbf4e7df24d9.js
widget-v4.tidiochat.com/1_222_0/static/js/
Redirect Chain
  • https://code.tidio.co/uuq154rok3swhwsz02kibnzoiabmvdyf.js?shop=for-women-usa.myshopify.com
  • https://widget-v4.tidiochat.com/1_222_0/static/js/render.af3d0704fbf4e7df24d9.js
5 KB
2 KB
Script
General
Full URL
https://widget-v4.tidiochat.com/1_222_0/static/js/render.af3d0704fbf4e7df24d9.js
Protocol
H2
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db314bb9b59428a9474c3ed3c639808b4fa143f39d44b5e1957cb5a1fbc26485

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://xdwlzcx.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Apr 2024 07:39:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7002
etag
W/"660d07bc-1472"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8EST%2BLL%2FS0dtbzhTrGG%2FB03ZObtRWuOVeMfWFiIBxK%2FTK1dmftDfWDs3IDffcxTWd7J0L%2FTUiZ6%2FEhE4yyJ7XZ6PRpXk0rxzGeu1o%2F6V%2BZuEtpf6gnmjV0DctL4LW%2BWpBfLdpr41OyTNZOuCX%2FIOybLqE0ti"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8758050a78a46679-AMS

Redirect headers

date
Tue, 16 Apr 2024 23:40:18 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
widget-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Q1FmOtdMGbrtR1A7gWEHnvWc5094rwn1yOIPQz%2BL3qGgtgh7KSMIiZnb%2FBWQsAnRNNPEfrp0bOev3qORnaJjFx32d2i04NrK%2FElZXpX1wkWNCdCdi%2FE7z2GhAPjPYw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://widget-v4.tidiochat.com/1_222_0/static/js/render.af3d0704fbf4e7df24d9.js
cache-control
public, s-maxage=300, max-age=0
cf-ray
87580507f8849f9c-AMS
avada-seo-installed.js
seo.apps.avada.io/
113 B
442 B
Script
General
Full URL
https://seo.apps.avada.io/avada-seo-installed.js?shop=for-women-usa.myshopify.com
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b2abbd34d8d3da519f79ac86e802cd4e43d6b3882fd0c70cca5f30691a4cda9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-ams21066-AMS
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 16 Apr 2024 23:40:18 GMT
last-modified
Fri, 12 Apr 2024 09:41:26 GMT
x-timer
S1713310819.554433,VS0,VE1
etag
"c26c57c4e9cd704b5c5e922c467a5caf66196f1404cdc8edc2eb9d2c082decaf-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=2678400
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
95
x-cache-hits
0
estimate.js
edt.uppercommerce.com/js/
95 KB
20 KB
Script
General
Full URL
https://edt.uppercommerce.com/js/estimate.js?v=1691688536&shop=for-women-usa.myshopify.com
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea873841076422cb6c3d8d4416a8301a275bfd22b6f22f68aa0f60ece987b1b0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
content-encoding
br
x-oss-request-id
65FE16E32B63479DACF147FF
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
bzOjCSICVqiRMnfQeGbw/Q==
cf-cache-status
REVALIDATED
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Wed, 07 Feb 2024 11:00:37 GMT
server
cloudflare
x-oss-server-side-encryption
AES256
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LN%2FrRSKsrRM64L4Dyb3Alm%2FGcn748PJiIFDQBglP2%2FmGy0UmomJ9s3Un%2BSWtEt3fRej%2B5jnjDwv%2B2fI1ykfgqQrXuZpXvI1eyiT45%2Fs8dxU1DvAggjma0uAX9kGn7c5Zufp6XJJaQsA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-oss-storage-class
Standard
cf-ray
87580507fef093c0-AMS
x-oss-hash-crc64ecma
8636134332171273997
x-oss-server-time
1
shopify.js
cdn.shoppinggives.com/cc-utilities/
405 KB
80 KB
Script
General
Full URL
https://cdn.shoppinggives.com/cc-utilities/shopify.js?store-id=51b6eadc-9263-4170-8338-ccc5b856d57e&shop=for-women-usa.myshopify.com
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e00:1e:d56b:2480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f958b5faa3d10e3f39d22826ebe5052f0dc2c7142f7ce3c47973f2d689d4bf7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 12:05:37 GMT
content-encoding
gzip
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 22:41:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
41682
etag
W/"6d71403a528668d962105288d7d8ea17"
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:460325390329:build/ProdWidgetsBuilder:ca1645f3-e4b6-4a43-8d24-1da354a902e7
vary
Accept-Encoding
content-type
application/x-javascript
x-cache
Hit from cloudfront
x-amz-cf-id
TEj9uEtzniMeczEFp2Kqsk2LxwoM5doNdl7X1WiAP7HVDoOpaF7qjw==
polyfill.min.js
cdn.polyfill.io/v2/
103 B
382 B
Script
General
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?t=tapita-seo-script-tags&shop=for-women-usa.myshopify.com
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:35ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 16 Apr 2024 12:05:36 GMT
server
cloudflare
age
41682
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
87580507f95266c3-AMS
expires
Wed, 17 Apr 2024 03:40:18 GMT
start_growth_suite-min.js
cdn.shopify.com/proxy/0a527364d3af06f0a205a13fe5c1cbf5eadc26d43bf72bcbc59d4ea8157834c0/app.growthsuite.net/
3 KB
2 KB
Script
General
Full URL
https://cdn.shopify.com/proxy/0a527364d3af06f0a205a13fe5c1cbf5eadc26d43bf72bcbc59d4ea8157834c0/app.growthsuite.net/start_growth_suite-min.js?shop=for-women-usa.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e91b18cfb96daa481945ba6e21d6c2ea40872a47b001df24d4f2d181166ef136
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
content-security-policy
default-src 'none'; sandbox;
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
content-encoding
br
content-disposition
attachment
server-timing
imagery;dur=74.083, imageryFetch;dur=73.138, cfRequestDuration;dur=294.000149
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
0aba0b8c-c0b6-4163-a198-27406282aa94-1710182715
last-modified
Tue, 05 Jul 2022 18:13:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6bYUoZ6%2Bzrity7pj%2FvjGoaaEBd2lepqy8UUmvKVN3E4LF7T2FSXYjA8Zy%2F3Riuv81QhYllkTBJWvwoYCGKeWR7iVbdNqjQ9blmZxftGwLqEbGd0LrchKGbEiuAYXhfVLxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
timing-allow-origin
*
link
<https://cdn.shopify.com/proxy/0a527364d3af06f0a205a13fe5c1cbf5eadc26d43bf72bcbc59d4ea8157834c0/app.growthsuite.net/start_growth_suite-min.js>; rel="canonical"
cf-ray
8758050788890a48-AMS
store_reconvert_node.js
reconvert-cdn.com/assets/js/
17 KB
5 KB
Script
General
Full URL
https://reconvert-cdn.com/assets/js/store_reconvert_node.js?v=2&scid=ZjE2OTJhMGNlYTZmMzYzMTU5OGYwYjFkY2I1YTBlZDEuN2M1ZDg0MjU1ZDc5ZWI4MjFiMzkwNjI5MDU1NTg0ODk=&shop=for-women-usa.myshopify.com
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a45427201f10ab957d0c8abffb1b023662880f1fd803a60dfc024c2b1dc71d0a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
x-amz-version-id
5iaU0FaCZ6ltemu.QrGhjZnx4Z5VtO64
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA53-C1
age
6753
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 13 Mar 2024 10:07:28 GMT
server
cloudflare
etag
W/"837d287ba3683d97b331ee4a06b98806"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gwwa%2BPuyzb6xwnhmg9kAqqB%2FwGvY0FQ3b3IQQFwbx4SpI8ux9oJ7DDmaPA0bidH0sdEFg3NK3nov6wiwx%2BW627u84HTC2QKsjvkdeo5w2plS2wHZLPW5mcTDgeYunMGroKaj%2B%2FYVbyesMYzz8habig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
87580507f97a41ae-AMS
x-amz-cf-id
Tl1Aw3mCtKO_Wrbm6T_pd1sqJqn3tZeIFA_hn111p9EDHjWatEPYxA==
reconvert_script_tags.mini.js
reconvert-cdn.com/assets/js/
10 KB
3 KB
Script
General
Full URL
https://reconvert-cdn.com/assets/js/reconvert_script_tags.mini.js?scid=ZjE2OTJhMGNlYTZmMzYzMTU5OGYwYjFkY2I1YTBlZDEuN2M1ZDg0MjU1ZDc5ZWI4MjFiMzkwNjI5MDU1NTg0ODk=&shop=for-women-usa.myshopify.com
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59ab985b9d6d2b16b93fe8f76070e1f868156e851b92bffb31d8bc1370ed31c1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
x-amz-version-id
qyQ4.6436OoJTiLrIa0HTzanpn_gGcs1
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA53-C1
age
4907
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 13 Mar 2024 10:07:28 GMT
server
cloudflare
etag
W/"b76d3d695214118457aa0f3f7f93b0bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FJFzIOoqdosCnwprWJbZcV1HJq6tBEI6yeEriZzM5DrRygiD3dr1XdRn01yKz1PMEBXkOW8TN7UwzeExRAceDB3WiGUl%2B7ryk03vkHfYeTR9ysdARpDhv4%2FFvqSeIio6iQtcIW34n5RBhP0APsbpZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
87580507f97941ae-AMS
x-amz-cf-id
3WN3Adgy2UHZAFFCr5nU3vC3EjFZt-AnC9UHcVJpqLKSLNOPw5vsCA==
shopify-scevent-init.js
intg.snapchat.com/shopify/
10 KB
4 KB
Script
General
Full URL
https://intg.snapchat.com/shopify/shopify-scevent-init.js?id=7d54f07c-7685-4354-9a0f-576d9f30508f&shop=for-women-usa.myshopify.com
Requested by
Host: xdwlzcx.cyou
URL: https://xdwlzcx.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:4800:7:67fb:be80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f77b50dc03e1ccb904a645d0598bf4f7e5f943021a1e62e4c8a9ec7e70296564

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 03:04:48 GMT
content-encoding
gzip
via
1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
last-modified
Thu, 11 Apr 2024 19:12:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
age
74131
x-amz-server-side-encryption
AES256
etag
W/"b4e3b7517d812611161186c12b83e11d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
f-re62djm_4dKgYM-qJKwOmt_4MX8XLWvR0HsdI-n3Inct5W_hbhZw==
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=56AC4E4D375C495F9411A98743A5C433&RedC=c.clarity.ms&MXFR=3AA3D3CB45EA61BB34F5C7A841EA6F08
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=56AC4E4D375C495F9411A98743A5C433&MUID=0666EE589CF766AD1E4FFA3B9DA067C4
42 B
443 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=56AC4E4D375C495F9411A98743A5C433&MUID=0666EE589CF766AD1E4FFA3B9DA067C4
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://xdwlzcx.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Apr 2024 23:40:18 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 16 Apr 2024 23:40:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C3BC98C89BEB45058701892C4FF8C4BF Ref B: AMS04EDGE1122 Ref C: 2024-04-16T23:40:18Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=56AC4E4D375C495F9411A98743A5C433&MUID=0666EE589CF766AD1E4FFA3B9DA067C4
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
token_create.js
ct.pinterest.com/static/ct/
4 KB
4 KB
Script
General
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6192ffb7.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca727c9d9c5d3ffa9fc01a2c57d612263a5ef4138da8d9b8e76e354835882466

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
x-cdn
fastly
age
95
etag
"2a8d051abafd7b1d3f62592455b15f0c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
alt-svc
h3=":443";ma=600
content-length
4101
ct.html
ct.pinterest.com/ Frame AC90
0
0
Document
General
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6192ffb7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://xdwlzcx.cyou/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Tue, 16 Apr 2024 23:40:18 GMT
pinterest-version
9d4f0d0ca52e1b70a6f58614c6949c6ee8fcb26a
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
1
x-pinterest-rid
7129841151999275
en-US.svg
cdn3.hextom.com/img/national_flag/
6 KB
1 KB
Image
General
Full URL
https://cdn3.hextom.com/img/national_flag/en-US.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2e00:b:75a7:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d3204b87f51bdd236991de6486bf8f64d710eebb96228ea6cef5faa8e15af9f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
date
Tue, 16 Apr 2024 08:13:12 GMT
last-modified
Wed, 01 Jun 2022 19:43:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
64749
x-amz-server-side-encryption
AES256
etag
W/"7f0109d94c888a663452af48e2d324d7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
x-amz-cf-id
nPPmCixATvS4s462CD7Y0kOsjhKsBDGTRVM-1iRs3n_CZvWjhs7o1g==
produce_batch
xdwlzcx.cyou/.well-known/shopify/monorail/unstable/
548 B
529 B
Ping
General
Full URL
https://xdwlzcx.cyou/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/wpm/bcad39b03we51f70f0pbc988c4cmaac70d51m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Apr 2024 23:40:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XNN%2ByQzyb3BhiFAPdlpTHghSsEtQcLTjbgIMLFZrX9%2Fcf07K8zd6Hu4%2F%2BBqEIGrUfsc%2FsssL9oCbFA3GSrijl42cmGkwcGnUVAESH%2FhLL9YkERqQFPNCqhEL4Uf0udg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
8758050a1de20bab-AMS
alt-svc
h3=":443"; ma=86400
reconvert_script_tags.php
www.stilyoapps.com/reconvert/
101 B
385 B
XHR
General
Full URL
https://www.stilyoapps.com/reconvert/reconvert_script_tags.php?shop=for-women-usa.myshopify.com&store_client_id=ZjE2OTJhMGNlYTZmMzYzMTU5OGYwYjFkY2I1YTBlZDEuN2M1ZDg0MjU1ZDc5ZWI4MjFiMzkwNjI5MDU1NTg0ODk%3D
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.77.176 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-77-176.us-west-1.compute.amazonaws.com
Software
nginx/1.14.2 / PHP/7.4.33
Resource Hash
1c8052fed661a4c68b162ff8852299a9dedcc3eaeb04ea5bc0d76024afb53ec6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
*/*
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:19 GMT
content-encoding
gzip
server
nginx/1.14.2
x-powered-by
PHP/7.4.33
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
Authorization, Authentication, Content-Type
scevent.min.js
sc-static.net/
44 KB
19 KB
Script
General
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: intg.snapchat.com
URL: https://intg.snapchat.com/shopify/shopify-scevent-init.js?id=7d54f07c-7685-4354-9a0f-576d9f30508f&shop=for-women-usa.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-250.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
f563aec552103867adcb967e41b1699c9d15e1aa257c7a210f70f5cd71e6a0ef

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
content-encoding
gzip
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
19297
x-amz-cf-id
D-lyyhxz0bSLoOtuRFcDqoG9MI7DnP0HgR66wkJeeCFOIHVYDBtNjw==
js-sha256-v1.min.js
sc-static.net/
22 KB
8 KB
Script
General
Full URL
https://sc-static.net/js-sha256-v1.min.js
Requested by
Host: intg.snapchat.com
URL: https://intg.snapchat.com/shopify/shopify-scevent-init.js?id=7d54f07c-7685-4354-9a0f-576d9f30508f&shop=for-women-usa.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-250.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 12:05:38 GMT
content-encoding
gzip
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
41681
x-cache
Hit from cloudfront
last-modified
Fri, 05 Apr 2019 00:32:08 GMT
server
AmazonS3
etag
W/"68f2467c84878293c9ee497dbc99a17f"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-id
jkty3dETxya2VHMSa7nVI55vUQ66Wq1GRRQbmKTLhKiYfkGDQt6bAw==
rct_cart_front.css
reconvert-cdn.com/v1/assets/css/
1 KB
950 B
Stylesheet
General
Full URL
https://reconvert-cdn.com/v1/assets/css/rct_cart_front.css
Requested by
Host: reconvert-cdn.com
URL: https://reconvert-cdn.com/assets/js/store_reconvert_node.js?v=2&scid=ZjE2OTJhMGNlYTZmMzYzMTU5OGYwYjFkY2I1YTBlZDEuN2M1ZDg0MjU1ZDc5ZWI4MjFiMzkwNjI5MDU1NTg0ODk=&shop=for-women-usa.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e1a662efe9f5d98df0c8f00c64fe3927308691a8fd90135f29fa9c08ff87b1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
x-amz-version-id
IE5JWDRW6YUlB5GbR6CKCGjy24UgTsrj
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA53-C1
age
5183
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 13 Mar 2024 10:07:30 GMT
server
cloudflare
etag
W/"9d5ea52dbe289ac363657376150d0ae5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQMsS6dZMvfX8InMmN01ztw4ZNJl50DlGu9nyv8qrhstP5%2FQ4cQaTyvb8mkYKihByM8cgbF5rghjgagcdLzj%2BYECTko7HKtMOa8rJMXvw1jyzInVZtqZoR2wUg4N96FqQz45bdaK%2FCpJdHPXYZtoBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
8758050a5a1341ae-AMS
x-amz-cf-id
1xLzVklAlBhEF_Y9bXiY1p4Y-kms9IqXP_RUnB38doHf-YMiFbU4VQ==
none
stores.api.shoppinggives.com/cc-small/ Frame
0
0
Preflight
General
Full URL
https://stores.api.shoppinggives.com/cc-small/none
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.84.122.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-84-122-13.us-west-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-store-id
Access-Control-Request-Method
GET
Origin
https://xdwlzcx.cyou
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, x-store-id, x-store-api-key
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://xdwlzcx.cyou
access-control-expose-headers
x-addon-donation-preview-mode, x-preview-mode, x-round-up-preview-mode
date
Tue, 16 Apr 2024 23:40:19 GMT
server
Kestrel
none
stores.api.shoppinggives.com/cc-small/
764 B
1 KB
XHR
General
Full URL
https://stores.api.shoppinggives.com/cc-small/none
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.84.122.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-84-122-13.us-west-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
3a78f2e7852d626433d1c496d805d7e9fb132b947543087921a07da47e24bd27

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
x-store-id
51b6eadc-9263-4170-8338-ccc5b856d57e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://xdwlzcx.cyou/
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:19 GMT
x-preview-mode
False
x-round-up-preview-mode
False
server
Kestrel
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
https://xdwlzcx.cyou
access-control-expose-headers
x-addon-donation-preview-mode, x-preview-mode, x-round-up-preview-mode
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-store-id, x-store-api-key
content-length
764
x-addon-donation-preview-mode
False
analytics
gateway.us.zip.co/
81 B
447 B
Fetch
General
Full URL
https://gateway.us.zip.co/analytics
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
06b55393857069637a1c2bddee37bc1fc09815c756f73fc257c5c4d9886249a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Apr 2024 23:40:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-azure-ref
20240416T234019Z-17d488f697f5qzsw27udku9hqs00000005yg000000001dvm
x-cache
CONFIG_NOCACHE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xdwlzcx.cyou
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
accept-ranges
bytes
content-length
81
x-xss-protection
1; mode=block
analytics
gateway.us.zip.co/ Frame
0
0
Preflight
General
Full URL
https://gateway.us.zip.co/analytics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://xdwlzcx.cyou
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,request-id,request-context,QP-Territory,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
https://xdwlzcx.cyou
access-control-max-age
1800
content-length
0
date
Tue, 16 Apr 2024 23:40:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-azure-ref
20240416T234019Z-17d488f697f5qzsw27udku9hqs00000005yg000000001dv2
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
chunk-WidgetIframe-af3d0704fbf4e7df24d9.js
widget-v4.tidiochat.com/1_222_0/static/js/ Frame 541E
477 KB
124 KB
Script
General
Full URL
https://widget-v4.tidiochat.com/1_222_0/static/js/chunk-WidgetIframe-af3d0704fbf4e7df24d9.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/uuq154rok3swhwsz02kibnzoiabmvdyf.js?shop=for-women-usa.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d78855794a182656400d639c9bb336dde75dc1020be5fd8ba33f1d0199f759

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Apr 2024 07:39:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7001
etag
W/"660d07bc-774c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMV%2BR%2B9X46iuOH%2FGcSC4o6K9aonf2y6E77p%2BO33jVZ2i3jN49N6BiRa3QO%2FZiFa5IUooVULeMurFQccOkHdQ4va5MkwBTs8pSVFYxe3vA%2BV%2Bdtd6TXkK0LDMkA9X1R7PXKlMUznVXb79ogNoJVsmzCgbGG2N"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8758050ab8bf6679-AMS
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame 541E
27 KB
27 KB
Font
General
Full URL
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/uuq154rok3swhwsz02kibnzoiabmvdyf.js?shop=for-women-usa.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:19 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 03 Apr 2024 07:39:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"660d07b7-6b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZMdidOkAKwvDNrkzwUBZZs9b1Lsld6pzAY5%2F9z7Vcut3vYgFli5g47tnwIqqk%2FwEIs0GBVaMO53nVmcyNnk15Ck5p%2FZdENg79x%2B6fUgw74msfOFlBP6nGakptaGLB01KfX8b8AqZWxygvAOzLW7xs3lelLN"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8758050afe3566e5-AMS
content-length
27400
tururu.mp3
widget-v4.tidiochat.com// Frame 541E
7 KB
7 KB
Media
General
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
547644
Content-Range
bytes 0-7223/7224
Content-Length
7224
pragma
public
last-modified
Wed, 03 Apr 2024 07:39:35 GMT
server
cloudflare
etag
"660d07b7-1c38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v8R0FmFiLWI79cOTdRnkhPJwixCTQdEVCcynEIa0aSBLXRKsFYT3Urc1P0PsZRhuw5%2FLT2PWRUWs5TLMfObFgA5kBq%2FM1Q2tmB9U%2FWVerdvtFa9L%2BaczNDECTdXA2mt4f1NH0zZAhwwhpuan4VjdGuZYggCW"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
8758050ab8c26679-AMS
expires
Wed, 24 Apr 2024 15:32:55 GMT
widget.af3d0704fbf4e7df24d9.js
widget-v4.tidiochat.com/1_222_0/static/js/ Frame 541E
493 KB
158 KB
Script
General
Full URL
https://widget-v4.tidiochat.com/1_222_0/static/js/widget.af3d0704fbf4e7df24d9.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/uuq154rok3swhwsz02kibnzoiabmvdyf.js?shop=for-women-usa.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9164e2da80f2b2459b5f4bbf935a01849637db4dd93055458c1c34d58f4d403a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Apr 2024 07:39:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6991
etag
W/"660d07bc-7b4f6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AS8YmHzbjG6D5QF2mjyNI4r5aCfPBr%2FMydbcZVPFB6JT6FRCNQWkq5yZjpjXp%2BqhNcBXIU%2Ff6hxxe7r2hDFcT9RNuF6%2B7vCYtJDPlk1BJ1hYpq9nnKM8bqzf%2FOH97kcJBMAV0AOS3b%2FcSBVTBJSq9T07M3es"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8758050ad8cc6679-AMS
shopify
tr.snapchat.com/scs/
0
264 B
Fetch
General
Full URL
https://tr.snapchat.com/scs/shopify
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 16 Apr 2024 23:40:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
text/html
access-control-allow-origin
https://xdwlzcx.cyou
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
7d54f07c-7685-4354-9a0f-576d9f30508f.js
tr.snapchat.com/config/cyou/
191 B
269 B
Script
General
Full URL
https://tr.snapchat.com/config/cyou/7d54f07c-7685-4354-9a0f-576d9f30508f.js?v=3.14.1-2404091850
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
1486f3f881b9759a8760f9c39bb4acbcc19033d5339f1b8ad5c03b49c9a3f40a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://xdwlzcx.cyou
x-envoy-upstream-service-time
103
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
i
tr.snapchat.com/cm/ Frame E5FB
0
0
Document
General
Full URL
https://tr.snapchat.com/cm/i?pid=7d54f07c-7685-4354-9a0f-576d9f30508f&u_scsid=5b95600d-8b41-4013-ba91-e5259a842824&u_sclid=98353532-e643-4501-9a8f-2c31370660a8
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://xdwlzcx.cyou/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 16 Apr 2024 23:40:19 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
Favicon_5_new_32x32.png
forwomenusa.com/cdn/shop/files/
1002 B
2 KB
Other
General
Full URL
https://forwomenusa.com/cdn/shop/files/Favicon_5_new_32x32.png?v=1711284654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.67 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbbf6ad24aef46ca061984476be8069dab52b608d4a46f7b4a8fb4a6a05735a6
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:19 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
249050
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=173.566, imageryFetch;dur=59.212, imageryProcess;dur=20.219;desc="image", cfRequestDuration;dur=13.999939
source-length
4759
content-length
1002
x-xss-protection
1; mode=block
x-sorting-hat-shopid
42384720021
x-request-id
cc028664-3d19-4a66-a315-18d706188f0a-1711285393
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 24 Mar 2024 13:03:14 GMT
server
cloudflare
x-download-options
noopen
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zgz%2B4JJHspf%2BD%2BE4Zg%2BCDGafZy0W1ZR6vCeXsIOg3MTI2rB1En5s6ApmE1Vpux%2FecX%2FIrbPPfW6EC8z4dAL2utNhe5C44WHeeZ35%2B1Sa1h1EIOFMfCnQF%2Be3L2MQqAHsOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8758050b1a5166eb-AMS
x-sorting-hat-podid
223
da.svg
cdn3.hextom.com/img/national_flag/
213 B
619 B
Image
General
Full URL
https://cdn3.hextom.com/img/national_flag/da.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2e00:b:75a7:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d15b90eddd91956b7de55019da0479b09a3342d998f38acd5847d3c0be528eaa

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Tue, 16 Apr 2024 07:47:46 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
57250
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
213
last-modified
Wed, 01 Jun 2022 19:44:49 GMT
server
AmazonS3
etag
"e60c493fdbe69069d943ecc37287aa90"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
a3wwmnx0LO7zlzn28bpnmXLqcRgK27ZS--9oNyKzxHzrV4xBLwZ0Lg==
de.svg
cdn3.hextom.com/img/national_flag/
238 B
644 B
Image
General
Full URL
https://cdn3.hextom.com/img/national_flag/de.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2e00:b:75a7:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb66769cd2af2a363f35a0f1da6c7a5c584c35a6391f2dd4878c6f9005f3ecb6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Tue, 16 Apr 2024 04:26:13 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
69294
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
238
last-modified
Wed, 01 Jun 2022 19:44:19 GMT
server
AmazonS3
etag
"188e8416729dd87dfa353edb4722d632"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
laXu6gr8ABTX-bb5Hm9Ah4iTHm3n7YahCae_KWdAduUlRPK82rG5Hg==
es.svg
cdn3.hextom.com/img/national_flag/
85 KB
16 KB
Image
General
Full URL
https://cdn3.hextom.com/img/national_flag/es.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2e00:b:75a7:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5bdd2b5ce3ebf4a631d36988042e33298de89b43382b163c6117e19b6d9086f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
date
Tue, 16 Apr 2024 08:35:25 GMT
last-modified
Wed, 01 Jun 2022 19:44:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
70256
x-amz-server-side-encryption
AES256
etag
W/"75ec9335f3be045db26a27235d3da6cd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
x-amz-cf-id
n__TYI8MA3TaSP8KdNHcc3f_azlPBuEXHAd3bp9MdsKz16IoQE3zTg==
fr.svg
cdn3.hextom.com/img/national_flag/
265 B
671 B
Image
General
Full URL
https://cdn3.hextom.com/img/national_flag/fr.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2e00:b:75a7:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10d09cbc2a8b2219da141bbacc940ec8f45a55b36b0dd8f92d07c6c93331f85f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Tue, 16 Apr 2024 02:29:05 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
76291
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
265
last-modified
Wed, 01 Jun 2022 19:41:58 GMT
server
AmazonS3
etag
"96f6d6e9584a3cb7ce3b499adaa75529"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
HrOG5O2YAkH1BReD8oNIl2hB1DycPg42_UH9DM6eC2ix_lJOw4-JbA==
it.svg
cdn3.hextom.com/img/national_flag/
279 B
685 B
Image
General
Full URL
https://cdn3.hextom.com/img/national_flag/it.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2e00:b:75a7:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df6faa9601d03e30d30e9a0e630d0286bcdc4306a0570f217034077e7f5875f8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Tue, 16 Apr 2024 06:28:15 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
64540
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
279
last-modified
Wed, 01 Jun 2022 19:44:14 GMT
server
AmazonS3
etag
"391860fa2980901e552efc7883724796"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
2ze1pvQxsJsVt43GIlEeVZg2ElflYOVEbnFeC0gFq31CDN1QMTSU3g==
nl.svg
cdn3.hextom.com/img/national_flag/
337 B
743 B
Image
General
Full URL
https://cdn3.hextom.com/img/national_flag/nl.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2e00:b:75a7:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e00d26bd585c1484559fa8676f9b81bce9578ae149b454921f60392a106a328

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Tue, 16 Apr 2024 05:20:29 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
66008
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
337
last-modified
Wed, 01 Jun 2022 19:42:46 GMT
server
AmazonS3
etag
"ae7bff2a0688d65ea2ba3985ae58b0a7"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
ESGfZlu1RGQ14PjgSeOTzKrcnz_eP1a0zO8W7VZPJnBRycrwCBD6Ug==
no.svg
cdn3.hextom.com/img/national_flag/
294 B
701 B
Image
General
Full URL
https://cdn3.hextom.com/img/national_flag/no.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2e00:b:75a7:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
037c0f21f9ad53589902ddc411e836a94298641b2870ceba0bfac9ffee62352e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Tue, 16 Apr 2024 07:13:52 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
59825
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
294
last-modified
Wed, 01 Jun 2022 19:42:55 GMT
server
AmazonS3
etag
"d8dd9ad33e2d0c876096fbdfd87bcf31"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
XqDDRojKYwvEVNVfs2r4na23jtcN_frE75-mM62gOQJBUqr_K4IqwA==
pt-BR.svg
cdn3.hextom.com/img/national_flag/
12 KB
5 KB
Image
General
Full URL
https://cdn3.hextom.com/img/national_flag/pt-BR.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2e00:b:75a7:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2049f8d820282799f9691a8f51b1f9c1e024e7c30f999ef39e38a612a94e10ad

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
br
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
date
Tue, 16 Apr 2024 04:12:13 GMT
last-modified
Wed, 01 Jun 2022 19:43:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
70112
x-amz-server-side-encryption
AES256
etag
W/"190073fb7652e7c635a1b91af0286b3c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
x-amz-cf-id
N4DgcNGjF-OiQ4kAHbJr6lv-W-5s3bA_salqBDoA5G8BsjWRUfTc7Q==
cart.js
xdwlzcx.cyou/
548 B
0
Fetch
General
Full URL
https://xdwlzcx.cyou/cart.js
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Apr 2024 23:40:18 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tp5gbCv0lnZgPD6GZpjVXVvWBjQN4mdFda%2F7z%2BvjhzsWJp7kPwI32%2FyyD4jwANDI6FqaD1lrrvDu%2F0yop92aasZ5kjyLXQd1izr%2BHbskqjSaewjym8WX6HXwUD%2FxKp0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8758050378bd0bab-AMS
alt-svc
h3=":443"; ma=86400
PEUZTmhmmw72wsxQWEFCB.json
cdn.optimizely.com/datafiles/
51 KB
9 KB
XHR
General
Full URL
https://cdn.optimizely.com/datafiles/PEUZTmhmmw72wsxQWEFCB.json
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88e::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
910a0ae768c726733a26db956d66d6cfaca7851a597a453c68385eb40eab2f8c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
jcDpXTJ21vl3IwMg8TejHxwL047Jef_D
content-encoding
gzip
date
Tue, 16 Apr 2024 23:40:19 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
XB1ZZJK288Q1V7ZK
x-amz-server-side-encryption
AES256
x-amz-meta-revision
2539
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, cdn;desc="AkamaiION";dur=0,rtt;desc="24";dur=0,cdnip;desc="2a02:26f0:3500:88e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1713310819522_388276621_233944646_23_1714_24_27_219";dur=1
content-length
8273
x-amz-id-2
uYz5AkZsAQ3yWeEe6CGlGHHsg8QlskHCXuVrrGKv8qg5OQozsIPByfDfj21sT74hEOVb0KJBjfk=
last-modified
Tue, 16 Apr 2024 19:05:59 GMT
server
AmazonS3
etag
"de53e8a7567d892de8e5b3c06d467656"
vary
Accept-Encoding
access-control-max-age
604800
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD, OPTIONS
cache-control
max-age=118
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame EF5D
27 KB
0
Font
General
Full URL
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:19 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 03 Apr 2024 07:39:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"660d07b7-6b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZMdidOkAKwvDNrkzwUBZZs9b1Lsld6pzAY5%2F9z7Vcut3vYgFli5g47tnwIqqk%2FwEIs0GBVaMO53nVmcyNnk15Ck5p%2FZdENg79x%2B6fUgw74msfOFlBP6nGakptaGLB01KfX8b8AqZWxygvAOzLW7xs3lelLN"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8758050afe3566e5-AMS
content-length
27400
1f44b.png
cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/ Frame EF5D
1 KB
2 KB
Image
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/1f44b.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
77739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1224
last-modified
Sat, 19 Dec 2020 02:18:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fdd6306-505"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qv8RB55sb%2B0QufC%2BeNUrEeXifMw02LJm833cdfA7vLZKy8nvkzosGTt0ne1aThlXb%2BgV7sdV4CSjYDhMeuexqo%2F1lhspeL4XUlTJkaZrISRZwvp13JXuD5s0IX5mBEW0z0Q2o1rH"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8758050f8b126696-AMS
expires
Sun, 06 Apr 2025 23:40:19 GMT
live_growthsuite-min.js
app.growthsuite.net/xdwlzcx.cyou/
0
0

produce
xdwlzcx.cyou/.well-known/shopify/monorail/v1/
548 B
523 B
Ping
General
Full URL
https://xdwlzcx.cyou/.well-known/shopify/monorail/v1/produce
Requested by
Host: forwomenusa.com
URL: https://forwomenusa.com/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 16 Apr 2024 23:40:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lB9igiCPJUA4i8zB7wf2qDGmEd0ud60SMIbDOspAk7C88WANOSKsdVqlEdTScJLVqNWXqCZOIgmc6zIzqwoQPSfGupzkfIsk7w1GXLmDnCNBQqb5Ck%2BSRPyMCBh7JFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
8758051079ae0bab-AMS
alt-svc
h3=":443"; ma=86400
new-arrivals
xdwlzcx.cyou/collections/
0
266 KB
Other
General
Full URL
https://xdwlzcx.cyou/collections/new-arrivals
Requested by
Host: cdn1.avada.io
URL: https://cdn1.avada.io/flying-pages/module.js?shop=for-women-usa.myshopify.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7qgFANoM17GSv2PHb99ss6sdxJpQphgHrLPi0wpDAAKOMyiMhgXWrtIVf0kA%2BsYpfNaXtDLjHLNm8cU71w6YoZqT1mOLOYf85SxvUIckJj2B2xsClgDXZ2dWLubPqro%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8758051079b00bab-AMS
alt-svc
h3=":443"; ma=86400
best-seller
xdwlzcx.cyou/collections/
0
297 KB
Other
General
Full URL
https://xdwlzcx.cyou/collections/best-seller
Requested by
Host: cdn1.avada.io
URL: https://cdn1.avada.io/flying-pages/module.js?shop=for-women-usa.myshopify.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HmpRQuCS8poRI49Ug0rb%2Ff7hpkyEW647OfqufhRPogc15Cjpj1l5Xn0a53TYtIb%2Ffi4DN3L1r5BHGQ0TgBpA%2BH6lOFVYfYUsdY2QW3G3OF8KicrX4WWoIe0qhdfsgl8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8758051079b10bab-AMS
alt-svc
h3=":443"; ma=86400
clothing
xdwlzcx.cyou/collections/
0
281 KB
Other
General
Full URL
https://xdwlzcx.cyou/collections/clothing
Requested by
Host: cdn1.avada.io
URL: https://cdn1.avada.io/flying-pages/module.js?shop=for-women-usa.myshopify.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eM8Mngu6o2wbBLgAjOOJwmlANl%2FaXhgwhNoEssFSjaSLECTg61nZcbndGOZkfqTEP8l5t1NlI6wkAHKp2tWXAcJoBlPKd9ILK1zwYvfJEwh7EIMH9QYGp7Kjf3e1RPs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8758051079b20bab-AMS
alt-svc
h3=":443"; ma=86400
collect
h.clarity.ms/
0
292 B
XHR
General
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/x-clarity-gzip
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://xdwlzcx.cyou
Date
Tue, 16 Apr 2024 23:40:20 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
shoes
xdwlzcx.cyou/collections/
0
311 KB
Other
General
Full URL
https://xdwlzcx.cyou/collections/shoes
Requested by
Host: cdn1.avada.io
URL: https://cdn1.avada.io/flying-pages/module.js?shop=for-women-usa.myshopify.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mHNuog4GDWSGURQ86Fq61NP5sfawirD8aAdS35vpstQO6pa5OHFLLzxldjwTfJCSYXq59kqgZIb%2FdnaoWEwJ5Ogf22etViqwf0AqlvT8LSEmqpopBmyar9%2FkEkTvI9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
87580516ccee0bab-AMS
alt-svc
h3=":443"; ma=86400
accessories
xdwlzcx.cyou/collections/
0
228 KB
Other
General
Full URL
https://xdwlzcx.cyou/collections/accessories
Requested by
Host: cdn1.avada.io
URL: https://cdn1.avada.io/flying-pages/module.js?shop=for-women-usa.myshopify.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gOGKxujEYwvrjg7rozMMXm%2F3jT2BAy0vPos%2Bes7dLRYa70tQqENQIfxFMeodYoBszWN%2FS%2B5ZHfzW2rMsj7CuAPZ24tEvtXet%2FQwjyQLSa1wXAttLLIbSIsKermMpll0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
87580516ccf00bab-AMS
alt-svc
h3=":443"; ma=86400
vendors~reviews~atlas~ClientStore.dd9d02dd9fc376e8dd48.js
static-tracking.klaviyo.com/onsite/js/
22 KB
9 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/vendors~reviews~atlas~ClientStore.dd9d02dd9fc376e8dd48.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.c7512673339d90d039c9.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa03b89682a1f628e945d75327d8d602161b73c35d7159a34e6b2d01af15e4ca

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hw7SViCzd9aX5jIszRS6I1sx4jGvmnSZ
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:22 GMT
x-amz-request-id
5KXXAY05FD3RX991
age
3068
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
8356
x-amz-id-2
oeUzSmfT4M0Zr3hPpRK2XY4l4+Gon6Uf2RgxcMOAxCK7cdaqtQZ/rG/emfMLVsGpm6B6uFDgIGA=
x-served-by
cache-lga21934-LGA, cache-ams21062-AMS
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"2f5438508c293a1ad8e8f5b6a6cbd520"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
72, 170
ClientStore.4d1acb3d899339d40a8a.js
static-tracking.klaviyo.com/onsite/js/
66 KB
21 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/ClientStore.4d1acb3d899339d40a8a.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.c7512673339d90d039c9.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
767bf67902382a21f284d64edf2e24ba1d957531daaf8aea9b58acc5360601fd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JLb1Mr2VrCRaZgVUVkj022fva91KTSOz
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:22 GMT
x-amz-request-id
84FHBV2EPP1W8X8P
age
3068
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
20758
x-amz-id-2
cMqy9Afhi22OjF75jJ5IT/vvH2aSgXEorRwR2m2rFDrvTIH0jeqU4zxQDWIqMupyH7XZzXOkES7NAgNmFvHdKlluS+hL/J78
x-served-by
cache-lga21980-LGA, cache-ams21062-AMS
last-modified
Thu, 11 Apr 2024 15:48:20 GMT
server
AmazonS3
etag
"1e6a261882eb412ec3ba938e11bd8576"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
f762585ddd3a013913c4e420e75aa2819d1084f2
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
40, 183
track-analytics
a.klaviyo.com/onsite/ Frame
0
0
Preflight
General
Full URL
https://a.klaviyo.com/onsite/track-analytics?company_id=SeQPVd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xdwlzcx.cyou
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
allow
POST, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
875805232c529703-AMS
content-encoding
gzip
content-language
en-us
content-security-policy
frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-type
text/html; charset=utf-8
date
Tue, 16 Apr 2024 23:40:23 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Language, Cookie, Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
track-analytics
a.klaviyo.com/onsite/ Frame
0
0
Preflight
General
Full URL
https://a.klaviyo.com/onsite/track-analytics?company_id=SeQPVd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xdwlzcx.cyou
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
allow
POST, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
875805232c549703-AMS
content-encoding
gzip
content-language
en-us
content-security-policy
frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
content-type
text/html; charset=utf-8
date
Tue, 16 Apr 2024 23:40:23 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Language, Cookie, Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
532.380ba39a81ba3a5f4c4c.css
static-tracking.klaviyo.com/onsite/js/
70 KB
9 KB
Stylesheet
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/532.380ba39a81ba3a5f4c4c.css
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.c7512673339d90d039c9.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62b32ad610c9e0bd6308091412c892eae952772be58874adcb79a52e0304db5c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
BllI1rOVMN6TPsBk8xfZwusEc2GaorNq
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:22 GMT
x-amz-request-id
04P8KBGR6FZSGZ2B
age
3069
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
9320
x-amz-id-2
YweHAVF5s2FK47Q/ggAni8XHhWrlHV7cNuqbxbP76THmfJ+hLxX2OWuHvcg9Cy8h1WGz7p+rQf8=
x-served-by
cache-lga21938-LGA, cache-ams21062-AMS
last-modified
Wed, 03 Apr 2024 02:24:06 GMT
server
AmazonS3
etag
"c8117e8da5b6084b3dd3c91918c496f3"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
35457, 175
styles.ccf9eb43fb94f6b4efde.js
static-tracking.klaviyo.com/onsite/js/
13 KB
4 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/styles.ccf9eb43fb94f6b4efde.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.c7512673339d90d039c9.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7570cd8f44031f13f92a393607bab34cedde1d42d3513dfeb8c1e9c693390f0b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
u4YOvN.DBhziRupMNLHlSlohoVjRmp1y
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:22 GMT
x-amz-request-id
5KXPPMNQYY777BDZ
age
3069
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
4092
x-amz-id-2
EUGXw0DAGX4+matKgg00bRmlgecQHpespuTEOtX5yANRJd4bfAOs8gTtHzn5D1M+K5fFfjb9Wlc=
x-served-by
cache-lga21972-LGA, cache-ams21062-AMS
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"c6c30853a63ebd4a4189fa8dcd359f29"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
172010, 175
vendors~Render.17e69248498a31b75f43.js
static-tracking.klaviyo.com/onsite/js/
12 KB
4 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/vendors~Render.17e69248498a31b75f43.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.c7512673339d90d039c9.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb2dbdb316742cbcfe3896917218500775bbe6291a077efac20da890072a0efc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
dGCBo7ejJ0EYYCH.Zt8BmmnASbsiCNfl
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:22 GMT
x-amz-request-id
5KXM0EQF3Y50PWEP
age
3069
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
4235
x-amz-id-2
OceN9FLR4w8pExGi+cpSN7cM9GxAUYF47+vcc+TI3hNf9PHAIsiEg65GZLlv26SVaJG/V5J3iFU=
x-served-by
cache-lga21961-LGA, cache-ams21062-AMS
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"88f918f93d174ae883fc6a975f68365b"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
46176, 175
Render.40e4fd16fd86d2a01518.js
static-tracking.klaviyo.com/onsite/js/
119 KB
34 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/Render.40e4fd16fd86d2a01518.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.c7512673339d90d039c9.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd6ca0dfeca54520886aecee19a5c4d4bc7559a67a3069667be9248242f22b25

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Origin
https://xdwlzcx.cyou
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
sK9ll3G4E4vo3mKiIhLLWp6z_27AsKkg
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Apr 2024 23:40:22 GMT
x-amz-request-id
B5QBQ8FXHC7WN92N
age
3069
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
34195
x-amz-id-2
eXJYahmhgt628QHJQczXw46w3XChmKAms/gezevTdQjmFA8UqZtH6zBuCQLRtzxVlRAhBlcjDQBOrmAU4gBnFvn5xx+mEfep
x-served-by
cache-lga21965-LGA, cache-ams21062-AMS
last-modified
Thu, 11 Apr 2024 15:48:20 GMT
server
AmazonS3
etag
"3d784887b845fdc7e6bfd4e23e325147"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
f762585ddd3a013913c4e420e75aa2819d1084f2
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
25, 177
track-analytics
a.klaviyo.com/onsite/
50 B
337 B
XHR
General
Full URL
https://a.klaviyo.com/onsite/track-analytics?company_id=SeQPVd
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
accept
application/json
Referer
https://xdwlzcx.cyou/
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; report-uri /csp/
content-length
50
server
cloudflare
allow
POST, OPTIONS
vary
Accept-Language, Cookie, Accept-Encoding
content-language
en-us
access-control-allow-origin
*
access-control-allow-methods
POST
content-type
application/json
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
875805240ce69703-AMS
access-control-allow-headers
x-robots-tag
noindex, nofollow
track-analytics
a.klaviyo.com/onsite/
50 B
139 B
XHR
General
Full URL
https://a.klaviyo.com/onsite/track-analytics?company_id=SeQPVd
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
accept
application/json
Referer
https://xdwlzcx.cyou/
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:40:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-length
50
server
cloudflare
allow
POST, OPTIONS
vary
Accept-Language, Cookie, Accept-Encoding
content-language
en-us
access-control-allow-origin
*
access-control-allow-methods
POST
content-type
application/json
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
875805240ce59703-AMS
access-control-allow-headers
x-robots-tag
noindex, nofollow
0cb9da98-ed2b-4602-a2e6-8fcd91cf1b56.jpeg
d3k81ch9hvuctc.cloudfront.net/company/SeQPVd/images/
58 KB
58 KB
Image
General
Full URL
https://d3k81ch9hvuctc.cloudfront.net/company/SeQPVd/images/0cb9da98-ed2b-4602-a2e6-8fcd91cf1b56.jpeg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-77.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9bf0abd301c9af00ace22440b135c7e4fc479e790b6b3324900d8c904f0df3f7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 25 Mar 2024 12:43:50 GMT
x-amz-version-id
9sktxp_Iv85XaOm6Ev.0f37mBZAYpNaC
Via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
1940193
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
59086
Last-Modified
Fri, 24 Feb 2023 16:49:03 GMT
Server
AmazonS3
ETag
"91b4c13434eefaa2e0adc828867fb03f"
Content-Type
image/jpeg
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
X-Amz-Cf-Id
A7n4jC8A0d2qym-vVyNEn02_H-MaTRSwGIGMqqG_e4ppthXEfzbrFg==
collect
h.clarity.ms/
0
292 B
XHR
General
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.maxepv.com
URL: https://www.maxepv.com/ZT4zSydbjSkfzUr4e4aMuddS1rw9tzVSNUP2oUn-zlRwrvZlXgU8U6HZxVl83sYkrAc39nC7PFeSfB7GuXuPwbcLI_u1khpAVmE1IMY1vnc~?hid=&uid=&v=3.2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/x-clarity-gzip
Referer
https://xdwlzcx.cyou/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://xdwlzcx.cyou
Date
Tue, 16 Apr 2024 23:40:23 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.growthsuite.net
URL
https://app.growthsuite.net/xdwlzcx.cyou/live_growthsuite-min.js
Domain
app.growthsuite.net
URL
https://app.growthsuite.net/xdwlzcx.cyou/live_growthsuite-min.js

Verdicts & Comments Add Verdict or Comment

342 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 string| technicalTptCast function| _0x13c5 function| _0x2ce3 object| _tpt_default_delay_keywords object| squaredanceCart function| jumbleberry object| Shopify object| __st boolean| ShopifyPaypalV4VisibilityTracking function| $ function| jQuery function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| getFocusableElements function| trapFocus function| pauseAllMedia function| removeTrapFocus function| debounce function| fetchConfig function| extractContent function| showWarning function| getInputMessage object| lazySizes function| getCookie object| lazySizesConfig boolean| rtl_slick string| mobile_menu string| money_format string| shop_currency string| currencySymbol boolean| show_multiple_currencies object| routes object| button_load_more object| after_add_to_cart boolean| variant_image_group_quick_view object| quick_shop object| quick_cart object| cartStrings object| variantStrings object| inventory_text object| notify_me object| compare object| wishlist object| pagination object| review object| countdown object| customer_view object| arrows object| dynamic_browser_title object| show_more_btn_text boolean| announcementClosed object| sgGlobalVars function| clarity object| _klOnsite object| klaviyo boolean| klaviyoReviewsProductDesignMode function| getUrlParameterExt function| reFixParamUrlFromMailExt object| scmCustomDataExt object| laiScriptTagGlobal object| scmCustomData string| scmLanguage object| dataShop object| dataShopFromLiquidLAI string| blockReviewPop number| tapitaSeoVer function| _0x3670ee function| _0x3b42 object| brokenFixer function| _0x5483 boolean| alreadyPracticeBrokenArt object| _learnq string| __klKey object| scriptEl string| tptSchemaConfigUrl function| _0x41ff function| _0x9bef object| preAsssignedValue function| replaceVar string| instantPageUrl string| tptMetaDataConfigUrl function| _0x1af2 function| _0x16be object| webpackChunk_klaviyo_onsite_modules object| jumbleberryParams string| jumbleberryDomain object| jumbleberryCampaigns object| jumbleberryQueue object| jumbleberryCache object| Snowplow string| previousCookieDomain string| domainHash object| idCookieComponents object| meta string| attr object| ShopifyAnalytics object| gaDevIds object| trekkie object| BOOMR object| quick_view_inven_array_7756041289952 object| webPixelsManager object| quick_view_inven_array_5834306322581 function| fbq function| _fbq function| ga object| dataLayer function| gtag string| GoogleAnalyticsObject function| pintrk string| TiktokAnalyticsObject object| ttq object| _visit object| quick_view_inven_array_5591358537877 object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| initDropdownColumnsFooter object| QuadPayShopifyOptions object| pushupCustomer object| pushupProduct object| tmsSelectorData object| tagConfig object| core function| _ object| tmsMainLogger object| tms-translator object| tmsUtilData object| tmsFileTranslatorCache function| setCookieGrowthSuiteWidget function| getCookieGrowthSuiteWidget function| getCustomerIDGrowthSuiteWidget function| isMobileGrowthSuiteWidget function| isAndroidGrowthSuiteWidget function| decideDeviceTypeGrowthSuiteWidget function| getParameterByNameGrowthSuiteWidget function| decideSessionSourceGrowthSuiteWidget function| setEventTriggersGrowthSuite function| getSessionGeoGrowthSuite function| postRequestGrowthSuite function| getRequestGrowthSuite function| extractValuesFromObjectGrowthSuite function| controlCartDiscountAndApplyGrowthSuite function| createVisitorGrowthSuite function| createSessionGrowthSuite function| createPageviewObjGrowthSuite function| controlVisitorIDGrowthSuite function| controlSessionIDGrowthSuite function| organizeNewVisitorGrowthSuite function| organizeNewSessionGrowthSuite function| organizePageviewObjGrowthSuite function| updateNotificationsCountAndListGrowthSuite function| cartChangedGrowthSuite function| updatePagesTriggerCampaignGrowthSuite function| updateCartDrawerTriggerCampaignGrowthSuite function| updateDiscountStatusTriggerCampaignGrowthSuite function| organizeTriggerDiscountGrowthSuite function| organizeTriggerDiscountCampaignCookieGrowthSuite function| checkTriggerDiscountCampaignGrowthSuite function| removeTriggerDiscountCampaignPopupGrowthSuite function| startTriggerCampaignTimerGrowthSuite function| removeTriggerDiscountGrowthSuite function| updatePagesReferralCampaignGrowthSuite function| updateCartDrawerReferralCampaignGrowthSuite function| updateDiscountStatusReferralCampaignGrowthSuite function| organizeReferralCampaignGrowthSuite function| startReferralCampaignGrowthSuite function| checkProductRecommendationsGrowthSuite function| organizeProductRecommendationsGrowthSuite function| growthSuiteOpenNotificationFeed function| closeGrowthSuiteNotificationFeed function| openGrowthSuiteNoticationFeed function| closeNotificationFeedOutside function| adjustGrowthSuiteNotificationFeedPosition function| openGrowthSuiteNotificationDetail function| growthSuiteReturnNotificationIndex function| checkReferralGrowthSuite function| checkCampaignsCookiesGrowthSuite function| putNotificationBoxGrowthSuite function| insertGrowthSuiteAnimationPlayer function| setupGrowthSuiteOperation function| controlVersionAndStartThirdGrowthSuite function| localizationForm object| Currency object| QuadPayShopify object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__ object| Uppush object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| sharedFunctions object| webpackChunkquadpay_virtual_checkout object| __post_robot_10_0_44__ object| __zoid_9_0_86__ function| clearImmediate function| setImmediate object| DD_RUM object| quadpay object| SMARTIFYAPPS object| scripts object| scmCustomDataExtJson object| settingApp function| getInfoShop undefined| Cookies object| TMS-selector object| hextom-tms-selector-instance object| TMSSelectorState object| TMSSelectorUtilData object| tms-state-corrector number| BOOMR_onload undefined| warningTimeout number| visuallyReady object| tmsSelector function| flyingPages object| FPConfig function| jQueryRCT undefined| script string| current_script_url string| domain_name string| RCT_SITE_URL string| RCT_ASSETS_URL string| reconvertAjaxGetUrl string| reconvertAjaxUrlnew string| reconvertAjaxUrl string| reconvertAjaxUrl_new string| reconvertAjaxBackendUrl string| shop object| appcartJson object| rctShopInfo string| rct_store_id function| showABPopupOnAdminPreview function| closePopupAdminPreview function| closePopup function| activateClickedAdminPreview function| showQuickActivationPopupOnAdminPreview function| closeQuickActivationPopupAdminPreview function| quickActivationPercValueClick function| activateClickedQuickActivationAdminPreview function| QuickActivationPopupAdminPreviewChangeBanner function| showQuickActivationPopupOnEditor function| closeQuickActivationPopupEditor function| quickActivationPercValueClickEditor function| activateClickedQuickActivationEditor function| QuickActivationPopupEditorChangeBanner function| showReviewCollectorOnAdminPreview2 function| showReviewCollectorOnThemeEditor function| getRadio1 function| getRadio2 function| sendSegmentReviewCollector function| RCTgetParameterByName function| RCTStoreReconMainFun object| regeneratorRuntime object| __SnapPixel function| snaptr function| isRealUserGSuite function| getCookieStartGrowthSuite function| setCookieStartGrowthSuite function| installGSuiteScripts undefined| gfp_aff_toolbar object| goaffpro_identifiers object| source_identifiers object| gfp_additional boolean| isFirstTouch boolean| gfp_setOrganic boolean| useLocalStorage string| gfp_discount_code_cookie object| gfp_no_ref_cookies string| gfp_api_server object| gfp_cookieManager function| gfpGetCookie function| gfpDeleteCookie function| gfpSetCookie function| getRefCode function| regexSearch function| getSourceId function| searchInQuery function| getShop function| trackVisit function| checkoutPageCallback function| goaffproTrackConversion function| goaffproTrackConversionSync function| respondToOpeningPageForMembershipPlans boolean| gfpCallbackMade function| doCallback function| gfp_remove_cookies undefined| refcode function| testForExpiration function| gfpSetSource function| addRefToCart function| removeRefFromCart function| gfpLoadScript function| showSiteStripeToolbar function| gfpConnectCustomer function| goaffproShopifyStVariableFix object| __goaffpro function| RCTLoadStyle string| RCT_shop string| rctMainNote function| RCTSetCookie function| RCTGetCookie function| RCTremoveCookie function| RCTSetLocalStorage function| RCTGetLocalStorage function| RCTRemoveLocalStorage function| RCTbottomTimer function| RCTcheckCart function| RCT_social_visitor function| RCTremoveParam function| RCTrtrim function| RCT_click_buy_now undefined| page undefined| checkOutfrmBtnObj string| rctDiscountCode object| sgObservables object| sgccCharitySelectData boolean| ccShopifyInit object| SENTRY_RELEASE object| tidioChatApi object| scpixel object| _scPxHelper object| _scPxTeller

35 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 38b33afdb36f494aa03f175381ce5c1b
www.clarity.ms/ Name: CLID
Value: d41118c2a95b4595aaaeb31d4053912d.20240416.20250416
.xdwlzcx.cyou/ Name: IEeSsWzXm68G2VGy86eRuses
Value: *
.xdwlzcx.cyou/ Name: _clck
Value: 1wfq8gy%7C2%7Cfkz%7C0%7C1567
.xdwlzcx.cyou/ Name: _shopify_y
Value: e94862b8-0C5D-4453-20A0-6175D0D8F6A8
.xdwlzcx.cyou/ Name: _shopify_s
Value: e94862ba-B8BA-4B88-23AF-D32DFCCA3D39
.xdwlzcx.cyou/ Name: _shopify_sa_t
Value: 2024-04-16T23%3A40%3A17.327Z
.xdwlzcx.cyou/ Name: _shopify_sa_p
Value:
.tiktok.com/ Name: _ttp
Value: 2fCh9kTOTiUnFGHOskqNbJu58n2
.xdwlzcx.cyou/ Name: _ga_J68QT427YG
Value: GS1.1.1713310817.1.0.1713310817.60.0.0
.xdwlzcx.cyou/ Name: _gid
Value: GA1.2.1547442583.1713310818
.quadpay.com/ Name: __cf_bm
Value: ndt1a8Hhr4zLkqXDagAmB183OXZTk2XJb_T127RMx0A-1713310817-1.0.1.1-Yw9v1L5zhBndQAHvOuXw1GDtpcFF1UEc_zcfcOIQcatWOo4hcWrArLyBrngx6TALRkXYllKmFvJiFPNLUnmqOw
.xdwlzcx.cyou/ Name: _clsk
Value: 1e89o5c%7C1713310817628%7C1%7C1%7Ch.clarity.ms%2Fcollect
.pinterest.com/ Name: ar_debug
Value: 1
.xdwlzcx.cyou/ Name: _ga_XQTWMW8CYM
Value: GS1.1.1713310817.1.0.1713310817.0.0.0
.xdwlzcx.cyou/ Name: _ga
Value: GA1.1.1773397371.1713310818
.xdwlzcx.cyou/ Name: _fbp
Value: fb.1.1713310817911.134553996
.xdwlzcx.cyou/ Name: _gat
Value: 1
.xdwlzcx.cyou/ Name: _pin_unauth
Value: dWlkPU1qYzFNVEZtTkRZdFl6QXlOUzAwWldRMUxUaGtaVEl0TlRRMllXTXlOV1ZrTVRneg
.xdwlzcx.cyou/ Name: _tt_enable_cookie
Value: 1
.xdwlzcx.cyou/ Name: _ttp
Value: apU6yEXVCud9wKZWsXt_lLSag3l
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSY0RXhhcFB6dFFnT1pieWhHQmVHRWJUWjVnVE5JOHdPQVJnb2VyYmhMT0g5UzZ4ek5tektvTlZFZEM4ajRFSmRIY0Jxc2tNckRxMGNBemVlTnAwUGdYcHVQZlhJQlpJRFM0YkFoVlFZdys1az0mN2NKeHlxRExTb1pid1AydlRLNmdHOHhLVCs0PQ=="
xdwlzcx.cyou/ Name: __kla_id
Value: eyJjaWQiOiJNV05pWW1KbU9XRXRaR1UxT0MwME5Ua3hMV0UzTjJZdFlUQmxPR1ZrTkdRM05tUm0iLCIkcmVmZXJyZXIiOnsidHMiOjE3MTMzMTA4MTgsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8veGR3bHpjeC5jeW91LyJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTcxMzMxMDgxOCwidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly94ZHdsemN4LmN5b3UvIn19
xdwlzcx.cyou/ Name: scm_reviews_importer_app
Value: installed
xdwlzcx.cyou/ Name: scm_reviews_importer_count
Value: 1
.bing.com/ Name: MUID
Value: 0666EE589CF766AD1E4FFA3B9DA067C4
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0666EE589CF766AD1E4FFA3B9DA067C4
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0666EE589CF766AD1E4FFA3B9DA067C4
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.xdwlzcx.cyou/ Name: _scid
Value: 24930d3e-bef5-4db4-9314-7156c0c30d34
.xdwlzcx.cyou/ Name: _scid_r
Value: 24930d3e-bef5-4db4-9314-7156c0c30d34
.xdwlzcx.cyou/ Name: IEeSsWzXm68G2VGy86eRuid
Value: edfb3f31-887e-58c0-9706-b301e7cd5134.1713310817.1.1713310822.1713310817.40c5457e-4972-4f34-bf5f-de5a484b5aac

51 Console Messages

Source Level URL
Text
other warning URL: https://xdwlzcx.cyou/(Line 2458)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/(Line 2458)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://xdwlzcx.cyou/checkouts/internal/preloads.js?locale=en-US
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://xdwlzcx.cyou/(Line 4227)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/(Line 5070)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/(Line 8077)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/(Line 8077)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/3051643961618415?v=2.9.153&r=stable&domain=xdwlzcx.cyou&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 117)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://xdwlzcx.cyou/.well-known/shopify/monorail/unstable/produce_batch
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://xdwlzcx.cyou/wpm@cad39b03we51f70f0pbc988c4cmaac70d51/web-pixel-55640288@bb41bf091d86ec09beb5141ead6fafc0/sandbox/worker.modern.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://xdwlzcx.cyou/.well-known/shopify/monorail/unstable/produce_batch
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://xdwlzcx.cyou/wpm@cad39b03we51f70f0pbc988c4cmaac70d51/web-pixel-92602592@54f3ea9d23f4af69f7d812fb978ff7ee/sandbox/worker.modern.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://xdwlzcx.cyou/.well-known/shopify/monorail/unstable/produce_batch
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://xdwlzcx.cyou/wpm@cad39b03we51f70f0pbc988c4cmaac70d51/web-pixel-shopify-app-pixel@063/sandbox/worker.modern.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://xdwlzcx.cyou/.well-known/shopify/monorail/unstable/produce_batch
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://xdwlzcx.cyou/wpm@cad39b03we51f70f0pbc988c4cmaac70d51/web-pixel-18972896@0.1.0-99c70b3e91db3b02f187f0b0b5db3b0a/sandbox/worker.modern.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://xdwlzcx.cyou/.well-known/shopify/monorail/unstable/produce_batch
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://xdwlzcx.cyou/.well-known/shopify/monorail/unstable/produce_batch
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://xdwlzcx.cyou/cart.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://xdwlzcx.cyou/cart.js?random=1713310817842
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error
Message:
A bad HTTP response code (404) was received when fetching the script.
deprecation warning URL: https://forwomenusa.com/cdn/shop/t/29/assets/slider.js?v=17042112586619479101687380848
Message:
Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://xdwlzcx.cyou/.well-known/shopify/monorail/unstable/produce_batch
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://xdwlzcx.cyou/cart.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://xdwlzcx.cyou/.well-known/shopify/monorail/v1/produce
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: about:blank
Message:
The resource https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other warning URL: https://xdwlzcx.cyou/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.klaviyo.com
analytics.growthsuite.net
analytics.tiktok.com
app.growthsuite.net
c.bing.com
c.clarity.ms
cdn.optimizely.com
cdn.polyfill.io
cdn.quadpay.com
cdn.shopify.com
cdn.shoppinggives.com
cdn1.avada.io
cdn3.hextom.com
cdnjs.cloudflare.com
code.tidio.co
connect.facebook.net
ct.pinterest.com
d1bu6z2uxfnay3.cloudfront.net
d3k81ch9hvuctc.cloudfront.net
edt.uppercommerce.com
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
forwomenusa.com
gateway.us.zip.co
h.clarity.ms
intg.snapchat.com
reconvert-cdn.com
region1.analytics.google.com
s.pinimg.com
sc-static.net
seo.apps.avada.io
shop.app
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.klaviyo.com
stats.g.doubleclick.net
stores.api.shoppinggives.com
tms.hextom.com
tr.snapchat.com
widget-v4.tidiochat.com
widgets.quadpay.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.maxepv.com
www.merchant-center-analytics.goog
www.stilyoapps.com
xdwlzcx.cyou
app.growthsuite.net
104.126.37.178
104.17.25.14
104.18.147.46
104.26.9.183
13.57.77.176
142.250.186.163
143.204.207.250
151.101.1.195
151.101.130.133
151.101.194.133
151.101.2.133
151.101.64.84
151.101.66.133
172.217.16.142
172.217.18.8
172.64.148.201
172.67.140.43
172.67.202.194
18.66.122.77
188.114.97.3
2001:4860:4802:34::36
216.58.206.36
23.227.38.67
23.227.60.200
2600:9000:223f:2e00:b:75a7:edc0:93a1
2600:9000:223f:e00:1e:d56b:2480:93a1
2600:9000:2359:4800:7:67fb:be80:93a1
2600:9000:2490:8800:3:3ee2:8ac0:21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::681a:98b
2606:4700:20::681a:e35
2606:4700:3110::6812:35ed
2606:4700::6812:3bb
2620:127:f00f:7::
2620:127:f00f:ff00::
2620:127:f00f:ff01::
2620:1ec:46::45
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:828::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9c
2a02:26f0:3500:88e::13b8
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:8e::84
2a06:98c1:3120::3
2a06:98c1:3121::3
35.190.43.134
35.84.122.13
52.224.31.34
54.164.134.147
68.219.88.97
00cf2cd83ed8ccd00c99085695cccf0bee691f9e8f3daa32b3313458a4582244
01fa0ba1c2d3d0f205a144a641432860cc1d2528db734501e0a4ac6fdb7c7d1d
037c0f21f9ad53589902ddc411e836a94298641b2870ceba0bfac9ffee62352e
04ce9a5c22288d26ae22f6c736841beba843eea57803acff31bf2ba14f0aa360
06b55393857069637a1c2bddee37bc1fc09815c756f73fc257c5c4d9886249a0
06c1ad2087b589f44f1a4656fe079e868644ecaa3bf55826d5a12667f68a75ed
0832cb1fe59f8d3fbed28ac35f2a22a8b8f5b12c0761c24c25f34803e72755e1
09048b15fbd7d6f712c4c85a7ddc7319a73dde5b7691da9effab476ee1aa2965
0ebed3b028151175ddbdb2ac46ca52fc7a72d55359bc957c9b9c2705c1448719
0f29ff8111bcf370d791e1e69f8caf806de0d42d1bf1e7d6163e257d102cf6db
10d09cbc2a8b2219da141bbacc940ec8f45a55b36b0dd8f92d07c6c93331f85f
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
1428820bbb8fb270f3e255bcd9e38a36dfbc5c17ae7b61c0539b18b1fa01a56b
1486f3f881b9759a8760f9c39bb4acbcc19033d5339f1b8ad5c03b49c9a3f40a
182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56
1b4f34c4f49ea2f2c810577d2963705cd5a7463630effe9c9d668284152f6113
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f
1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de
1c8052fed661a4c68b162ff8852299a9dedcc3eaeb04ea5bc0d76024afb53ec6
1cf1ce808611aa58204592daedb747e8b944b7ceb287a41f9c24b51db01099fd
1e00d26bd585c1484559fa8676f9b81bce9578ae149b454921f60392a106a328
1f2f0842cc58701f40155fb656896d5bf06a24b71661ecd1468de2020c8717be
1feaa913ce618f2e916333354b2e9f3c72ec1fca73f90a750c85ead3363e9904
201dc2db4b50da50435c045c69c1e96e007ab008db34eecad115a4e37f854b8f
2049f8d820282799f9691a8f51b1f9c1e024e7c30f999ef39e38a612a94e10ad
207a0ecfef9ac71d1a30301131828c74b83b7ee333e556432c84426f49b8f081
21ef168fb4acaf9f49730d4a5ebe9f0f1c7735766b3913fab16d71114565f6fc
2233f7923068135dcc980d690c43a755bac5137a52c26ec676e6229a09054d19
233f8d0da86dd56d6fc5682693e764e5b2e5edd48f739256f12c0edb6b6d3ad0
2430f1a2ad2982d0067885488a4c89e21ad1d7c83b115ba8f1b20acc88dfaea8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28a8b5d529e15cd5b20246dd751fecf5511984a2143134071fe82371ad6e1a9b
292f343e54285b212c317cbc907f4de6c2f6f9952bb6ab5f7aba95c1118e95db
294d6aa53130f464df3f947fda12349bc401322adc59286332c258146a1803dd
29926beed89331905750af3f5bd58c97f028d54eadfc6016adcc2aedbeb26c6c
29ac1174cbc093fb820d9b26e37fe808d03cde535c30f626f8b9378f4f5d3129
2b6e3ff867fa5c751d8e25c0e92361bdef2587cbce2f518d30018acc2c726eae
36e9cecd92fe51fb9c53fc454d0baaf8fff59c89550ee63f8d318a44fdf446d2
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37c107dd973707f4b64ca3e2fde011b99695ea384e4b821983d44151c20be139
3a78f2e7852d626433d1c496d805d7e9fb132b947543087921a07da47e24bd27
3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d
3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd
3f2343f9d9793a2f6b87b35ef6ba162221c70e64846e5e97ccda6ace2ed046fa
3f958b5faa3d10e3f39d22826ebe5052f0dc2c7142f7ce3c47973f2d689d4bf7
40d58e879584730be9263deeb66875b6ae9f4857f1e7be5e6674bfb8ccf02dad
43423c0ebdb87f7f7f09c18c407ac757cbc2208d746de39c7d3827e6cbe03858
45a9e148648291b5b3bae2ed5bc178eecff740ddd35cad84920675f5d66afb0a
492ad805551c89fe6b5c6b582242e362af636c8477f20a3d96f44effcb753878
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
4f6d0511e1ce14ea7ff68e0a08b01292df6704ea9cb465bff825446c468ab079
557cabac2f3a14cbf105ccd5c2e9a8166cc36a2bd3dd2e9d9b3b5682d697fc6e
560b35c2ffd37972f26c343beda7c6795fa913116cf68c1345784d88b14b9a68
56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f
572a925d3348ae95c135bbad68b566b49d3b576c2785cd96841810d4f5904bc4
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8
59ab985b9d6d2b16b93fe8f76070e1f868156e851b92bffb31d8bc1370ed31c1
5b2abbd34d8d3da519f79ac86e802cd4e43d6b3882fd0c70cca5f30691a4cda9
5bdf03e733daecd0f14c4e78246bddee97f8f744999f5ec371e940dfc11f0e89
5e00405228d32a6313f875d22f53fc45f0a4d334b550cdb1e311f4c5ea51b161
5e2c051c3c58cdada09cc0db823f19ee4bef89204eb6ca206476b714703b919d
602729964b63519a84c73eea267b9c6afdf5f6b0ac9b252e29db5edbfe964d52
61b97728f6d4038abbfccb6cb29aa65c8c2435ddda76040dc742419907f9b5e1
61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626
620ec7947095b6f875ce7694812120d60ef68ae4d44a9762a4b370a42b8d06ad
62b32ad610c9e0bd6308091412c892eae952772be58874adcb79a52e0304db5c
62e7cb03e8f65ceb4f43a5a56a3b9c3950158fae3fea85699e3f4c68672f4c2f
634cda7d6781876ff282d2d38f1f00daf5492562c4c14cd9bc605fdb120ca452
651780b201fb4078991003d83f9f95da06871f24d0d56c00e8ed9a45e73a863e
67bb2d8e23e35701fcf1c22530283627c42c7db0a51dc09ec4f930615ae448fe
693bb9ff2c19368680c7b274e4e7c107c9bbb53c56d169749bdc8214cc145222
6982e83b9ea7682534a77808bc53b3e516bc5d26dc406de1a2ea81c2fdf63a33
6debbdb418f81138c6c8d9a573c682c89c980f48bc44fad26cb1be2627a1d2eb
6ebbcad9962ec13003c11a21aa75b2df9de48918943cf1318c3f81257d81a56f
6f11d45fd8e48c0514ecf297d51baf4248a9bb22141d92588a44072d4c4f072e
6f78ea41d8d58318f3b93a4e4e175be94cb1e0b749de6a93507467fc36fb7f1c
729d6080310b94fdbbb9fbe483feeea1f05330c8d8697e3c1305d7bbca3567a2
738e16e15ac242cf1102a61bec958c5cdc6b21eff9cb46228c51aead91121cee
7570cd8f44031f13f92a393607bab34cedde1d42d3513dfeb8c1e9c693390f0b
75b047ddae2663d76e079ee8dac055f1af2395e770c98ad969acddef4cc2be4b
767bf67902382a21f284d64edf2e24ba1d957531daaf8aea9b58acc5360601fd
78c6a17c9f5fab867ad9ac03c0121379cb7b8c3a291ed4bd8bb3df9c1f9dcba6
7b9e357abda2dcf1f51272566523f8ad8875c6056e848b92bb062128e75d5ecc
7bd10c150911ada11116b8171f11156e47e7aded490da16aa3bfc60d8424a85f
7d3204b87f51bdd236991de6486bf8f64d710eebb96228ea6cef5faa8e15af9f
7d7ad94ea8c7ce8f60f9669ae0be40b2447fa5f3695be2e4ee2dcd27911de9b4
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e4d972798540aa57435b35fbf9f196251ade1eb4b6dd1c581efe37a14be06d6
7ebb184bd44c4a682e06c76bed4222cf53419e6f199e22319a6b88b2ae4e3af1
7f188c4fc9d23c7bbfbb05af211fba269c3f7c5f2f3e43bf5c8c4cc11264e3e5
871ab2d627391767ff4257217949285ae3bd772096e619e6dcaf806e6bdecaec
8d154632ae37eb690df9e6e55fc911dcc855c251c29f320e2f4fac54b8c3d28b
910a0ae768c726733a26db956d66d6cfaca7851a597a453c68385eb40eab2f8c
9164e2da80f2b2459b5f4bbf935a01849637db4dd93055458c1c34d58f4d403a
920e1736ea49bdb9d6ee3ffaf68ba619094bb41aa118607675e92a3bb64ba320
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9382162d917a935063ad657437e928ab4dd27a07582d2501cf054a82ad89998c
939548648d32399e592b20a344f692752a40d9f8f8c344e37ba9101ded9acedf
96168f75aafd51751c96aa73e57e77c4e3928f92cba9aa7949452db8478fd84d
96d78855794a182656400d639c9bb336dde75dc1020be5fd8ba33f1d0199f759
98bfeb921e28793a9fee9e86b54061dba44432f7481ee143bac3b3d093805de5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bf0abd301c9af00ace22440b135c7e4fc479e790b6b3324900d8c904f0df3f7
9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6
a0022153fa5178056cbcaba09d68743ac52ead36e78795b611c286393fa542fc
a26474c44436a2dee51f7d857c42b873a3d0e20e47919cc4e6c62a73e49c59fb
a31490bb9cf22b014b9ddf65dcba39941b4ad3c5c9351771183b735424db97ae
a45427201f10ab957d0c8abffb1b023662880f1fd803a60dfc024c2b1dc71d0a
a678040352f67e9641a1c3edadf1ae5f279ab2bc8d60619667df740c15d94af2
a84735f44eb4367c8e8decb39eecd11601c01cdd21a5fbf9c6ae641b8f3ea89b
aa03b89682a1f628e945d75327d8d602161b73c35d7159a34e6b2d01af15e4ca
ae19bf74256141418585e80bbb39f48febb94d647ed428327354094cff75f3ec
af1de555264d0eea20a57d2eeadc1c89720fcdf21cc75758b98e172379dadd4b
b57ee2de8faff638ccaf23883167c06ae6aabcaed73b6274143f7aad98bd9d25
b5bdd2b5ce3ebf4a631d36988042e33298de89b43382b163c6117e19b6d9086f
b6708ad7e9454960e82e1a74cd3ef076240c43e81bc3d2523b5898ab4831c55f
b733c8695c26f3f29e0d19c072b552462c1a2347d361516d20ab762141c52bfa
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
bb8d8f1ac92076838afbc5d039b1f60ad83c1dcb38911112059afeae7dc4583d
bbff4c18730315732850afe4021a8967698716fcbf5a4f9f8af6f80db41694f6
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
c2f24701d988c5a62023b09fee2074e471aedfe50a93a959fc0e3726d3fd9a6c
c995f39b23a6e581a2f48d9049718e07787d1bb9bb2f738be113b2e1c0adbe0e
ca727c9d9c5d3ffa9fc01a2c57d612263a5ef4138da8d9b8e76e354835882466
cb66769cd2af2a363f35a0f1da6c7a5c584c35a6391f2dd4878c6f9005f3ecb6
cb7506783b48eae070e9b443cb2e68710bc4c112f8978f19ab38e52714b451f7
cb9589c6fd37544ebb070656a42f87a3cb04a99ddfdbbf7150bd53688202bc05
cd29d1d28a6ef4857c6392647268a8ad1d5b539fcdd8d6884155a748aef441a2
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cdbd647af04cc8a2ccb4c6d5c1c22eb4faae57381b085a80bb0fdd44dc8876ae
cef0ff4052a72e5e32367ba8755723b2ea6b7b75815e6028f2aa1071d99f29d9
cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709
d133212c0636e4af8de33a4c79af9bc3513d0db77c4ae98e7e29a9c65ec5aa74
d15b90eddd91956b7de55019da0479b09a3342d998f38acd5847d3c0be528eaa
d2e425e717e6e3fc49d52c62157fa134e0aa8cb7d43e0253f4e6ce772cb1c032
d373418e62d89aff5bb979d69ca5534b6567583d83c3bcda7d2d770049f578a0
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d6f3a8301ffa9a9aa6a748ccc535a559242cd73451bb4d236b7e72ff64123703
d906c4c1c5aa4f35fd464d7a2e026bcc3b44bafbc2ef2fa2812b7c4d0ad9ebca
db314bb9b59428a9474c3ed3c639808b4fa143f39d44b5e1957cb5a1fbc26485
dbbf6ad24aef46ca061984476be8069dab52b608d4a46f7b4a8fb4a6a05735a6
dc308b39ac887fac596a6c825e9b23ec3b98b1ea3cc0dffec8642017ac318364
dd6ca0dfeca54520886aecee19a5c4d4bc7559a67a3069667be9248242f22b25
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df6faa9601d03e30d30e9a0e630d0286bcdc4306a0570f217034077e7f5875f8
df989c44fa44645072b10d46ca05d321c9e1dd197b88ce1a07dc4c8fa9725066
dfa6a77ca8b1c091e2f73e622f2a670b5405bd8e7d5ceb269b6e15da70d6a49c
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e1a662efe9f5d98df0c8f00c64fe3927308691a8fd90135f29fa9c08ff87b1
e8d1e34bdfaaf5b197e92d82ae1a1e31c0823c15ee7a7f24702efb4123b6ab12
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
e91b18cfb96daa481945ba6e21d6c2ea40872a47b001df24d4f2d181166ef136
ea873841076422cb6c3d8d4416a8301a275bfd22b6f22f68aa0f60ece987b1b0
ec47d2d49803e1366b244f7e4d141ad857f1790a0084dd8b80152b128b717662
ece5c58d867b0ee2a8a8c47559d89167f653ab791208006523c8348712d3f4bb
edb36df4d8ca59543709db801835fdc74378c6772c8e4a14c55df4b9a0d2f13b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1007852ed9d5b4adb273800cdec71df43aa4556c7fb4b5817b21811ee6395f9
f193fe0e88c8b698f67f15f83a0dd83920e74a4910f678e3f2fd1b633c9c0998
f24c1af8bbe0ba77217b6f7c4ce30637aea4ac8f173464616b7b0cfbe0b59963
f360a8a02173b01269c3b03b3afccf015e99b51e9e410101c970c2af83bd661b
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f552490a710dfeec5ef58aa5f0c387da223a57ab3fd76162d81c66fe35bca918
f563aec552103867adcb967e41b1699c9d15e1aa257c7a210f70f5cd71e6a0ef
f77b50dc03e1ccb904a645d0598bf4f7e5f943021a1e62e4c8a9ec7e70296564
f854305daf9a5d65e5d7f44943ab42a822cd07a045863ea4172b63f6c600daed
f8b3ddc5ca3a41b853cf1175f303bf5c4d2ba54bc9a5f4537e09a5a5c3e20003
f99a3f767eb976876e0f8a5219ed4b41a360852f8ba643b18b8e16d663573c12
fa26c32a0c07c6d91a0c8a7a89feff7c66327409586d70677750b74ebc2a14bc
fb2dbdb316742cbcfe3896917218500775bbe6291a077efac20da890072a0efc