nouveau.cosmetic.deals Open in urlscan Pro
2606:4700::6812:1659 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nouveau.cosmetic.deals/
Submission: On October 29 via api (October 29th 2024, 2:16:54 pm UTC) from US — Scanned from GB

Summary HTTP 66 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 13 domains to perform 66 HTTP transactions. The main IP is 2606:4700::6812:1659, located in United States and belongs to CLOUDFLARENET, US. The main domain is nouveau.cosmetic.deals.
TLS certificate: Issued by WE1 on October 15th 2024. Valid for: 3 months.

This is the only time nouveau.cosmetic.deals was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700::68... 2606:4700::6812:1659	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
27	2606:4700::68... 2606:4700::6812:105f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.5.30.152 3.5.30.152	14618 (AMAZON-AES) (AMAZON-AES)
14	35.244.153.18 35.244.153.18	15169 (GOOGLE) (GOOGLE)
1	54.196.234.102 54.196.234.102	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:115f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
66	14

1 2606:4700::6812:1659 (United States)

ASN13335 (CLOUDFLARENET, US)

nouveau.cosmetic.deals	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700::6812:105f (United States)

ASN13335 (CLOUDFLARENET, US)

stcdn.leadconnectorhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.30.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

aeva-static-bucket.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 35.244.153.18 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 18.153.244.35.bc.googleusercontent.com

assets.cdn.filesafe.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.196.234.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-234-102.compute-1.amazonaws.com

api.aevadigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:115f (United States)

ASN13335 (CLOUDFLARENET, US)

backend.leadconnectorhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	leadconnectorhq.com stcdn.leadconnectorhq.com — Cisco Umbrella Rank: 34011 backend.leadconnectorhq.com — Cisco Umbrella Rank: 35798	223 KB
14	filesafe.space assets.cdn.filesafe.space — Cisco Umbrella Rank: 137918	3 MB
5	gstatic.com fonts.gstatic.com	63 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1222	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	76 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	183 KB
2	amazonaws.com aeva-static-bucket.s3.amazonaws.com	3 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
1	aevadigital.com api.aevadigital.com
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	17 KB
1	cosmetic.deals nouveau.cosmetic.deals	43 KB
0	truetox.co Failed www.truetox.co Failed
66	13

	Domain	Requested by
27	stcdn.leadconnectorhq.com	nouveau.cosmetic.deals stcdn.leadconnectorhq.com
14	assets.cdn.filesafe.space	nouveau.cosmetic.deals
5	fonts.gstatic.com	fonts.googleapis.com
4	backend.leadconnectorhq.com	stcdn.leadconnectorhq.com
3	use.fontawesome.com	nouveau.cosmetic.deals
2	www.facebook.com	nouveau.cosmetic.deals
2	connect.facebook.net	nouveau.cosmetic.deals connect.facebook.net
2	www.googletagmanager.com	nouveau.cosmetic.deals www.googletagmanager.com
2	aeva-static-bucket.s3.amazonaws.com	nouveau.cosmetic.deals aeva-static-bucket.s3.amazonaws.com
1	region1.google-analytics.com	www.googletagmanager.com
1	api.aevadigital.com	nouveau.cosmetic.deals
1	fonts.googleapis.com	nouveau.cosmetic.deals
1	nouveau.cosmetic.deals
0	www.truetox.co Failed
66	14

This site contains links to these domains. Also see Links.

Domain
thenouveauaesthetics.com

Subject Issuer	Validity	Valid
nouveau.cosmetic.deals WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh
use.fontawesome.com WE1	`2024-09-09` - `2024-12-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
stcdn.leadconnectorhq.com WE1	`2024-08-31` - `2024-11-29`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
assets.cdn.filesafe.space WR3	`2024-09-10` - `2024-12-09`	3 months	crt.sh
*.aevadigital.com Amazon RSA 2048 M03	`2024-10-20` - `2025-11-18`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-07` - `2024-11-05`	3 months	crt.sh
leadconnectorhq.com WE1	`2024-10-27` - `2025-01-25`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://nouveau.cosmetic.deals/
Frame ID: E35DB6353A6640992E2AF35CBF56B6CD
Requests: 64 HTTP requests in this frame

Frame: https://api.aevadigital.com/api/v1/forms/174/form-view/
Frame ID: ABF3D5255D209ACC8476977FA8BF86E7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get All the Tox You Need for $169 a Month at Nouveau Aesthetics

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

66
Requests

98 %
HTTPS

77 %
IPv6

13
Domains

14
Subdomains

14
IPs

2
Countries

3604 kB
Transfer

5103 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://thenouveauaesthetics.com/

Search URL Search Domain Scan URL

URL: https://thenouveauaesthetics.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nouveau.cosmetic.deals/ 309 KB
43 KB 610ms
188ms Document
text/html 2606:4700::6812:1659
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nouveau.cosmetic.deals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1659 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea897912ff6d21e3fe6e98ddc32c46bb007587695e282fcf842a8a8198264355

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=60, s-maxage=120
cf-cache-status: MISS
cf-ray: 8da3c8d22e0d77a5-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 14:16:37 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 regular.css
use.fontawesome.com/releases/v5.15.4/css/ 677 B
967 B 699ms
57ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/regular.css
Requested by: Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ffbd97e0bd6d33be9ea8ccc0f497377055e61c00c8b412f696eaab4a929978e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://nouveau.cosmetic.deals/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"49c10bd7921f287bbd5b1180cb008e10"
age: 104451
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ybn2dt6Ub4qMdIJzPX2f%2Bqq2EbKE%2B6Xyj8BxpPoQkNS1Avd7hetERXjPRK3Ff%2BRN2OsRatj3tFz38SuEaZJeft0%2BdDutVVQqALxYhM3gfqBDw1nklGyKd9ON8ioIJKZEi7RqmPc8yAvTOHb6DgGBbIAI"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4367&sent=6&recv=8&lost=0&retrans=0&sent_bytes=4017&recv_bytes=2420&delivery_rate=1365918&cwnd=254&unsent_bytes=0&cid=bf199365ef7bc1d2&ts=570&x=0"
date: Tue, 29 Oct 2024 14:16:38 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3c8d7dccc7193-LHR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 solid.css
use.fontawesome.com/releases/v5.15.4/css/ 669 B
753 B 707ms
65ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/solid.css
Requested by: Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 882e58c671a484d0daa97a2807060e1a1ad16e73a87753f494a0a8f24412164b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://nouveau.cosmetic.deals/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"685a6b10be9f3db25acf78c5e7ba7379"
age: 104451
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=irjLr4oiFhE9Xj5LWVVrAL%2BAL9%2FUm0uYfx1ht0wrpl4sIptZlB%2F7NbnrGTX0Q1tJravyXU%2Bp1mDiq1wdQMh2A%2F6wpT4ATNhnujsKBKDi0HckVBNS%2FqZeFdizErGgqjFZlb%2FHClAY3Ln2QkpoQdkEGPyQ"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5711&sent=12&recv=10&lost=0&retrans=0&sent_bytes=5863&recv_bytes=2420&delivery_rate=1365918&cwnd=258&unsent_bytes=0&cid=bf199365ef7bc1d2&ts=589&x=0"
date: Tue, 29 Oct 2024 14:16:38 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3c8d7dcc77193-LHR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 brands.css
use.fontawesome.com/releases/v5.15.4/css/ 675 B
747 B 698ms
56ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/brands.css
Requested by: Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71d8dae725ec4dd82504e24d40cf6e5678b0e02d28888a68f6b8488a87d424dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://nouveau.cosmetic.deals/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"2c213c9e855a714f04273ad8ddfec94a"
age: 104451
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rfWXjkrqYz2pd245Q846MYaFIEIrYOxIILN%2BcDXH30YDhlf%2FUeDEUsXYBRWNmictg8c9QyumsXMKX41%2Fctx6sraEARg4zkaWXgarfFXtNnKJQsxWhhdCZS9xjFw3tPeN9Gdgd9T5mjwND2%2Fz9AvisMDc"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4367&sent=9&recv=8&lost=0&retrans=0&sent_bytes=5050&recv_bytes=2420&delivery_rate=1365918&cwnd=254&unsent_bytes=0&cid=bf199365ef7bc1d2&ts=571&x=0"
date: Tue, 29 Oct 2024 14:16:38 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3c8d7dcca7193-LHR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 139 KB
17 KB 878ms
167ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,500,600,700,800,900%7COpen%20Sans:400,500,600,700,800,900%7CMontserrat:400,500,600,700,800,900%7CCairo:400,500,600,700,800,900%7CCrafty%20Girls:400,500,600,700,800,900%7CCute%20Font:400,500,600,700,800,900%7CCroissant%20One:400,500,600,700,800,900%7CFresca:400,500,600,700,800,900%7CAcme:400,500,600,700,800,900%7CPlayfair%20Display:400,500,600,700,800,900%7CPlayfair%20Display%20SC:400,500,600,700,800,900%7CRacing%20Sans%20One:400,500,600,700,800,900%7CPoppins:400,500,600,700,800,900%7CRoboto:400,500,600,700,800,900&display=swap

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f89764bc563401ff3a09aecd0f33d38c8ecd5db697ff67a627977f53cbbe931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 14:16:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 14:16:38 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 29 Oct 2024 14:16:38 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 element_animation.css
stcdn.leadconnectorhq.com/funnel/css/ 23 KB
2 KB 872ms
161ms Stylesheet
text/css 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/funnel/css/element_animation.css

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936859c206147395cd62c6965c8dced9ae5c5af82b16d5fe9fba21dd5587fcdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=7N90sA==, md5=H6KFk0vIwU5kvs0iZtURgw==
cf-cache-status: HIT
etag: W/"1fa285934bc8c14e64becd2266d51183"
age: 1921
content-encoding: gzip
x-goog-stored-content-encoding: identity
expires: Tue, 29 Oct 2024 18:16:38 GMT
x-goog-stored-content-length: 23147
date: Tue, 29 Oct 2024 14:16:38 GMT
content-type: text/css
last-modified: Tue, 25 Jun 2024 10:51:31 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2LIdOc8iZcorpCh8_mmUmT60IpzkTMkL_L1BmiUda_GUbLQG-_-1pbx38t2VWgh-R-jg
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=14400
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8d85d55cd45-LHR
access-control-allow-origin: *
x-goog-generation: 1719312691729290
server: cloudflare

GET
H2 200 entry.33a35f6f.js Show response
stcdn.leadconnectorhq.com/_preview/ 362 KB
105 KB 1061ms
351ms Script
text/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/entry.33a35f6f.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab3b01ff31d66de9bb02e8f109d3fdd224e080e7d854a8d070b34703dadcda92

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=xTPNAw==, md5=jtIW3PPbiGCgWlgTtgEaoA==
etag: "8ed216dcf3db8860a05a5813b6011aa0"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:38 GMT
x-goog-stored-content-length: 106965
date: Tue, 29 Oct 2024 14:16:38 GMT
content-type: text/javascript
last-modified: Mon, 28 Oct 2024 10:44:13 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY04dn01OSHX-_maUcHP82S3MDRcu-InBkrzGDbKAQ-8gsWX_Lr3XJVHOSGmZzdE_IlHFGt7bzMeow
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8d85cd76377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730112253117903
content-length: 106965
server: cloudflare

GET
H/1.1 200
OK embedAevaScript.js Show response
aeva-static-bucket.s3.amazonaws.com/static/js/ 1023 B
2 KB 1198ms
175ms Script
application/javascript 3.5.30.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aeva-static-bucket.s3.amazonaws.com/static/js/embedAevaScript.js
Requested by: Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.30.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b8859a9c7554cf113bfd5f89666cde7668459ca2917346ba3eac46cf18f77730

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-amz-id-2: 69grBLvu7NxeVlSwTNHqrF26z5Y5Ua4tMScUQ7FtzFz5nBUk5U1JX1Ax9Hi2T2pO5yNpyo1mh4WE6LU3VM0r7UWwe2wAkrpX
Cache-Control: max-age=86400, s-maxage=86400, must-revalidate
ETag: "3873976183aa3384886a29a6302257bd"
x-amz-version-id: null
x-amz-request-id: 0E26EBR3PKRKX7EJ
Accept-Ranges: bytes
Content-Length: 1023
Date: Tue, 29 Oct 2024 14:16:39 GMT
Last-Modified: Wed, 02 Oct 2024 10:29:18 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 6fdd1bbf-c6d2-4c0c-b5ab-9531be8711c2.png
assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/ 22 KB
22 KB 1131ms
421ms Image
image/png 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/6fdd1bbf-c6d2-4c0c-b5ab-9531be8711c2.png

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.153.244.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

173b26e7897d5f702b69f4ea532cf740c981be07dbe95d9a72b3215190e19d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
x-goog-hash: crc32c=IQtuRg==, md5=1Da3GFKC9cm8mFAmLgTjtg==
etag: "d436b7185282f5c9bc9850262e04e3b6"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 22334
date: Tue, 29 Oct 2024 14:16:38 GMT
last-modified: Mon, 07 Oct 2024 15:19:30 GMT
content-type: image/png
x-guploader-uploadid: AHmUCY32j2C4C3UFNVzjJme73-d3SAfyVmXRCxbg0J_jUsTgy3aAd2GuaFjZydy4J2f5a9dRBdB28ntQyg
strict-transport-security: max-age=3104000
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728314370418215
content-length: 22334
server: UploadServer

GET
H2 200 670fb0fb4e44e60941ef84ce.png
assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/ 160 KB
161 KB 877ms
168ms Image
image/png 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/670fb0fb4e44e60941ef84ce.png

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.153.244.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

cd957b36a6b532448aed46deacb17214627618dee8db2be68bfa7a48ba5e3fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
x-goog-hash: crc32c=Hps5WA==, md5=IdwD5pGwNEGGu4ihaSXFTw==
etag: "21dc03e691b0344186bb88a16925c54f"
age: 104450
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 164256
date: Mon, 28 Oct 2024 09:15:48 GMT
last-modified: Wed, 16 Oct 2024 12:26:36 GMT
content-type: image/png
x-guploader-uploadid: AHmUCY1pGsScnJjUMi51KScn7B-DOk-bxWNJ3CmggkeiqPF7M__5eYG1V-r0ah2ykCLK8PjIDg
strict-transport-security: max-age=3104000
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729081595981112
content-length: 164256
server: UploadServer

GET
H2 200 372dff15-e70e-42ec-b1c6-a3ceac2f944f.png
assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/ 208 KB
209 KB 471ms
148ms Image
image/png 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/372dff15-e70e-42ec-b1c6-a3ceac2f944f.png

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.153.244.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

101925c5db4df32018d6563dcdbf5ca786cb70d9b512909a1f570eaf9caacc79

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
x-goog-hash: crc32c=WyI5uA==, md5=lyQVerHhBsNfAPkdxfaqNw==
etag: "9724157ab1e106c35f00f91dc5f6aa37"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 213387
date: Tue, 29 Oct 2024 14:16:38 GMT
last-modified: Mon, 07 Oct 2024 15:19:30 GMT
content-type: image/png
x-guploader-uploadid: AHmUCY1GsaVu90r1_yXHyHWiMUBH1pHz3kiyPxIeQOtyVJsehZ_LFYrKtLDqrmuLyKJp0LgAxmIRZqS5Fg
strict-transport-security: max-age=3104000
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728314370748976
content-length: 213387
server: UploadServer

GET
H2 200 81b74ddb-a5c8-4c19-9a9c-ee01a3631138.png
assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/ 241 KB
241 KB 359ms
60ms Image
image/png 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/81b74ddb-a5c8-4c19-9a9c-ee01a3631138.png

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.153.244.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

d79669e8eb8ad35dcb7d501cf452667f8e03b6c71e2e26d4ad88d16720c04652

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
x-goog-hash: crc32c=iLOc/g==, md5=1/31ChJ/5H+h5gdRD8+zoA==
etag: "d7fdf50a127fe47fa1e607510fcfb3a0"
age: 104449
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 246806
date: Mon, 28 Oct 2024 09:15:49 GMT
last-modified: Mon, 07 Oct 2024 15:19:30 GMT
content-type: image/png
x-guploader-uploadid: AHmUCY1EaNew8UZVDlhjZ1EF1c060H3zsFFJskM94iEsaaNT79RWQZzjfOC4NQOj96Ogmqefc3tRpeN10Q
strict-transport-security: max-age=3104000
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728314370876220
content-length: 246806
server: UploadServer

GET
H2 200 6b88f374-3d00-4de5-bc48-09a22b1c23e9.svg+xml
assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/ 42 KB
32 KB 424ms
127ms Image
image/svg+xml 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/6b88f374-3d00-4de5-bc48-09a22b1c23e9.svg+xml

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.153.244.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

8f3a9d8e7cfa80c4f731d6f228af72df0a2ff8880e98444bcb91fd7c36057a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
x-goog-hash: crc32c=se4YQg==, md5=IaKSJkcNqJe/0PRR3r4M0Q==
content-encoding: br
etag: W/"21a29226470da897bfd0f451debe0cd1"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 43343
date: Tue, 29 Oct 2024 14:16:38 GMT
last-modified: Mon, 07 Oct 2024 15:19:30 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY0-T6UonfZlN7-VkrkXWriZyss_Zx0OmFR2A8DChbCB-giIUwyJEqManetjeKUhAprs9Rew8VgwIg
strict-transport-security: max-age=3104000
x-goog-meta-custom: metadata
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1728314370961182
server: UploadServer

GET
H2 200 7bf7c0ee-67b0-4115-8fae-bb6b316ff95f.svg+xml
assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/ 83 KB
61 KB 391ms
97ms Image
image/svg+xml 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/7bf7c0ee-67b0-4115-8fae-bb6b316ff95f.svg+xml

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.153.244.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

439583fab3b236ae333728c35e0b323ef5578627785fe5d28d020ca6e10a1b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
x-goog-hash: crc32c=723TCg==, md5=6rq4siNSDqwKHVn9IrYAHA==
content-encoding: br
etag: W/"eabab8b223520eac0a1d59fd22b6001c"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 84851
date: Tue, 29 Oct 2024 14:16:38 GMT
last-modified: Mon, 07 Oct 2024 15:19:31 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2BXnT2BtKw5HUUw8EttQQHNVk6YO01wKBt0pSXFSOQVlt_P7gd4Dxs_haWbhcWC1wkAbmIj3zqVw
strict-transport-security: max-age=3104000
x-goog-meta-custom: metadata
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1728314371093425
server: UploadServer

GET
H2 200 317d0e12-fa06-4128-a567-c88f9df53ee0.svg+xml
assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/ 46 KB
35 KB 353ms
59ms Image
image/svg+xml 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/317d0e12-fa06-4128-a567-c88f9df53ee0.svg+xml

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.153.244.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

d4e40c9014d9bdddb815903ffd84ff0d89b04706ea65fca1219046f0421e1516

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
x-goog-hash: crc32c=yXI21A==, md5=ZR9Zj9Y6e/lN5Ku3lAClCw==
content-encoding: br
etag: W/"651f598fd63a7bf94de4abb79400a50b"
age: 104449
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 47066
date: Mon, 28 Oct 2024 09:15:49 GMT
last-modified: Mon, 07 Oct 2024 15:19:31 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2ZQ5MwARc2pcDaeRGdtfAXxzAYZgv5I6UvUQga_HYpKO772Voyv0DcxhaPUC_aeYLAeq3zVempYQ
strict-transport-security: max-age=3104000
x-goog-meta-custom: metadata
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1728314371024707
content-length: 35429
server: UploadServer

GET
H2 200 71af0af1-eac5-447d-85aa-a4cec1df4328.png
assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/ 19 KB
19 KB 391ms
122ms Image
image/png 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/71af0af1-eac5-447d-85aa-a4cec1df4328.png

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.153.244.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

c3f174152e443ab14169b6421a8cf4ed147fc02a0ad87d1bd8f1fffc7ae99dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
x-goog-hash: crc32c=frI5Hw==, md5=QpkTx+P0+ioobJaQsyGDJA==
etag: "429913c7e3f4fa2a286c9690b3218324"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 19022
date: Tue, 29 Oct 2024 14:16:38 GMT
last-modified: Mon, 07 Oct 2024 15:19:31 GMT
content-type: image/png
x-guploader-uploadid: AHmUCY0emDoyj1uKaqCHu4dJYDGUOOgJpmm-j2lI1_fnXy6OHFnxHIKEryakKDQhp6orgPeZP-W_2xpQrg
strict-transport-security: max-age=3104000
x-goog-meta-custom: metadata
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728314371021584
content-length: 19022
server: UploadServer

GET
H2 200 9827e27e-6fb4-43f0-9e7a-fe7272f4dd13.svg+xml
assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/ 6 KB
2 KB 335ms
69ms Image
image/svg+xml 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/9827e27e-6fb4-43f0-9e7a-fe7272f4dd13.svg+xml

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.153.244.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

9fdd5732e886d51e99da2dd0560fcd2246847dc2c856d065d511eac0e813796b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
x-goog-hash: crc32c=cXjIUA==, md5=Jzgv+rQuH68SO3e13pfnfA==
content-encoding: br
etag: W/"27382ffab42e1faf123b77b5de97e77c"
age: 104448
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 5820
date: Mon, 28 Oct 2024 09:15:50 GMT
last-modified: Mon, 07 Oct 2024 15:19:31 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY09v_VzxlZ_rpRfGKks4QvHd3Ww3LfX8Hq1P2H8MA0xU9OJLAPXzJMQmrZobVZw04HXsOlXzPH8DA
strict-transport-security: max-age=3104000
x-goog-meta-custom: metadata
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1728314371088654
content-length: 1736
server: UploadServer

GET
H2 200 b488e8e3-a598-4f52-ad04-b40b0e7a4858.png
assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/ 87 KB
87 KB 326ms
62ms Image
image/png 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/b488e8e3-a598-4f52-ad04-b40b0e7a4858.png

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.153.244.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

c9699323c72c367557333c3d17cc40d30c6a8527816806719b185dd55016dcae

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
x-goog-hash: crc32c=LrnrIQ==, md5=IAIHaVHaHuQW5MUFtksz5Q==
etag: "2002076951da1ee416e4c505b64b33e5"
age: 104448
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 88894
date: Mon, 28 Oct 2024 09:15:50 GMT
last-modified: Mon, 07 Oct 2024 15:19:31 GMT
content-type: image/png
x-guploader-uploadid: AHmUCY1nLJz8Kkh4ueIRjg6Nss1i4aLFyEj5k-qkw3H_SHjPWVmmWhLeDSJY91O6WriZe63nlP1Hf2_w3Q
strict-transport-security: max-age=3104000
x-goog-meta-custom: metadata
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728314371090440
content-length: 88894
server: UploadServer

GET
H2 200 payment-warning.dd3003de.svg
stcdn.leadconnectorhq.com/_preview/ 0
582 B 250ms
68ms Other
image/svg+xml 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/payment-warning.dd3003de.svg
Requested by: Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache, Content-Disposition
content-encoding: gzip
x-goog-hash: crc32c=GFPCHg==, md5=rd2cDI2DRnlnjckz8UfCDg==
etag: "addd9c0c8d834679678dc933f147c20e"
age: 8912316
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:38 GMT
x-goog-stored-content-length: 208
date: Tue, 29 Oct 2024 14:16:38 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Mar 2024 06:40:38 GMT
vary: Accept-Encoding
x-guploader-uploadid: ABPtcPo5IpQWcEsDPOUgraBNh3wTSnzYYp6qIJjT1MDhJfQh2iT89ON862Ols08B67PM21EFVA0S6SwCmA
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
cf-ray: 8da3c8db190acd45-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1709707238909933
content-length: 208
server: cloudflare

GET
H2 200 /
api.aevadigital.com/api/v1/forms/174/form-view/ Frame ABF3 0
0 1007ms
340ms Document
text/html 54.196.234.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.aevadigital.com/api/v1/forms/174/form-view/

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.196.234.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-234-102.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://nouveau.cosmetic.deals/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

allow: GET, HEAD, OPTIONS
content-length: 69517
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 14:16:39 GMT
server: gunicorn/20.0.4
vary: Cookie, Accept, Origin
x-content-type-options: nosniff
x-frame-options: ALLOWALL

GET
DATA 200
OK truncated
/ 788 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2bcaa68f0a7810ee95b5a352a707a941602cec2a5f1fde91e6cd1e8ee5326f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 index.0265d98c.js Show response
stcdn.leadconnectorhq.com/_preview/ 59 KB
20 KB 296ms
284ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Requested by

Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/entry.33a35f6f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f13a015b0c348bd1ddd5571c3216a79cfb1ffa32ecc3f50adfc676862803910

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/entry.33a35f6f.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=YOF50A==, md5=fHuvgNvHkj7QzYxvLffd2w==
etag: "7c7baf80dbc7923ed0cd8c6f2df7dddb"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:39 GMT
x-goog-stored-content-length: 19744
date: Tue, 29 Oct 2024 14:16:39 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY1qoK_wSxUu4V4mcJH90_rijoimQb4KgAveFYocBSSG6zo5S8GPjzsMVw-yon6Z4IGtFk0
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8de9daa6377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111971966087
content-length: 19744
server: cloudflare

GET
H3 200 2d2c6b00-a601-4ba4-83ce-8717c0940230.jpeg
assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/ 199 KB
199 KB 357ms
356ms Image
image/jpeg 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.cdn.filesafe.space/HCBTRG5CYFot7DbED1Sq/media/2d2c6b00-a601-4ba4-83ce-8717c0940230.jpeg

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.153.244.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

042788b8c59ee810610b61d3996edd9fa97dca7f3d79bd61320e87a89432c5cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
x-goog-hash: crc32c=22cBCA==, md5=mE+dfWEQBcGgz62sMxU1aQ==
etag: "984f9d7d611005c1a0cfadac33153569"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 203934
date: Tue, 29 Oct 2024 14:16:39 GMT
last-modified: Mon, 07 Oct 2024 15:19:30 GMT
content-type: image/jpeg
x-guploader-uploadid: AHmUCY3_HiNzlLF9e5fnmmiliaLbrpPt9qSFrEzE-FSZajeUafUtGZ4DYEopNlh_EPOP3L60qBK7JAPn4Q
strict-transport-security: max-age=3104000
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728314370382451
content-length: 203934
server: UploadServer

GET
H3 200 663bd242660aba4eec880076.jpeg
assets.cdn.filesafe.space/XeePuj62QL5WVHUHt8SG/media/ 356 KB
356 KB 390ms
387ms Image
image/jpeg 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.cdn.filesafe.space/XeePuj62QL5WVHUHt8SG/media/663bd242660aba4eec880076.jpeg

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.153.244.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

42c6aca24189730b342df60762d44a6976c7b32590fe4e7b70a13f748796d239

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
x-goog-hash: crc32c=3Nm+Hw==, md5=t4acJ1m/Q4vfFrRQwEnqkg==
etag: "b7869c2759bf438bdf16b450c049ea92"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 364184
date: Tue, 29 Oct 2024 14:16:39 GMT
last-modified: Wed, 08 May 2024 19:28:02 GMT
content-type: image/jpeg
x-guploader-uploadid: AHmUCY1GDnLOn_CZs5p3hX8v3960-9MxLyX5OfqwMbTTxIsuts1n6ri6mtGlQVvIjEB1l0QrNwKGbLtCLQ
strict-transport-security: max-age=3104000
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1715196482381710
content-length: 364184
server: UploadServer

GET
H3 200 663ccec2879442e5f4a6d75a.jpeg
assets.cdn.filesafe.space/XeePuj62QL5WVHUHt8SG/media/ 188 KB
189 KB 438ms
436ms Image
image/jpeg 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.cdn.filesafe.space/XeePuj62QL5WVHUHt8SG/media/663ccec2879442e5f4a6d75a.jpeg

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.153.244.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

b9c72afba2587ac8edbe84a9e939182df39e35aa7f52617f868abdd3be4474b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
x-goog-hash: crc32c=4o9MUA==, md5=4lzX95WYOLTLF4uNVwThaA==
etag: "e25cd7f7959838b4cb178b8d5704e168"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 192964
date: Tue, 29 Oct 2024 14:16:39 GMT
last-modified: Thu, 09 May 2024 13:25:22 GMT
content-type: image/jpeg
x-guploader-uploadid: AHmUCY06AoIDrhK7qdF3YwLJ7lz0gxOV4BsWdtWenfZpv3ZA5OxaDL4I3H-v3cbEMFF5ARTFwfq1KNjMPA
strict-transport-security: max-age=3104000
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1715261122826676
content-length: 192964
server: UploadServer

GET
H3 200 664ba848434d4d9b209bd4bf.png
assets.cdn.filesafe.space/XeePuj62QL5WVHUHt8SG/media/ 1 MB
1 MB 346ms
345ms Image
image/png 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.cdn.filesafe.space/XeePuj62QL5WVHUHt8SG/media/664ba848434d4d9b209bd4bf.png

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.153.244.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

f242b8e8a8644c3da55ea80dedbb39e139982f349a7b2be8f0cc5a351e38f202

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
x-goog-hash: crc32c=R9grrg==, md5=6+SLBIU5B/ql4E0TNRX62A==
etag: "ebe48b04853907faa5e04d133515fad8"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1409114
date: Tue, 29 Oct 2024 14:16:39 GMT
last-modified: Mon, 20 May 2024 19:45:13 GMT
content-type: image/png
x-guploader-uploadid: AHmUCY1j0sQ74hk1F_1jn1aI-mmePxiUzWD4i9-2qdGTUH668f2kKjPvao1cdN8UO5c0w9qXyWq89L5q7A
strict-transport-security: max-age=3104000
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1716234313564612
content-length: 1409114
server: UploadServer

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 402ms
107ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,500,600,700,800,900%7COpen%20Sans:400,500,600,700,800,900%7CMontserrat:400,500,600,700,800,900%7CCairo:400,500,600,700,800,900%7CCrafty%20Girls:400,500,600,700,800,900%7CCute%20Font:400,500,600,700,800,900%7CCroissant%20One:400,500,600,700,800,900%7CFresca:400,500,600,700,800,900%7CAcme:400,500,600,700,800,900%7CPlayfair%20Display:400,500,600,700,800,900%7CPlayfair%20Display%20SC:400,500,600,700,800,900%7CRacing%20Sans%20One:400,500,600,700,800,900%7CPoppins:400,500,600,700,800,900%7CRoboto:400,500,600,700,800,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://fonts.googleapis.com/

Response headers

age: 595695
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:48:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:48:24 GMT
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7816
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 397ms
103ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://fonts.googleapis.com/

Response headers

age: 21938
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 08:11:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 08:11:01 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 442ms
150ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://fonts.googleapis.com/

Response headers

age: 598447
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:02:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:02:32 GMT
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 399ms
106ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://fonts.googleapis.com/

Response headers

age: 20849
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 08:29:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 08:29:10 GMT
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33092
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 398ms
107ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://fonts.googleapis.com/

Response headers

age: 596711
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:31:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:31:28 GMT
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
x-xss-protection: 0
server: sffe

GET
H2 200 constants.c51714f4.js Show response
stcdn.leadconnectorhq.com/_preview/ 141 KB
47 KB 181ms
160ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/constants.c51714f4.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd82f984d3fcfeb13cc15b34cce97eab4883781a8a2ecbbce9175726174b3f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=9MsrQw==, md5=r22rYbsQJailAd792ta8zQ==
etag: "af6dab61bb1025a8a501defddad6bccd"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:40 GMT
x-goog-stored-content-length: 47345
date: Tue, 29 Oct 2024 14:16:40 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3XfLcawp44jTIH4RVXVwPAf9QQLwbPXXV8cvYui6JfpOxhsTprghERxFWfNLLvtA1VEPE
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8e3fd446377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111972388170
content-length: 47345
server: cloudflare

GET
H2 200 HLImage.vue.be8c1b45.js Show response
stcdn.leadconnectorhq.com/_preview/ 3 KB
1 KB 190ms
170ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/HLImage.vue.be8c1b45.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

189d58ed1a05a6b777b5c817c3d6e2fe358085bfdf4217962caa3d55e76352ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=SEzsRQ==, md5=7mFRnYt1J5u/O3FCdEfhPA==
etag: "ee61519d8b75279bbf3b71427447e13c"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:40 GMT
x-goog-stored-content-length: 1053
date: Tue, 29 Oct 2024 14:16:40 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3HYDvaFc60Ux8l9_cR6vboBXhQoY9XhCQgFQhmGbrVCnBTw7_YQa9-FOEmBM2FhgSYkKc
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8e3fd456377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111972473838
content-length: 1053
server: cloudflare

GET
H2 200 useRedirectAction.b2c86b35.js Show response
stcdn.leadconnectorhq.com/_preview/ 6 KB
2 KB 214ms
193ms Script
text/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/useRedirectAction.b2c86b35.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c86e3d32e1c21800153ba0c4dfa63768ed6648b105a3f0f8683668da2e3dd7dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=kbEPdA==, md5=kojwf1HCtZsHcqon+AD30g==
etag: "9288f07f51c2b59b0772aa27f800f7d2"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:40 GMT
x-goog-stored-content-length: 2153
date: Tue, 29 Oct 2024 14:16:40 GMT
content-type: text/javascript
last-modified: Mon, 28 Oct 2024 10:44:34 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY1LrV9P8rUvuJZu0KllserNIT--AxW_hGCOiUUW-b40VSXJDB3_YQfa2vqWMUJkqS3id7M
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8e3fd486377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730112274394627
content-length: 2153
server: cloudflare

GET
H2 200 client-only.aa11001b.js Show response
stcdn.leadconnectorhq.com/_preview/ 463 B
575 B 213ms
193ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/client-only.aa11001b.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bf87668c0ebb1dbf580cbab4136429011d00359074181d8729c7d3f7c1d44e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=5N3dvg==, md5=NDAMAxmly8YCsf3A+DfkGg==
etag: "34300c0319a5cbc602b1fdc0f837e41a"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:40 GMT
x-goog-stored-content-length: 315
date: Tue, 29 Oct 2024 14:16:40 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:31 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY20e94B1PEsIXaNK11wXr9fwYEt9CWs6N9SZw0lX5-e4g3bac5WbTxwTwMIrc66nXycxaM
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8e3fd496377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111971791739
content-length: 315
server: cloudflare

GET
H2 200 components.563eb73a.js Show response
stcdn.leadconnectorhq.com/_preview/ 1 KB
797 B 178ms
158ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/components.563eb73a.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c9946317a3176c840ede8b2b9541e06094c9ca040dd6c853daebd96c1def37

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=W4sInw==, md5=9RvS8sOINmMfI6axlbPpug==
etag: "f51bd2f2c38836631f23a6b195b3e9ba"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:40 GMT
x-goog-stored-content-length: 576
date: Tue, 29 Oct 2024 14:16:40 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY0SYdbw99ibGglzPHhF_j7BE9LD0SftLFM059Q9pT4yKH6kqSyakIpKxXfW5BoEuwNg-jc
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8e3fd4b6377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111971886477
content-length: 576
server: cloudflare

GET
H2 200 HLConst.96411594.js Show response
stcdn.leadconnectorhq.com/_preview/ 3 KB
1 KB 144ms
126ms Script
text/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/HLConst.96411594.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fd95407a72f673759ccae9d1794a07ca7724660aedc900f871e4a2b3c3bf1a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=/qeHXA==, md5=owBmHbraJawX/g96MF75RA==
etag: "a300661dbada25ac17fe0f7a305ef944"
age: 104450
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:40 GMT
x-goog-stored-content-length: 1220
date: Tue, 29 Oct 2024 14:16:40 GMT
content-type: text/javascript
last-modified: Thu, 17 Oct 2024 16:14:52 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY09buUc70VC51AWk9zPoL1vhlBVOReMHFt-ODx72wzF7dcG07L5Ddqvumv8T4fU-ncvJHI
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8e3fd4d6377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729181692303524
content-length: 1220
server: cloudflare

GET
H2 200 HtmlPreview.vue.b6684cca.js Show response
stcdn.leadconnectorhq.com/_preview/ 835 B
798 B 187ms
170ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/HtmlPreview.vue.b6684cca.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d523593d77e8078a833c528bafee6f6f5612cd507c0b37ccd5692d7937aa274

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=zSbC/g==, md5=zrUae2keBnTJBA8RTpSp0A==
etag: "ceb51a7b691e0674c9040f114e94a9d0"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:40 GMT
x-goog-stored-content-length: 537
date: Tue, 29 Oct 2024 14:16:40 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:31 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY0OTKITP8nICv843Bzh3iGP8iCzKzAYjnCDU-JQ1RqLy5ftoMFYbwj5kfbSMl6GPCnk27o
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8e3fd4e6377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111971856476
content-length: 537
server: cloudflare

GET
H2 200 utils.fb070473.js Show response
stcdn.leadconnectorhq.com/_preview/ 4 KB
2 KB 194ms
177ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/utils.fb070473.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6e553d283074f00d92158811602a5aa6be8a815407fbb4f248324070d9689df

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=xYpP5A==, md5=9cimW4RYF3VAyGwZkTVLAw==
etag: "f5c8a65b8458177540c86c1991354b03"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:40 GMT
x-goog-stored-content-length: 1879
date: Tue, 29 Oct 2024 14:16:40 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:31 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3zTIJTzwiMppduHt5sxPjI70b48-jYGzKrb2zvB16xBdRy_pbldBnJAxeZ0Ib4ah_msek
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8e3fd4f6377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111971692121
content-length: 1879
server: cloudflare

GET
H2 200 index.f3089046.js Show response
stcdn.leadconnectorhq.com/_preview/ 27 KB
10 KB 177ms
160ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/index.f3089046.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89deaf504e9c55597f90b9fe13dbc6cee0457d343dd26da6f0a1cd8832137a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=STG1yQ==, md5=KdsJcVKuipvs75nGcklHzQ==
etag: "29db097152ae8a9becef99c6724947cd"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:40 GMT
x-goog-stored-content-length: 9449
date: Tue, 29 Oct 2024 14:16:40 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:31 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2pnHi2JSGx2NRc2UphGss0JA7Cdz6Dh2g1S3fLyGIE5AmTu07v_eleacEKeKMCBaHHDYCZlabiEw
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8e3fd506377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111971705972
content-length: 9449
server: cloudflare

GET
H2 200 FunnelServices.66df8303.js Show response
stcdn.leadconnectorhq.com/_preview/ 1 KB
819 B 174ms
160ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/FunnelServices.66df8303.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2578ba546d7cefefa39079fbce081deacea7afce3ed2e88ec2a0ae16d93cc17

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=aEc3Bw==, md5=UiPYc7m7/uGjrE5wT2gUdA==
etag: "5223d873b9bbfee1a3ac4e704f681474"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:40 GMT
x-goog-stored-content-length: 600
date: Tue, 29 Oct 2024 14:16:40 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY26dhWFPgeY6WjGxmqMlSvEa3YCfXXMDtZUDTOlTiZyS7mF9QhU-eOwDL4-iSfS2w5-zXs
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8e3fd516377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111971921717
content-length: 600
server: cloudflare

GET
H2 200 am_helper.1a9cda5d.js Show response
stcdn.leadconnectorhq.com/_preview/ 1 KB
830 B 214ms
200ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/am_helper.1a9cda5d.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da1815b00114fa77a7501c216f0259327a317ab73d73069196da556e5800ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=gpkaSA==, md5=QBr6xY00nNvxnvxp8DYCAQ==
etag: "401afac58d349cdbf19efc69f0360201"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:40 GMT
x-goog-stored-content-length: 605
date: Tue, 29 Oct 2024 14:16:40 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:31 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3SIl5yE3tZ5kL74N4WJne4Zo51UvzoctwKZL08psoXa0J29kLA4DnK6wW4A9dnCwzz5IYmsNw_ig
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8e40d626377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111971759966
content-length: 605
server: cloudflare

GET
H2 200 currency_helper.2220ef65.js Show response
stcdn.leadconnectorhq.com/_preview/ 16 KB
4 KB 140ms
126ms Script
text/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/currency_helper.2220ef65.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

497c2a35bc777c075d8f3021b6494e3b61e01b1d77096cca7f9cee4d95bb84d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=+SRqeA==, md5=Orx0eE+vkC/f6ZsjGIx4JQ==
etag: "3abc74784faf902fdfe99b23188c7825"
age: 104450
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:40 GMT
x-goog-stored-content-length: 3956
date: Tue, 29 Oct 2024 14:16:40 GMT
content-type: text/javascript
last-modified: Mon, 21 Oct 2024 06:47:51 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY0vasHE0yRsHf68UKJTwPekED8LFpuQcMIXhoUs__Ltm_1P0-xvoy5li4zdEDhnM7lkSfE
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8e40d636377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729493271462115
content-length: 3956
server: cloudflare

GET
H2 200 i18n.config.45aa417d.js Show response
stcdn.leadconnectorhq.com/_preview/ 58 B
385 B 407ms
298ms Script
text/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/i18n.config.45aa417d.js

Requested by

Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/entry.33a35f6f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b56338a8f6f0ce3008ac25c1f21cd54317b7490261477edd9632e7ccd058656

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/entry.33a35f6f.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=QCRzSw==, md5=MFt08A6kdYhuxsYvH0lEUw==
etag: "305b74f00ea475886ec6c62f1f494453"
age: 104451
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:41 GMT
x-goog-stored-content-length: 90
date: Tue, 29 Oct 2024 14:16:41 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 09:34:11 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3Vdcq8-on4xm6vCfjQU43FhV2azxufX9FhAQ5fGf7pIOua-wj9p0_IZbwMlCora18D5kA
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8e87c316377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728984851777047
content-length: 90
server: cloudflare

GET
H/1.1 200
OK attachListener.js Show response
aeva-static-bucket.s3.amazonaws.com/static/js/ 1 KB
2 KB 475ms
454ms Script
application/javascript 3.5.30.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aeva-static-bucket.s3.amazonaws.com/static/js/attachListener.js
Requested by: Host: aeva-static-bucket.s3.amazonaws.com
URL: https://aeva-static-bucket.s3.amazonaws.com/static/js/embedAevaScript.js
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.30.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a848ce751323085263984dfff31147541a533c8c258da016b206538263f9560a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-amz-id-2: OK2Bi5qucf8Fa6c/UJLP+e/xAUZg/atAW42EYtCw5Lyc6IL+JLf/mxe89TVgHDFH9tZ8jS7KW7tg5VNlQR+Zp3g1VkR99h08
Cache-Control: max-age=86400, s-maxage=86400, must-revalidate
ETag: "bd60751234c036d2a0ad547649533cab"
x-amz-version-id: null
x-amz-request-id: P5WGWSYGJHRZBG36
Accept-Ranges: bytes
Content-Length: 1421
Date: Tue, 29 Oct 2024 14:16:42 GMT
Last-Modified: Wed, 02 Oct 2024 10:29:18 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
76 KB 476ms
70ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJVW3CZZ

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e86dfb37d44e4b507e85f1a38bf050866718bb39343345b1fcbb5583369b0c8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 29 Oct 2024 14:16:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 14:16:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 29 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77133
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 229 KB
58 KB 296ms
116ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-akQR9jNI' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 14:16:41 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-akQR9jNI' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=5686, tp=10, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: 1kayy6mS1ulnD2YyTuZ5cP6Uu7sQZT3FPp8qvglVJwmj+CqCcjkpVPaeJT+spDQdpue69qdTJ5yvFTnNtN7Sig==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59722
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 page.f426176b.js Show response
stcdn.leadconnectorhq.com/_preview/ 816 B
1 KB 195ms
109ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/page.f426176b.js

Requested by

Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/entry.33a35f6f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2115fb94188371a585c0e7e34c2a5f7680d643d394548d6d99a352023594886

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/entry.33a35f6f.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=A2oHhA==, md5=VMbvzkPYfwS0Ogz6p/xSIg==
etag: "54c6efce43d87f04b43a0cfaa7fc5222"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:41 GMT
x-goog-stored-content-length: 527
date: Tue, 29 Oct 2024 14:16:41 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:31 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3olPf0xXLAoc1jzTUtUnqKg7P5artiLd0bzS6maapi04ni8KQpR9FA1K7l7xuBuiBQz-hOObuXHA
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8ebc91e6377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111971589931
content-length: 527
server: cloudflare

GET
H2 200 CustomCodeRenderer.b25648b0.js Show response
stcdn.leadconnectorhq.com/_preview/ 926 B
853 B 230ms
154ms Script
text/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/CustomCodeRenderer.b25648b0.js

Requested by

Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aab877ef0be4732cd6e017ce5e4ed4284deaba5f5029967726110dfcd11119e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=xHrc6g==, md5=BgjhKD8T0u0JlTS6LfI6aQ==
etag: "0608e1283f13d2ed099534ba2df23a69"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:42 GMT
x-goog-stored-content-length: 565
date: Tue, 29 Oct 2024 14:16:42 GMT
content-type: text/javascript
last-modified: Mon, 28 Oct 2024 10:44:22 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2YWfzLJ_yyPx7rIxLY4utx-z74Hvzo6egK6IUE2r7tFnTtSaAIRsN6P9-B5xrdNrefmYU
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8edec2a6377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730112262488976
content-length: 565
server: cloudflare

GET
H2 200 Button.f71da64a.css
stcdn.leadconnectorhq.com/_preview/ 88 B
406 B 74ms
67ms Stylesheet
text/css 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/Button.f71da64a.css

Requested by

Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/entry.33a35f6f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f71da64a45777c805def97f5cc0309c33cdb1cb04a98a19e8e3ae38007aef59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache, Content-Disposition
content-encoding: gzip
x-goog-hash: crc32c=0F/7Uw==, md5=NHV/Fp61azypQQwC8/lnmg==
etag: "34757f169eb56b3ca9410c02f3f9679a"
age: 32296
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:41 GMT
x-goog-stored-content-length: 109
date: Tue, 29 Oct 2024 14:16:41 GMT
content-type: text/css
last-modified: Sat, 19 Oct 2024 11:49:16 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3oznbx92RsK92kccqmyBQ0qjRp3kPZLjxAYMboEtgjjC65empLJM_EamuGdfygc-rx4xU
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8ede969cd45-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729338556713399
content-length: 109
server: cloudflare

GET
H2 200 Button.38d7e5ec.js Show response
stcdn.leadconnectorhq.com/_preview/ 19 KB
7 KB 147ms
142ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/Button.38d7e5ec.js

Requested by

Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15aa4972cbbd04a87518df7930c74543b8766ea081b6adb7fd446dc8552dbf62

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/index.0265d98c.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=8z2nQg==, md5=VvqYRS4dAWG9kUDFP1USJw==
etag: "56fa98452e1d0161bd9140c53f551227"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:42 GMT
x-goog-stored-content-length: 6723
date: Tue, 29 Oct 2024 14:16:42 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY08z6XEDw0IUVAeQpnyuJ4lOBJyaALtc3ob4jLd-X8_GiLRlmEF-1nrzGxOwWPd-c2pQJ4
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8ef3e3e6377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111972299601
content-length: 6723
server: cloudflare

GET
H3 200 949003523729046 Show response
connect.facebook.net/signals/config/ 90 KB
18 KB 458ms
457ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/949003523729046?v=2.9.174&r=stable&domain=nouveau.cosmetic.deals&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90ac1dfeeb34888d1ecb8912d588e00493298bb298f042d909e2e1ff3c0a7c8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-rGjPIJ8m' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 14:16:42 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-rGjPIJ8m' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=56, rtx=0, c=69, mss=1232, tbw=69142, tp=64, tpl=0, uplat=361, ullat=0
pragma: public
x-fb-debug: sMWVlvvDWRlcIdZcpuRi7ekuMNvSW13aUbAEVRoiDzPQ9IVCWEln15q+0SS2akUfyUPxgR9UMKGSh9H5N82EtA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
107 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MHSLVW0J6C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJVW3CZZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

279bd01cd3884fb9b021fcaeecc0b443f46e1f91aaa125ffa3aceb0eedf18fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 29 Oct 2024 14:16:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 14:16:42 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108897
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 funnel_event_helper.3781fa50.js Show response
stcdn.leadconnectorhq.com/_preview/ 857 B
667 B 199ms
195ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/funnel_event_helper.3781fa50.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

516da1cec51d1f8108eed6e1fe4336663b1026850585194fce765ccb0ed297b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/Button.38d7e5ec.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=LXJ+IA==, md5=fOFGxgXEnDKYEZFrbqhr9w==
etag: "7ce146c605c49c329811916b6ea86bf7"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:42 GMT
x-goog-stored-content-length: 445
date: Tue, 29 Oct 2024 14:16:42 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY18juGsgOKIPWoLFfKfd_ZcrjW4sZw79gtXdWxu8gLNvSCrhpxVeTYiZ9oDd73R8M8gxp4
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8f038006377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111972473956
content-length: 445
server: cloudflare

GET
H2 200 orderform_helpers.d8510066.js Show response
stcdn.leadconnectorhq.com/_preview/ 9 KB
4 KB 188ms
184ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/orderform_helpers.d8510066.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d813aa7fd4c10378f553e56862276e0b9018c047708d399ca984880e44084131

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/Button.38d7e5ec.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=dnX66g==, md5=7XXWFqhlKvaxsgnAe0/pig==
etag: "ed75d616a8652af6b1b209c07b4fe98a"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:42 GMT
x-goog-stored-content-length: 3468
date: Tue, 29 Oct 2024 14:16:42 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY1mwzS4A3Zr6fIpI0FhKfJKeGHj1HHLO7l6k13gW4TPV8XRInjGoFFh_SGJLJWerBma_Vw
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8f038066377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111972349366
content-length: 3468
server: cloudflare

GET
H2 200 pure.9cabf600.js Show response
stcdn.leadconnectorhq.com/_preview/ 2 KB
1 KB 59ms
56ms Script
text/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/pure.9cabf600.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0011c0f09e26fcf9fff9a80585e0a1347e47514cb7c541678bfd0880909345d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/Button.38d7e5ec.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=hDCPsQ==, md5=cIo9vnrH4j0WR6UHPLyVBA==
etag: "708a3dbe7ac7e23d1647a5073cbc9504"
age: 104450
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:42 GMT
x-goog-stored-content-length: 1192
date: Tue, 29 Oct 2024 14:16:42 GMT
content-type: text/javascript
last-modified: Mon, 21 Oct 2024 06:47:43 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY27K_UhZCxe6NbfprbSyXakkHMTVITsQpPkEXSu1qBtrQn0ho_BJi_9erF7Ny4qZ1udMP4
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8f0380a6377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729493262907897
content-length: 1192
server: cloudflare

GET
H2 200 payment-warning.19ca4dd2.js Show response
stcdn.leadconnectorhq.com/_preview/ 116 B
400 B 187ms
184ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/payment-warning.19ca4dd2.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df8024faa6b8fa2c5a1aa66e6aca76bbc0909c46ac2ca3ea24fe0d1e6e927a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/Button.38d7e5ec.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=73IXKg==, md5=D8egEqwnCcVSGoyZ/uAx8w==
etag: "0fc7a012ac2709c5521a8c99fee031f3"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:42 GMT
x-goog-stored-content-length: 142
date: Tue, 29 Oct 2024 14:16:42 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY1Db_iHsN90fiEYVS-16ShVmrZ1EX7Tjjjuk3-AG43qQXlXNtOoKP_blj0H6RXUBi7YueA
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8f0380b6377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111971921055
content-length: 142
server: cloudflare

GET
H2 200 MoonLoader.vue.f3ae90b0.js Show response
stcdn.leadconnectorhq.com/_preview/ 947 B
1 KB 193ms
190ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/MoonLoader.vue.f3ae90b0.js

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c95237c3419aa36839a02273242c36f88e3271f2ded396cf9f2713666e57d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/Button.38d7e5ec.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=Dt6D0g==, md5=JAjXsibH3uLYSce7BJ8L7g==
etag: "2408d7b226c7dee2d849c7bb049f0bee"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:42 GMT
x-goog-stored-content-length: 496
date: Tue, 29 Oct 2024 14:16:42 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:31 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2DnMQAodhHyIGR6EeqFfCAgX264p1HEnocBmsv93VnLbi3rq3cmaCqcQyqY9pujIGEa0o
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8f0380d6377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111971588334
content-length: 496
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 257ms
105ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MHSLVW0J6C&gtm=45je4ao0v9197930941z89197925330za200zb9197925330&_p=1730211401478&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848~101925629&cid=130887362.1730211402&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730211402&sct=1&seg=0&dl=https%3A%2F%2Fnouveau.cosmetic.deals%2F&dt=Get%20All%20the%20Tox%20You%20Need%20for%20%24169%20a%20Month%20at%20Nouveau%20Aesthetics&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5467
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHSLVW0J6C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://nouveau.cosmetic.deals
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 14:16:42 GMT
content-type: text/plain
server: Golfe2

OPTIONS
H2 204 event
backend.leadconnectorhq.com/stats/ Frame 0
0 315ms
152ms Preflight 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.leadconnectorhq.com/stats/event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: channel,content-type,source,timezone,version
Access-Control-Request-Method: POST
Origin: https://nouveau.cosmetic.deals
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: channel,content-type,source,timezone,version
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8da3c8f3bacb88a3-LHR
date: Tue, 29 Oct 2024 14:16:42 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 1
x-powered-by: Express

GET
H2 200 postscribe.a1093fcd.js Show response
stcdn.leadconnectorhq.com/_preview/ 18 KB
6 KB 191ms
184ms Script
application/javascript 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/postscribe.a1093fcd.js

Requested by

Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/HtmlPreview.vue.b6684cca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19ddafa6976316b185686de484fb6c96a444063d591c5ad482c01b26eb00733f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nouveau.cosmetic.deals
Referer: https://stcdn.leadconnectorhq.com/_preview/HtmlPreview.vue.b6684cca.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=4s7ZoQ==, md5=UjLiyRxTqGIRaNM2RMYtiA==
etag: "5232e2c91c53a8621168d33644c62d88"
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 29 Oct 2025 14:16:42 GMT
x-goog-stored-content-length: 6346
date: Tue, 29 Oct 2024 14:16:42 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:39:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY0wLed2nUTZj1reYx4DiF1CTBICpo3-sWnsrfHj8ngUFTFtGEoqYBHf1DUwmqVOu4XQ8Ff2RPlpyw
access-control-allow-headers: *
strict-transport-security: max-age=3104000
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
access-control-request-headers: *
cf-ray: 8da3c8f22ae36377-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730111972231180
content-length: 6346
server: cloudflare

POST
H2 201 event Show response
backend.leadconnectorhq.com/stats/ 113 B
244 B 313ms
312ms Fetch
application/json 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.leadconnectorhq.com/stats/event

Requested by

Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/entry.33a35f6f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d24db55d815174cbd95e874498d29e9861b6bb1cc466b3d4f060cb70a3c3e734

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nouveau.cosmetic.deals/
timezone: Europe/London
source: WEB_USER
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
channel: APP
content-type: application/json
version: 2021-04-15

Response headers

strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
etag: W/"71-YBAoickeuUJQgb4e41ri+25xWqk"
x-envoy-upstream-service-time: 150
cf-ray: 8da3c8f4bc5088a3-LHR
access-control-allow-origin: *
content-length: 113
date: Tue, 29 Oct 2024 14:16:43 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding
server: cloudflare

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 246ms
101ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=949003523729046&ev=PageView&dl=https%3A%2F%2Fnouveau.cosmetic.deals&rl=&if=false&ts=1730211402831&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=12318&fbp=fb.1.1730211402788.811121734718553717&cs_est=true&pm=1&hrl=763a0c&ler=empty&cdl=API_unavailable&it=1730211402111&coo=false&cs_cc=1&cas=27237307289217946&rqm=GET

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1392, tbw=2931, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 29 Oct 2024 14:16:43 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 368ms
223ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=949003523729046&ev=PageView&dl=https%3A%2F%2Fnouveau.cosmetic.deals&rl=&if=false&ts=1730211402831&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=12318&fbp=fb.1.1730211402788.811121734718553717&cs_est=true&pm=1&hrl=763a0c&ler=empty&cdl=API_unavailable&it=1730211402111&coo=false&cs_cc=1&cas=27237307289217946&rqm=FGET

Requested by

Host: nouveau.cosmetic.deals
URL: https://nouveau.cosmetic.deals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nouveau.cosmetic.deals/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7431201392269525057"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 14:16:43 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: wKA1fM9PvYd5LfAF5u6nCur6cc6fNiH6yQgJ+s9uofI5RxnTZv7NwkqGcZ6buS8XslDsXVJuh794npf+kB4cIQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7431201392269525057", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=1, c=10, mss=1392, tbw=3249, tp=-1, tpl=-1, uplat=168, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 200 create_session Show response
backend.leadconnectorhq.com/attribution_service/user_session_v3/ 105 B
211 B 189ms
186ms Fetch
application/json 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.leadconnectorhq.com/attribution_service/user_session_v3/create_session

Requested by

Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/index.f3089046.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2f2e8988ce944f3a218adcce3a2177d22ad4e319a44999bf2465634ddfa0497c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://nouveau.cosmetic.deals/

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"69-Fq8DenSFmRzPXM7iIrzJMLcNnuo"
x-envoy-upstream-service-time: 31
cf-ray: 8da3c8f6af1a88a3-LHR
access-control-allow-origin: *
date: Tue, 29 Oct 2024 14:16:43 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: cloudflare

OPTIONS
H2 200 create_session
backend.leadconnectorhq.com/attribution_service/user_session_v3/ Frame 0
0 376ms
375ms Preflight 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.leadconnectorhq.com/attribution_service/user_session_v3/create_session

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nouveau.cosmetic.deals
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8da3c8f44ba288a3-LHR
content-length: 0
date: Tue, 29 Oct 2024 14:16:43 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 4
x-powered-by: Express

GET apple-icon.png
www.truetox.co/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.truetox.co
URL: https://www.truetox.co/apple-icon.png

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cosmetic.deals/	1970-01-21 10:12:51	Name: _ga_MHSLVW0J6C Value: GS1.1.1730211402.1.0.1730211402.0.0.0
.cosmetic.deals/	1970-01-21 10:12:51	Name: _ga Value: GA1.1.130887362.1730211402
nouveau.cosmetic.deals/	1970-01-21 09:22:27	Name: msgsndr_id Value: 3f2304d9-d6e1-4c8d-ac24-296e6075b753
.cosmetic.deals/	1970-01-21 02:46:27	Name: _fbp Value: fb.1.1730211402788.811121734718553717

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aeva-static-bucket.s3.amazonaws.com
api.aevadigital.com
assets.cdn.filesafe.space
backend.leadconnectorhq.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
nouveau.cosmetic.deals
region1.google-analytics.com
stcdn.leadconnectorhq.com
use.fontawesome.com
www.facebook.com
www.googletagmanager.com
www.truetox.co
www.truetox.co
2001:4860:4802:34::36
2606:4700:3036::6815:1b98
2606:4700::6812:105f
2606:4700::6812:115f
2606:4700::6812:1659
2a00:1450:4001:812::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.5.30.152
35.244.153.18
54.196.234.102
0011c0f09e26fcf9fff9a80585e0a1347e47514cb7c541678bfd0880909345d1
042788b8c59ee810610b61d3996edd9fa97dca7f3d79bd61320e87a89432c5cd
0da1815b00114fa77a7501c216f0259327a317ab73d73069196da556e5800ed9
101925c5db4df32018d6563dcdbf5ca786cb70d9b512909a1f570eaf9caacc79
15aa4972cbbd04a87518df7930c74543b8766ea081b6adb7fd446dc8552dbf62
173b26e7897d5f702b69f4ea532cf740c981be07dbe95d9a72b3215190e19d53
189d58ed1a05a6b777b5c817c3d6e2fe358085bfdf4217962caa3d55e76352ab
19ddafa6976316b185686de484fb6c96a444063d591c5ad482c01b26eb00733f
1f89764bc563401ff3a09aecd0f33d38c8ecd5db697ff67a627977f53cbbe931
279bd01cd3884fb9b021fcaeecc0b443f46e1f91aaa125ffa3aceb0eedf18fb8
2f13a015b0c348bd1ddd5571c3216a79cfb1ffa32ecc3f50adfc676862803910
2f2e8988ce944f3a218adcce3a2177d22ad4e319a44999bf2465634ddfa0497c
2fd95407a72f673759ccae9d1794a07ca7724660aedc900f871e4a2b3c3bf1a5
42c6aca24189730b342df60762d44a6976c7b32590fe4e7b70a13f748796d239
439583fab3b236ae333728c35e0b323ef5578627785fe5d28d020ca6e10a1b34
497c2a35bc777c075d8f3021b6494e3b61e01b1d77096cca7f9cee4d95bb84d5
4b56338a8f6f0ce3008ac25c1f21cd54317b7490261477edd9632e7ccd058656
516da1cec51d1f8108eed6e1fe4336663b1026850585194fce765ccb0ed297b1
56c9946317a3176c840ede8b2b9541e06094c9ca040dd6c853daebd96c1def37
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
71d8dae725ec4dd82504e24d40cf6e5678b0e02d28888a68f6b8488a87d424dd
7c95237c3419aa36839a02273242c36f88e3271f2ded396cf9f2713666e57d1a
7d523593d77e8078a833c528bafee6f6f5612cd507c0b37ccd5692d7937aa274
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
882e58c671a484d0daa97a2807060e1a1ad16e73a87753f494a0a8f24412164b
89deaf504e9c55597f90b9fe13dbc6cee0457d343dd26da6f0a1cd8832137a42
8bf87668c0ebb1dbf580cbab4136429011d00359074181d8729c7d3f7c1d44e3
8f3a9d8e7cfa80c4f731d6f228af72df0a2ff8880e98444bcb91fd7c36057a91
8ffbd97e0bd6d33be9ea8ccc0f497377055e61c00c8b412f696eaab4a929978e
90ac1dfeeb34888d1ecb8912d588e00493298bb298f042d909e2e1ff3c0a7c8d
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
936859c206147395cd62c6965c8dced9ae5c5af82b16d5fe9fba21dd5587fcdd
9fdd5732e886d51e99da2dd0560fcd2246847dc2c856d065d511eac0e813796b
a848ce751323085263984dfff31147541a533c8c258da016b206538263f9560a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aab877ef0be4732cd6e017ce5e4ed4284deaba5f5029967726110dfcd11119e1
ab3b01ff31d66de9bb02e8f109d3fdd224e080e7d854a8d070b34703dadcda92
b8859a9c7554cf113bfd5f89666cde7668459ca2917346ba3eac46cf18f77730
b9c72afba2587ac8edbe84a9e939182df39e35aa7f52617f868abdd3be4474b5
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c2115fb94188371a585c0e7e34c2a5f7680d643d394548d6d99a352023594886
c3f174152e443ab14169b6421a8cf4ed147fc02a0ad87d1bd8f1fffc7ae99dba
c6e553d283074f00d92158811602a5aa6be8a815407fbb4f248324070d9689df
c86e3d32e1c21800153ba0c4dfa63768ed6648b105a3f0f8683668da2e3dd7dc
c9699323c72c367557333c3d17cc40d30c6a8527816806719b185dd55016dcae
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd957b36a6b532448aed46deacb17214627618dee8db2be68bfa7a48ba5e3fcd
d24db55d815174cbd95e874498d29e9861b6bb1cc466b3d4f060cb70a3c3e734
d2578ba546d7cefefa39079fbce081deacea7afce3ed2e88ec2a0ae16d93cc17
d4e40c9014d9bdddb815903ffd84ff0d89b04706ea65fca1219046f0421e1516
d79669e8eb8ad35dcb7d501cf452667f8e03b6c71e2e26d4ad88d16720c04652
d813aa7fd4c10378f553e56862276e0b9018c047708d399ca984880e44084131
df8024faa6b8fa2c5a1aa66e6aca76bbc0909c46ac2ca3ea24fe0d1e6e927a1d
e2bcaa68f0a7810ee95b5a352a707a941602cec2a5f1fde91e6cd1e8ee5326f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86dfb37d44e4b507e85f1a38bf050866718bb39343345b1fcbb5583369b0c8d
ea897912ff6d21e3fe6e98ddc32c46bb007587695e282fcf842a8a8198264355
f242b8e8a8644c3da55ea80dedbb39e139982f349a7b2be8f0cc5a351e38f202
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f71da64a45777c805def97f5cc0309c33cdb1cb04a98a19e8e3ae38007aef59a
fd82f984d3fcfeb13cc15b34cce97eab4883781a8a2ecbbce9175726174b3f83

nouveau.cosmetic.deals Open in urlscan Pro 2606:4700::6812:1659 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

66 Requests

98 %HTTPS

77 %IPv6

13 Domains

14 Subdomains

14 IPs

2 Countries

3604 kBTransfer

5103 kBSize

4 Cookies

2 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nouveau.cosmetic.deals Open in urlscan Pro
2606:4700::6812:1659 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

98 %
HTTPS

77 %
IPv6

13
Domains

14
Subdomains

14
IPs

2
Countries

3604 kB
Transfer

5103 kB
Size

4
Cookies

66 HTTP transactions
1 data transactions