www.herocosmetics.us Open in urlscan Pro
23.227.38.74 Public Scan

URL:
https://www.herocosmetics.us/
Submission: On June 13 via api (June 13th 2021, 4:43:41 pm UTC) from US

Summary HTTP 280 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 71 IPs in 8 countries across 86 domains to perform 280 HTTP transactions. The main IP is 23.227.38.74, located in Canada and belongs to CLOUDFLARENET, US. The main domain is www.herocosmetics.us.
TLS certificate: Issued by R3 on May 6th 2021. Valid for: 3 months.

This is the only time www.herocosmetics.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:152c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
49	2a04:4e42:600... 2a04:4e42:600::268	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206e:8000:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.18.6.60 104.18.6.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1	2600:9000:215... 2600:9000:2156:6600:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.198.244.47 34.198.244.47	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
4	151.101.12.217 151.101.12.217	54113 (FASTLY) (FASTLY)
2	34.120.58.162 34.120.58.162	15169 (GOOGLE) (GOOGLE)
1	104.16.254.71 104.16.254.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2606:4700:20:... 2606:4700:20::681a:44f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.245.69 99.86.245.69	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:6c0... 2a02:26f0:6c00:28c::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2.16.186.224 2.16.186.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	151.101.114.109 151.101.114.109	54113 (FASTLY) (FASTLY)
8	34.121.8.176 34.121.8.176	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.222.129.39 3.222.129.39	14618 (AMAZON-AES) (AMAZON-AES)
2	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.186.235.23 35.186.235.23	15169 (GOOGLE) (GOOGLE)
1	99.86.241.30 99.86.241.30	16509 (AMAZON-02) (AMAZON-02)
1	99.86.241.20 99.86.241.20	16509 (AMAZON-02) (AMAZON-02)
1	151.101.128.217 151.101.128.217	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	34.120.202.204 34.120.202.204	15169 (GOOGLE) (GOOGLE)
16	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
4	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	130.211.34.183 130.211.34.183	15169 (GOOGLE) (GOOGLE)
1	13.32.2.16 13.32.2.16	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.32.2.38 13.32.2.38	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:170... 2a02:26f0:1700:188::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::ac43:4adc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	168.61.66.40 168.61.66.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2600:9000:211... 2600:9000:211a:fa00:13:ebea:dc0:21	16509 (AMAZON-02) (AMAZON-02)
1	52.217.49.110 52.217.49.110	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3036::6815:3c8f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	167.99.135.134 167.99.135.134	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	199.232.137.140 199.232.137.140	54113 (FASTLY) (FASTLY)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.32.2.92 13.32.2.92	16509 (AMAZON-02) (AMAZON-02)
1 32	54.239.17.112 54.239.17.112	16509 (AMAZON-02) (AMAZON-02)
1	192.229.233.223 192.229.233.223	15133 (EDGECAST) (EDGECAST)
1	52.29.150.149 52.29.150.149	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:b13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
2 2	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	3.11.29.5 3.11.29.5	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
2 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.158.103 3.126.158.103	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.153.71 35.156.153.71	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	18.158.209.84 18.158.209.84	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:16e5:e760:b671:d648	14618 (AMAZON-AES) (AMAZON-AES)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	99.86.239.11 99.86.239.11	16509 (AMAZON-02) (AMAZON-02)
1	18.207.76.245 18.207.76.245	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.2.224.141 52.2.224.141	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.228.49.17 54.228.49.17	16509 (AMAZON-02) (AMAZON-02)
1 1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	82.199.68.72 82.199.68.72	15830 (EQUINIX-C...) (EQUINIX-CONNECT)
1 1	54.205.87.49 54.205.87.49	14618 (AMAZON-AES) (AMAZON-AES)
3 3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	3.216.128.157 3.216.128.157	14618 (AMAZON-AES) (AMAZON-AES)
1	54.228.36.200 54.228.36.200	16509 (AMAZON-02) (AMAZON-02)
2 2	99.86.241.13 99.86.241.13	16509 (AMAZON-02) (AMAZON-02)
2 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	65.9.66.70 65.9.66.70	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1 1	45.79.188.190 45.79.188.190	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	34.199.206.100 34.199.206.100	14618 (AMAZON-AES) (AMAZON-AES)
280	71

2 23.227.38.74 (Canada)

ASN13335 (CLOUDFLARENET, US)

www.herocosmetics.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:152c (United States)

ASN13335 (CLOUDFLARENET, US)

js.taplytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a04:4e42:600::268 (United States)

ASN54113 (FASTLY, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:8000:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.6.60 (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.quadpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6600:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.198.244.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-244-47.compute-1.amazonaws.com

api.taplytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

ssapi.herocosmetics.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.58.162 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 162.58.120.34.bc.googleusercontent.com

shopify-gtm-suite.getelevar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.254.71 (United States)

ASN13335 (CLOUDFLARENET, US)

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:20::681a:44f (United States)

ASN13335 (CLOUDFLARENET, US)

images.accentuate.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.245.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-245-69.vie50.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:28c::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.186.224 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-224.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.121.8.176 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.129.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

app.swellrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

o120794.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.235.23 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 23.235.186.35.bc.googleusercontent.com

cdn4.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.241.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-30.vie50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.241.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-20.vie50.r.cloudfront.net

telemetrics.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.217 (United States)

ASN54113 (FASTLY, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player-telemetry.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:26f0:6c00::210:ba09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

180vod-adaptive.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.34.183 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 183.34.211.130.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.2.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-2-16.vie50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.2.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-2-38.vie50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:188::1d72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-loyalty.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4adc (United States)

ASN13335 (CLOUDFLARENET, US)

loader.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.61.66.40 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bingshoppingtool-t2app-prod.trafficmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211a:fa00:13:ebea:dc0:21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d2wa25pztvmofr.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.49.110 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:3c8f (United States)

ASN13335 (CLOUDFLARENET, US)

app.backinstock.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.99.135.134 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

geoip-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.2.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-2-92.vie50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 54.239.17.112 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.223 (Los Angeles, United States)

ASN15133 (EDGECAST, US)

cdn-swell-assets.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.150.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-150-149.eu-central-1.compute.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:b13 (United States)

ASN13335 (CLOUDFLARENET, US)

popup.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.99.241 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.29.5 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-29-5.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.158.103 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-158-103.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.153.71 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-153-71.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.209.84 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:16e5:e760:b671:d648 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.239.11 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-239-11.vie50.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.207.76.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-76-245.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.224.141 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.49.17 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.241 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.199.68.72 (Netherlands) 1 redirects

ASN15830 (EQUINIX-CONNECT, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.205.87.49 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.128.157 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.36.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-36-200.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.241.13 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-13.vie50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Hjørring, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.53 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.70 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.placed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.188.190 (Cedar Knolls, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.132 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.199.206.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-206-100.compute-1.amazonaws.com

ping.taplytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	shopify.com cdn.shopify.com	2 MB
32	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	14 KB
21	vimeocdn.com f.vimeocdn.com fresnel.vimeocdn.com i.vimeocdn.com	392 KB
19	accentuate.io images.accentuate.io	645 KB
16	akamaized.net 180vod-adaptive.akamaized.net	6 MB
15	klaviyo.com static.klaviyo.com fast.a.klaviyo.com static-forms.klaviyo.com telemetrics.klaviyo.com	211 KB
13	googletagmanager.com www.googletagmanager.com	46 KB
12	google-analytics.com www.google-analytics.com	20 KB
8	shopifysvc.com monorail-edge.shopifysvc.com	2 KB
7	vimeo.com player.vimeo.com vimeo.com player-telemetry.vimeo.com	43 KB
6	doubleclick.net 3 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	3 KB
5	yotpo.com staticw2.yotpo.com cdn-loyalty.yotpo.com cdn-swell-assets.yotpo.com p.yotpo.com	347 KB
5	tiktok.com analytics.tiktok.com	68 KB
5	taplytics.com js.taplytics.com api.taplytics.com ping.taplytics.com	34 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com cms.analytics.yahoo.com	3 KB
4	pinterest.com ct.pinterest.com	2 KB
4	pinimg.com s.pinimg.com	36 KB
3	bing.com bat.bing.com	9 KB
3	google.de www.google.de	693 B
3	google.com www.google.com	464 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
3	cloudfront.net 1 redirects d2wy8f7a9ursnm.cloudfront.net d2wa25pztvmofr.cloudfront.net	15 KB
3	herocosmetics.us www.herocosmetics.us ssapi.herocosmetics.us	122 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	529 B
2	tapad.com 2 redirects pixel.tapad.com	951 B
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	semasio.net 2 redirects uipglob.semasio.net	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	openx.net 2 redirects us-u.openx.net	619 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com	738 B
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	497 B
2	serving-sys.com 2 redirects bs.serving-sys.com lm.serving-sys.com	990 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	adform.net 2 redirects c1.adform.net	999 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	659 B
2	bidswitch.net 2 redirects x.bidswitch.net	884 B
2	adsrvr.org 2 redirects match.adsrvr.org	909 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	bluekai.com 2 redirects tags.bluekai.com	2 KB
2	snapchat.com tr.snapchat.com	410 B
2	geoip-db.com 1 redirects geoip-db.com	392 B
2	wisepops.com loader.wisepops.com popup.wisepops.com	17 KB
2	facebook.com www.facebook.com	339 B
2	facebook.net connect.facebook.net	99 KB
2	sentry.io o120794.ingest.sentry.io	944 B
2	typekit.net use.typekit.net p.typekit.net	1 KB
2	bugsnag.com sessions.bugsnag.com	140 B
2	getelevar.com shopify-gtm-suite.getelevar.com	51 KB
2	unpkg.com unpkg.com	38 KB
2	cloudflare.com cdnjs.cloudflare.com	24 KB
1	taboola.com 1 redirects sync.taboola.com	326 B
1	ispot.tv 1 redirects pi.ispot.tv	345 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com	612 B
1	exelator.com loadus.exelator.com	324 B
1	placed.com 1 redirects pixel.placed.com	567 B
1	rubiconproject.com 1 redirects token.rubiconproject.com	332 B
1	mookie1.com 1 redirects odr.mookie1.com	601 B
1	samba.tv 1 redirects ads.samba.tv	292 B
1	samplicio.us usersync.samplicio.us	263 B
1	imdb.com 1 redirects www.imdb.com	889 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com	763 B
1	zeotap.com spl.zeotap.com	731 B
1	tremorhub.com amazon.partners.tremorhub.com	183 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	484 B
1	agkn.com 1 redirects aa.agkn.com	338 B
1	t.co t.co	454 B
1	twitter.com analytics.twitter.com	659 B
1	reddit.com alb.reddit.com	125 B
1	googleapis.com fonts.googleapis.com	642 B
1	sc-static.net sc-static.net	6 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	redditstatic.com www.redditstatic.com	6 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	backinstock.org app.backinstock.org	16 KB
1	amazonaws.com s3.amazonaws.com	2 KB
1	trafficmanager.net bingshoppingtool-t2app-prod.trafficmanager.net	203 B
1	mixpanel.com api-js.mixpanel.com	349 B
1	mxpnl.com cdn4.mxpnl.com	25 KB
1	swellrewards.com app.swellrewards.com	915 B
1	shop.app shop.app	1 KB
1	attn.tv cdn.attn.tv	376 B
1	quadpay.com widgets.quadpay.com	11 KB
1	dwin1.com www.dwin1.com	9 KB
0	survata.com Failed px.surveywall-api.survata.com Failed
280	86

	Domain	Requested by
49	cdn.shopify.com	www.herocosmetics.us cdn.shopify.com
32	s.amazon-adsystem.com	1 redirects www.herocosmetics.us s.amazon-adsystem.com
19	images.accentuate.io	www.herocosmetics.us
16	180vod-adaptive.akamaized.net	f.vimeocdn.com
13	fresnel.vimeocdn.com	f.vimeocdn.com
13	www.googletagmanager.com	ssapi.herocosmetics.us www.herocosmetics.us
12	www.google-analytics.com	ssapi.herocosmetics.us cdn.shopify.com www.googletagmanager.com www.herocosmetics.us
12	static.klaviyo.com	www.herocosmetics.us static.klaviyo.com
8	monorail-edge.shopifysvc.com	cdn.shopify.com
6	f.vimeocdn.com	player.vimeo.com
5	analytics.tiktok.com	cdn.shopify.com analytics.tiktok.com
4	ct.pinterest.com	cdn.shopify.com www.herocosmetics.us
4	s.pinimg.com	cdn.shopify.com s.pinimg.com ssapi.herocosmetics.us
4	player.vimeo.com	www.herocosmetics.us
3	cm.g.doubleclick.net	3 redirects
3	ups.analytics.yahoo.com	3 redirects
3	bat.bing.com	ssapi.herocosmetics.us bat.bing.com
3	www.google.de	www.herocosmetics.us
3	www.google.com	www.herocosmetics.us
2	ping.taplytics.com	cdn.shopify.com
2	image6.pubmatic.com	2 redirects
2	pixel.tapad.com	2 redirects
2	ib.adnxs.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	us-u.openx.net	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	t.myvisualiq.net	2 redirects
2	pixel.advertising.com	2 redirects
2	x.bidswitch.net	2 redirects
2	match.adsrvr.org	2 redirects
2	sync.1rx.io	2 redirects
2	tags.bluekai.com	2 redirects
2	tr.snapchat.com
2	geoip-db.com	1 redirects
2	d2wa25pztvmofr.cloudfront.net	1 redirects
2	staticw2.yotpo.com	www.herocosmetics.us staticw2.yotpo.com
2	www.facebook.com	www.herocosmetics.us
2	stats.g.doubleclick.net	cdn.shopify.com
2	player-telemetry.vimeo.com	f.vimeocdn.com
2	i.vimeocdn.com	player.vimeo.com
2	connect.facebook.net	www.herocosmetics.us connect.facebook.net
2	o120794.ingest.sentry.io	shopify-gtm-suite.getelevar.com
2	sessions.bugsnag.com	cdn.shopify.com
2	shopify-gtm-suite.getelevar.com	www.herocosmetics.us shopify-gtm-suite.getelevar.com
2	api.taplytics.com	js.taplytics.com
2	unpkg.com	www.herocosmetics.us
2	cdnjs.cloudflare.com	www.herocosmetics.us
2	www.herocosmetics.us	cdn.shopify.com
1	sync.taboola.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	pixel.placed.com	1 redirects
1	token.rubiconproject.com	1 redirects
1	beacon.krxd.net	s.amazon-adsystem.com
1	usermatch.krxd.net	1 redirects
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	spl.zeotap.com	s.amazon-adsystem.com
1	cms.analytics.yahoo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	s.amazon-adsystem.com
1	sync.targeting.unrulymedia.com	1 redirects
1	aa.agkn.com	1 redirects
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	alb.reddit.com
1	fonts.googleapis.com	staticw2.yotpo.com
1	popup.wisepops.com	cdn.shopify.com
1	p.yotpo.com
1	cdn-swell-assets.yotpo.com	cdn-loyalty.yotpo.com
1	sc-static.net	www.herocosmetics.us
1	static.ads-twitter.com	ssapi.herocosmetics.us
1	www.redditstatic.com	ssapi.herocosmetics.us
1	www.googleadservices.com	ssapi.herocosmetics.us
1	app.backinstock.org	www.herocosmetics.us
1	s3.amazonaws.com	www.herocosmetics.us
1	bingshoppingtool-t2app-prod.trafficmanager.net	www.herocosmetics.us
1	cdn-loyalty.yotpo.com	www.herocosmetics.us
1	loader.wisepops.com	www.herocosmetics.us
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	api-js.mixpanel.com	cdn.shopify.com
1	p.typekit.net	use.typekit.net
1	vimeo.com	f.vimeocdn.com
1	telemetrics.klaviyo.com	cdn.shopify.com
1	static.hotjar.com	ssapi.herocosmetics.us
1	cdn4.mxpnl.com	www.herocosmetics.us
1	app.swellrewards.com	cdn.shopify.com
1	use.typekit.net	www.herocosmetics.us
1	static-forms.klaviyo.com	cdn.shopify.com
1	fast.a.klaviyo.com	cdn.shopify.com
1	d2wy8f7a9ursnm.cloudfront.net	cdn.shopify.com
1	shop.app	cdn.shopify.com
1	ssapi.herocosmetics.us	www.herocosmetics.us
1	cdn.attn.tv	www.herocosmetics.us
1	widgets.quadpay.com	www.herocosmetics.us
1	www.dwin1.com	www.herocosmetics.us
1	js.taplytics.com	www.herocosmetics.us
0	px.surveywall-api.survata.com Failed	s.amazon-adsystem.com
280	109

This site contains links to these domains. Also see Links.

Domain
support.herocosmetics.us
www.instagram.com
www.facebook.com
twitter.com
www.youtube.com
www.tiktok.com
herocosmetics.us

Subject Issuer	Validity	Valid
www.herocosmetics.us R3	`2021-05-06` - `2021-08-04`	3 months	crt.sh
taplytics.com Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
cdn.shopify.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.dwin1.com Amazon	`2020-12-04` - `2022-01-02`	a year	crt.sh
static.klaviyo.com R3	`2021-05-28` - `2021-08-26`	3 months	crt.sh
*.attn.tv Amazon	`2021-03-08` - `2022-04-06`	a year	crt.sh
*.taplytics.com Amazon	`2020-11-20` - `2021-12-19`	a year	crt.sh
ssapi.herocosmetics.us GTS CA 1D4	`2021-06-03` - `2021-09-01`	3 months	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-21` - `2022-06-22`	a year	crt.sh
shopify-gtm-suite.getelevar.com GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
shop.app Cloudflare Inc ECC CA-3	`2020-09-10` - `2021-09-10`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.tiktok.com RapidSSL RSA CA 2018	`2019-11-14` - `2022-01-12`	2 years	crt.sh
fast.a.klaviyo.com R3	`2021-05-28` - `2021-08-26`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh
monorail-edge.shopifysvc.com R3	`2021-06-08` - `2021-09-06`	3 months	crt.sh
static-forms.klaviyo.com R3	`2021-05-06` - `2021-08-04`	3 months	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-05`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.swellrewards.com Amazon	`2020-08-20` - `2021-09-20`	a year	crt.sh
*.ingest.sentry.io R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.mxpnl.com RapidSSL RSA CA 2018	`2019-07-29` - `2021-07-28`	2 years	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
telemetrics.klaviyo.com Amazon	`2020-11-14` - `2021-12-13`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.yotpo.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-02`	a year	crt.sh
bingshoppingtool-t2app-prod.trafficmanager.net Microsoft RSA TLS CA 01	`2020-11-24` - `2021-11-24`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
backinstock.org Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
geoip-db.com R3	`2021-05-27` - `2021-08-25`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.samplicio.us Amazon	`2021-04-17` - `2022-05-16`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh

This page contains 8 frames:

Primary Page: https://www.herocosmetics.us/
Frame ID: FF669B94F601E1882C17B3C1A8C6D33E
Requests: 192 HTTP requests in this frame

Frame: https://player.vimeo.com/video/560977357?background=true
Frame ID: 478156A35D7A205442C4CAE5632F842B
Requests: 20 HTTP requests in this frame

Frame: https://player.vimeo.com/video/560970006?background=true
Frame ID: F19FBAC4A67F65C9FB36E90BA7A7A10C
Requests: 22 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 8509ED1973BCCA92FEB70A120FA3ED5B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=953764205503279400&dcc=t
Frame ID: 2384CF40C7C613903E986237AAF87805
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=0470dae7-028b-4609-a07a-65a3ee776aed
Frame ID: E9B4AF11CB127EF0172921BAF74CEF85
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: AFC6DCDB6DF8A960DBB5CEFB912918C5
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Frame ID: 28599DDE94EC9456C071238488B385C2
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

280
Requests

100 %
HTTPS

30 %
IPv6

86
Domains

109
Subdomains

71
IPs

8
Countries

10891 kB
Transfer

16239 kB
Size

33
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://support.herocosmetics.us/hc/en-us
Title: FAQ

Search URL Search Domain Scan URL

URL: https://support.herocosmetics.us/hc/en-us/requests/new
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.instagram.com/herocosmetics/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/herocosmetics/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/herocosmetics/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0wZCPILuEVZaTPCUutXPag
Title:

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@herocosmetics
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/colewhittington/

Search URL Search Domain Scan URL

URL: https://herocosmetics.us/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/anelletarke/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CO5_U_EMC1x/?utm_source=ig_web_copy_link

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CNlHtjujwjM/?utm_source=ig_web_copy_link

Search URL Search Domain Scan URL

URL: https://www.instagram.com/always.amberina/

Search URL Search Domain Scan URL

URL: https://support.herocosmetics.us/
Title: FAQ

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 173

https://d2wa25pztvmofr.cloudfront.net/script.js?shop=tbate.myshopify.com HTTP 302
https://d2wa25pztvmofr.cloudfront.net/static/script-5b12bcca2d4f195a2c3d.js

Request Chain 176

https://geoip-db.com/jsonp?callback=callback&_=1623602600854 HTTP 301
https://geoip-db.com/jsonp/?callback=callback&_=1623602600854

Request Chain 183

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=953764205503279400 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=953764205503279400&dcc=t

Request Chain 219

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1621550208998%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=H8q91y9999OerLjQ

Request Chain 220

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=164850903816000446069&ex=neustar.biz

Request Chain 221

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1556276447 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1556276447 HTTP 302
https://sync.1rx.io/usersync/tradedesk/1fa01fc0-1992-4b83-a249-21a4a6641ff4 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-6a1ee1a4-4e2e-4ce4-9c75-fea60dc8604d-003?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-6a1ee1a4-4e2e-4ce4-9c75-fea60dc8604d-003%26ex%3Drhythmone.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=RX-6a1ee1a4-4e2e-4ce4-9c75-fea60dc8604d-003&ex=rhythmone.com

Request Chain 222

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=29b2ff13a12c9e817b645be2c8aa569a

Request Chain 223

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=GxqzB99999OerLjQ

Request Chain 224

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1 HTTP 302
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP77a9d031-cc66-11eb-a110-027f52746190 HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP77a9d031-cc66-11eb-a110-027f52746190&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?id=45eb3953cfefd33262fefae33815c8bc7d198f35&ex=aoldisplay.com

Request Chain 225

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=8a9a7163-0eff-4242-ad8f-b8577ff71a7f

Request Chain 229

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=52c4ddbb9568e069708ff84035bf6bf1&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 230

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 232

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=daeca08e37c58fbc

Request Chain 233

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=UJwbt5BqS56pjFCSWiB-6w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=UJwbt5BqS56pjFCSWiB-6w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=35461841383223639850177211011731726531

Request Chain 234

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=eZ54txc4QbqGAwNHg1OYew HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812368650086053379&gdpr=&gdpr_consent=

Request Chain 236

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4585898383299043405

Request Chain 237

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=783056ce-cc66-11eb-aab0-1e87ce780206 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=7830568f-cc66-11eb-aab0-1e87ce780206

Request Chain 238

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22f0f32db1-e0ef-43a3-bb07-db8cca424a8b%22,%22Time%22:%2220210613T124324.093719%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f0f32db1-e0ef-43a3-bb07-db8cca424a8b

Request Chain 239

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESENHKsk_x0dTG-sW46YvW4gM&google_cver=1

Request Chain 240

https://usermatch.krxd.net/um/v2?partner=amzn HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

Request Chain 241

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=36a08b0b04113227a0316041ed6db1dc

Request Chain 242

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=2bec81a0-7fac-c9a1-2c7f-4da9ffcab980

Request Chain 243

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KZQCnToY14njEfChv2AGszc4dKU4ZgIC

Request Chain 244

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=1E4B1FC8FE8C2A94

Request Chain 245

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5971342039064208068&ex=appnexus.com

Request Chain 246

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=Qhh6iVRkyV1GhOCR79Qakg&ex=rubiconproject.com&status=ok

Request Chain 247

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Nv-hc1FGRrmOQ4LwEquYGQ& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Nv-hc1FGRrmOQ4LwEquYGQ&google_tc= HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 248

https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-f8b4a22e-5332-4e93-9c0a-a61442945a23&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-f8b4a22e-5332-4e93-9c0a-a61442945a23 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-f8b4a22e-5332-4e93-9c0a-a61442945a23&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-f8b4a22e-5332-4e93-9c0a-a61442945a23 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-f8b4a22e-5332-4e93-9c0a-a61442945a23

Request Chain 250

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BEBC4F2DAD35C660D93CD33B02F5D16C

Request Chain 251

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-32eiRWtE2uSfV.9L03idMo0uHDvx3_s-

Request Chain 252

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=abf64e6f36034f1d7010a556478836dbf295f5f12d369d94ad12721732fecb68

Request Chain 253

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=2DC191A9-71E1-4C4C-BCCE-A9760049A52A

Request Chain 254

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=9a92c0b9-a333-42c0-884b-0e2bc0fd7b31-tuct7bfbb2d

280 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.herocosmetics.us/ 142 KB
28 KB 340ms
202ms Document
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77e300ad2ffb8b9fe32be977a08b078f5c00ce499daf9cb1361b8a615c020236

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.herocosmetics.us
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:20 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 41
x-sorting-hat-shopid: 21814481
x-storefront-renderer-rendered: 1
set-cookie: secure_customer_sig=; path=/; expires=Mon, 13 Jun 2022 16:43:20 GMT; secure; HttpOnly _shopify_country=Poland; path=/; expires=Sun, 13 Jun 2021 17:13:20 GMT cart_currency=USD; path=/; expires=Sun, 27 Jun 2021 16:43:20 GMT _orig_referrer=; Expires=Sun, 27-Jun-21 16:43:20 GMT; Domain=herocosmetics.us; Path=/; HttpOnly; SameSite=Lax _landing_page=%2F; Expires=Sun, 27-Jun-21 16:43:20 GMT; Domain=herocosmetics.us; Path=/; HttpOnly; SameSite=Lax _y=116cf14a-a102-4b39-b8db-84ff18332463; Expires=Mon, 13-Jun-22 16:43:20 GMT; Domain=herocosmetics.us; Path=/; SameSite=Lax _s=d66b6aac-c8dc-43f3-a00a-6e9911439665; Expires=Sun, 13-Jun-21 17:13:20 GMT; Domain=herocosmetics.us; Path=/; SameSite=Lax _shopify_y=116cf14a-a102-4b39-b8db-84ff18332463; Expires=Mon, 13-Jun-22 16:43:20 GMT; Domain=herocosmetics.us; Path=/; SameSite=Lax _shopify_s=d66b6aac-c8dc-43f3-a00a-6e9911439665; Expires=Sun, 13-Jun-21 17:13:20 GMT; Domain=herocosmetics.us; Path=/; SameSite=Lax
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-alternate-cache-key: cacheable:c86bab18ec73e9848005cf2083eb78e3
x-cache: hit, server
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
strict-transport-security: max-age=7889238
x-shopid: 21814481
x-shardid: 41
vary: Accept
content-language: en
x-shopify-stage: production
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-request-id: 473c297e-7618-4a49-8818-c5c920272e52
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
cf-cache-status: DYNAMIC
cf-request-id: 0aa7dab04d00000c59b3a1d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65ecc6fa19380c59-AMS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 5dae9c5346204c8f803d17532ebc5776.min.js Show response
js.taplytics.com/jssdk/ 105 KB
33 KB 395ms
367ms Script
application/javascript 2606:4700::6811:152c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.taplytics.com/jssdk/5dae9c5346204c8f803d17532ebc5776.min.js?sync=true
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:152c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 783784d4772fa92b03cedd30dc415ffafcc77e2b2b10d5d7cf0226629904abda

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 13 Jun 2021 16:43:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cf-ray: 65ecc6fb6cbdd6f5-FRA
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-ACCESS-TOKEN
cf-request-id: 0aa7dab1200000d6f53515b000000001

GET
H2 200 load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 9 KB
4 KB 39ms
12ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4064-HHN /

Resource Hash

a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.herocosmetics.us
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
edge-cache-tag: mime-application/javascript,source-GcsBackend,segment2-185,segment4-47496,revision-4eb854e75ebaebbee861b95246c01bb5ae7be00e,cdn-shopify-com-shopifycloud-shopify-assets-storefront-load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb
x-cache: HIT, HIT
content-length: 2777
x-xss-protection: 1; mode=block
x-request-id: d0535f2c9d2ec085668a18bb5a49694cb9bfd178841af8ed998358460da86477
x-served-by: cache-lga13627-LGA, cache-hhn4064-HHN
last-modified: Tue, 18 May 2021 19:26:10 GMT
server: cache-hhn4064-HHN
x-timer: S1623602600.231481,VS0,VE0
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 26 May 2022 18:27:24 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js>; rel="canonical"
x-cache-hits: 1, 576572

GET
H2 200 storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/ 49 KB
17 KB 27ms
27ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js?v=20210208

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4064-HHN /

Resource Hash

b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.herocosmetics.us
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 17353
x-xss-protection: 1; mode=block
x-request-id: dbb531a1a0cdc89a1826d7c64697eb318417448097908be403ade67d045eb1e5
x-served-by: cache-lga21927-LGA, cache-hhn4064-HHN
last-modified: Mon, 01 Feb 2021 19:33:42 GMT
server: cache-hhn4064-HHN
x-timer: S1623602600.258199,VS0,VE0
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:39:13 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js>; rel="canonical"
x-cache-hits: 26695, 251862

GET
H2 200 features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 37 KB
13 KB 15ms
15ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4064-HHN /

Resource Hash

87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.herocosmetics.us
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
edge-cache-tag: mime-application/javascript,source-GcsBackend,segment2-165,segment4-42351,revision-dcc7fde3526707fd0500f2cd27f250b40a46b3d2,cdn-shopify-com-shopifycloud-shopify-assets-storefront-features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
x-cache: HIT, HIT
content-length: 12298
x-xss-protection: 1; mode=block
x-request-id: b206688006e9a24a53f0744f15ef1a4aa169b88eefba29b61f0ecde4ef2403bb
x-served-by: cache-lga21930-LGA, cache-hhn4064-HHN
last-modified: Fri, 16 Oct 2020 15:31:32 GMT
server: cache-hhn4064-HHN
x-timer: S1623602600.281994,VS0,VE0
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 11 May 2022 21:58:18 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
x-cache-hits: 1221, 561027

GET
H2 200 home.css
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 121 KB
16 KB 40ms
13ms Stylesheet
text/css 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css?v=9000758215983734236

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

902a824ee9f45f74553e9ddad0fe0351f314ecaa27dfd1bb2b0f6fe45cf53874

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 15896
x-xss-protection: 1; mode=block
x-request-id: d48b9c1f21bad47224054302cc9c038b9f88921d6e44c630257a53e3e5404da9
x-served-by: cache-lga21975-LGA, cache-fra19160-FRA
last-modified: Wed, 09 Jun 2021 19:59:19 GMT
server: cache-fra19160-FRA
x-timer: S1623602600.231299,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Thu, 09 Jun 2022 19:59:45 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 icon-close.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 538 B
657 B 13ms
13ms Image
image/svg+xml 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-close.svg?v=8812735099044301167

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

dc131657068707ac57506e3053ea092a346e7364ec91bc922b4f78921e73a9e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
edge-cache-tag: mime-image/svg+xml,source-ShopAssetsBackend,segment2-4,segment4-1216,revision-19ef6ff79ece7df406c8b12ee3ad2b8ab5f07f78,cdn-shopify-com-s-files-1-2181-4481-t-34-assets-icon-close-svg,shop-21814481
x-cache: HIT, HIT
content-length: 230
x-xss-protection: 1; mode=block
x-request-id: cfa21d2ae6df83dfff716e54ed5c5922b874837b9601f27696b447d99cd4135e
x-served-by: cache-lga21956-LGA, cache-fra19160-FRA
last-modified: Tue, 02 Feb 2021 23:35:57 GMT
server: cache-fra19160-FRA
x-timer: S1623602600.297796,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sat, 07 May 2022 04:59:40 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-close.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Blemish_Pastches.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 44 KB
44 KB 14ms
13ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Blemish_Pastches.jpg?v=1619114435

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

7eb87661521cbb7369647c7802e6c6337fc80cb6b5b60fd0367be34840385a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 44658
x-xss-protection: 1; mode=block
x-request-id: 01b38c95ccaa3cf60259f1f12deb3852238dff05f677dae689152c5987c0db69
x-served-by: cache-lga21941-LGA, cache-fra19160-FRA
last-modified: Tue, 08 Jun 2021 10:43:46 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.617800,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:43:45 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Blemish_Pastches.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Daily_Care_267c8d81-81cc-4a3a-91c6-41c197c3733e.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 47 KB
47 KB 14ms
14ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Daily_Care_267c8d81-81cc-4a3a-91c6-41c197c3733e.jpg?v=1619114435

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

5fc989ccff2af15a5d8202ad64a62e15411c78915b4005e26ba3984d0f9d4770

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 47798
x-xss-protection: 1; mode=block
x-request-id: ec42fab433711f31f3bc413c589d676eb31580b8e620122a774f1b431dcb5c90
x-served-by: cache-lga21975-LGA, cache-fra19160-FRA
last-modified: Tue, 08 Jun 2021 10:44:29 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.635541,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:44:29 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Daily_Care_267c8d81-81cc-4a3a-91c6-41c197c3733e.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Post_blemish.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 50 KB
50 KB 14ms
13ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Post_blemish.jpg?v=1619114435

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

745e280a74e1ad3eaff7092934051d32882b92b3cc4921ff714068e7b73fab24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 51020
x-xss-protection: 1; mode=block
x-request-id: fd0ac125f7988e5e3587e8b7355168f12fd8fa140cc63b17b7e4e9c5fe9f6e8e
x-served-by: cache-lga21964-LGA, cache-fra19160-FRA
last-modified: Tue, 08 Jun 2021 10:42:12 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.652416,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:42:11 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Post_blemish.jpg>; rel="canonical"
x-cache-hits: 2, 1

GET
H2 200 Shop_All_cf0a151a-ca4a-4d19-a48c-82a81074ae09.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 81 KB
82 KB 14ms
13ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Shop_All_cf0a151a-ca4a-4d19-a48c-82a81074ae09.jpg?v=1619114435

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

38ea8af607c6f3dd8c07fa1d027010c4382d8037a026d0492817648e1a4ce8f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 83120
x-xss-protection: 1; mode=block
x-request-id: 85c7e11317caac279ccc6fa59c688a049fe191e9107273500bde6a1ca3ef732a
x-served-by: cache-lga21973-LGA, cache-fra19160-FRA
last-modified: Tue, 08 Jun 2021 10:44:29 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.669331,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:44:29 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Shop_All_cf0a151a-ca4a-4d19-a48c-82a81074ae09.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 icon-chev-right.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 408 B
795 B 13ms
13ms Image
image/svg+xml 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-chev-right.svg?v=2731603306874830471

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

dbe74252035fd1cda8b03e76098b49b0530e2e9470b004549f628b1e840e6694

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 221
x-xss-protection: 1; mode=block
x-request-id: 3388340875d53f62c0bac4587cfaa2272522c1321bdc960c4575e91088eca194
x-served-by: cache-lga21924-LGA, cache-fra19160-FRA
last-modified: Tue, 02 Feb 2021 23:35:56 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.687345,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:40:56 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-chev-right.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 icon-chev-left.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 371 B
456 B 13ms
13ms Image
image/svg+xml 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-chev-left.svg?v=17693300543743243984

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

570c18a72f8c237ee28c78cc10ac99cece43c0b4a95aa2afd497dd70716dc5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 196
x-xss-protection: 1; mode=block
x-request-id: 4a72e0ecf8c4797368f82bd63dd632e9fd2b9b002213398e4ef337aec2cf0905
x-served-by: cache-lga21967-LGA, cache-fra19160-FRA
last-modified: Tue, 02 Feb 2021 23:35:56 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.703769,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:41:54 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-chev-left.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Refinery29_166x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 2 KB
3 KB 13ms
13ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Refinery29_166x.png?v=1611676115

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

deac7e66c014fc3fb33614f3878d9ca2c2fbfce2ffd80ad6a2355875a0f4ba96

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 2376
x-xss-protection: 1; mode=block
x-request-id: 63af1d4306caab9d6f9c61be68a8869a7cbd2bbf6ecabdb3d4aaedf4e6650d66
x-served-by: cache-lga21944-LGA, cache-fra19160-FRA
last-modified: Wed, 09 Jun 2021 04:29:44 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.715068,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 09 Jun 2022 04:29:44 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Refinery29_166x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Beauty-Insider_166x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 3 KB
4 KB 20ms
15ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Beauty-Insider_166x.png?v=1611676074

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

7ea208827e3e7bd45aa4791bc24e24829e43ce868ae98aae1b64716385fc715a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 3100
x-xss-protection: 1; mode=block
x-request-id: 80e43fe27fa92f5adc17a0bb8a00b6573c722647a0f5cefc07c27cc870fe21a4
x-served-by: cache-lga21959-LGA, cache-fra19160-FRA
last-modified: Tue, 08 Jun 2021 10:52:33 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.740595,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:52:33 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Beauty-Insider_166x.png>; rel="canonical"
x-cache-hits: 2, 1

GET
H2 200 hypebae_166x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 2 KB
2 KB 21ms
14ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/hypebae_166x.png?v=1611676165

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

6cc4b32de9ef6161a9bc1ed62866cdd378336356887adccd57858eb4f939f9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 2092
x-xss-protection: 1; mode=block
x-request-id: 368a23d295a63d7843c79c3f4e5f571496c0685d04ef7bdb5818e2e78b60d3cc
x-served-by: cache-lga21955-LGA, cache-fra19160-FRA
last-modified: Tue, 08 Jun 2021 10:52:32 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.741563,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:52:32 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/hypebae_166x.png>; rel="canonical"
x-cache-hits: 2, 1

GET
H2 200 skin-barrier_ee77332e-43f5-4749-bb82-7b74302948fe_405x225_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/articles/ 71 KB
72 KB 21ms
15ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/articles/skin-barrier_ee77332e-43f5-4749-bb82-7b74302948fe_405x225_crop_center@2x.jpg?v=1623092030

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

4b42c70c2b6b253fc35648597747742c5e9f1dd8f7c5dd234a229af651b66763

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 73114
x-xss-protection: 1; mode=block
x-request-id: f682c072f855d3883ef28cfce38a110aab5ef70415df7c2a5f23ead40155e251
x-served-by: cache-lga21925-LGA, cache-fra19160-FRA
last-modified: Wed, 09 Jun 2021 06:02:26 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.741547,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 09 Jun 2022 06:02:26 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/articles/skin-barrier_ee77332e-43f5-4749-bb82-7b74302948fe_405x225_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Your-go-to-mini-emergency-skincare-trio_405x225_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/articles/ 29 KB
29 KB 28ms
22ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/articles/Your-go-to-mini-emergency-skincare-trio_405x225_crop_center@2x.jpg?v=1621446305

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

a78b92b5fc3064fa6354d8ec0b9e32ed922476429358e832ba78f18b7d27a4a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 29600
x-xss-protection: 1; mode=block
x-request-id: 6e48dacc78534674f6eec89de6dbff9dee3a4ec81acf188e4e958fe8d2bec776
x-served-by: cache-lga21959-LGA, cache-fra19160-FRA
last-modified: Tue, 08 Jun 2021 10:38:55 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742534,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:38:55 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/articles/Your-go-to-mini-emergency-skincare-trio_405x225_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 270, 1

GET
H2 200 4-Clear-Collective-Hacks_36a4d7f5-f569-4957-9f4b-8efc875fce6c_405x225_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/articles/ 77 KB
78 KB 32ms
26ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/articles/4-Clear-Collective-Hacks_36a4d7f5-f569-4957-9f4b-8efc875fce6c_405x225_crop_center@2x.jpg?v=1621375250

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

cb574cb787673f8b80f0efb6796206b02cea7837e9ca92a7374ab670679f9f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 79250
x-xss-protection: 1; mode=block
x-request-id: b09b3757894aa2fbd6c66d5be3fd4de6335e19e9afe1458b0a6f55758545a724
x-served-by: cache-lga21943-LGA, cache-fra19160-FRA
last-modified: Tue, 08 Jun 2021 10:52:33 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742505,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:52:32 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/articles/4-Clear-Collective-Hacks_36a4d7f5-f569-4957-9f4b-8efc875fce6c_405x225_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 5-eastern-inspired-acne-skincare-_-wellness-tips_405x225_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/articles/ 37 KB
37 KB 26ms
20ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/articles/5-eastern-inspired-acne-skincare-_-wellness-tips_405x225_crop_center@2x.jpg?v=1619473690

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

00a99175a0eddb47e639c805b34621e0a9e4abade37d212fadf58d214372d20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 37652
x-xss-protection: 1; mode=block
x-request-id: e1a0cac07bb242e38dc28af8d5615f2447c873f315b0303b0cff00ccb67ef509
x-served-by: cache-lga21926-LGA, cache-fra19160-FRA
last-modified: Wed, 09 Jun 2021 04:28:01 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742486,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 09 Jun 2022 04:28:01 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/articles/5-eastern-inspired-acne-skincare-_-wellness-tips_405x225_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 windmills-sunflowers_405x225_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/articles/ 85 KB
86 KB 31ms
26ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/articles/windmills-sunflowers_405x225_crop_center@2x.jpg?v=1619103065

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

d6997e98801e62b3ebd16d24aa07ff2a61b32cf68418d9982ebcad93ae6bc122

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 86976
x-xss-protection: 1; mode=block
x-request-id: 2da28eb3c0dfcb2615d7225135984d8989e2f9a4df48a1a3305a32ae367a1d0a
x-served-by: cache-lga21926-LGA, cache-fra19160-FRA
last-modified: Tue, 08 Jun 2021 10:38:55 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742488,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:38:55 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/articles/windmills-sunflowers_405x225_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Screen_Shot_2021-06-01_at_11.57.45_AM_504x588_crop_center@2x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 193 KB
194 KB 32ms
27ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Screen_Shot_2021-06-01_at_11.57.45_AM_504x588_crop_center@2x.png?v=1622563309

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

91cf772cd44e8756f72bdd23c66cbc3d90c9f4a413630174cdc9e062849335aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 198008
x-xss-protection: 1; mode=block
x-request-id: 9666baa7ed53b4a26f4954496668075f980cf0e7ae62e1e41bae058dfcf8182e
x-served-by: cache-lga21978-LGA, cache-fra19160-FRA
last-modified: Wed, 09 Jun 2021 04:33:13 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742434,VS0,VE2
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 09 Jun 2022 04:33:13 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Screen_Shot_2021-06-01_at_11.57.45_AM_504x588_crop_center@2x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 HERO2_504x588_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 498 KB
499 KB 23ms
17ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/HERO2_504x588_crop_center@2x.jpg?v=1622582577

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

5120eec0790764797922dfb870c937b7cb342b682e2cd529804872be96ea895b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 510294
x-xss-protection: 1; mode=block
x-request-id: e1af8d9b45d33588e399b34703c0ea1fb941575538cb9ae22af5d31e89c08dcf
x-served-by: cache-lga13626-LGA, cache-fra19160-FRA
last-modified: Wed, 09 Jun 2021 06:02:27 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742416,VS0,VE0
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 09 Jun 2022 06:02:26 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/HERO2_504x588_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 200 Screen_Shot_2021-06-01_at_11.57.02_AM_504x588_crop_center@2x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 193 KB
193 KB 32ms
26ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Screen_Shot_2021-06-01_at_11.57.02_AM_504x588_crop_center@2x.png?v=1622563160

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

7dd020d86f193c29bdb549f2032bb94fd6a4198953091ad1b5f0ee7f972ea32d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 197246
x-xss-protection: 1; mode=block
x-request-id: 900f7aedf0248484ddfd026ca3f623f5462c780f0f774159646e92427208266b
x-served-by: cache-lga21927-LGA, cache-fra19160-FRA
last-modified: Tue, 08 Jun 2021 10:37:57 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742396,VS0,VE2
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:37:56 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Screen_Shot_2021-06-01_at_11.57.02_AM_504x588_crop_center@2x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 RB-Mini-in-hand_504x588_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 81 KB
82 KB 32ms
27ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/RB-Mini-in-hand_504x588_crop_center@2x.jpg?v=1621448442

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

a0d3dca392f666cddf8352f8a10199e9ae93d2afc53117e013fae88327489d28

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 82848
x-xss-protection: 1; mode=block
x-request-id: be5340769e03c6a28eacd86338260bdad647ed2839dedcb1bdf34d9d77e13181
x-served-by: cache-lga21950-LGA, cache-fra19160-FRA
last-modified: Tue, 01 Jun 2021 17:46:46 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742380,VS0,VE2
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 01 Jun 2022 17:46:45 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/RB-Mini-in-hand_504x588_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Frame_3_504x588_crop_center@2x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 161 KB
162 KB 32ms
27ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Frame_3_504x588_crop_center@2x.png?v=1621448417

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

dfe83bd7c16bf942110e8738c45005e773272ee751ac0022c1e87a35585fb1d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 165190
x-xss-protection: 1; mode=block
x-request-id: a27f2ca8485d75076ca13de0a1ac228b29476e8e999c37e4dbfe4596ad211f58
x-served-by: cache-lga21980-LGA, cache-fra19160-FRA
last-modified: Tue, 08 Jun 2021 10:52:32 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742370,VS0,VE2
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:52:32 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Frame_3_504x588_crop_center@2x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 always.amberina_504x588_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 107 KB
107 KB 27ms
22ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/always.amberina_504x588_crop_center@2x.jpg?v=1622582667

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

52b2329d1e5888abc91802b0e23ae1cdb4f42ee45419f1b105cadfb5427d8a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 109154
x-xss-protection: 1; mode=block
x-request-id: 68314d8a42ab160fc48bb3766da6aee8c1441089fb1cd88ea0b5751152b4f993
x-served-by: cache-lga21937-LGA, cache-fra19160-FRA
last-modified: Tue, 08 Jun 2021 10:52:33 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742353,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:52:32 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/always.amberina_504x588_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 icon-warning.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 783 B
616 B 22ms
18ms Image
image/svg+xml 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-warning.svg?v=12583636007603589187

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

6a3dbb230b9c333a39405f7dc4115a91bb3dcae67f68c76ac5c81451dc2f4ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 340
x-xss-protection: 1; mode=block
x-request-id: e7af77a04bc912cb5755efdae839cc69d23bf1b12a011300daca8fefb6d50c63
x-served-by: cache-lga21982-LGA, cache-fra19160-FRA
last-modified: Tue, 25 May 2021 18:38:45 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742330,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Thu, 09 Jun 2022 06:02:26 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-warning.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 icon-arrow-right-black.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 489 B
677 B 23ms
19ms Image
image/svg+xml 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-arrow-right-black.svg?v=16859636164420027916

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

4c718e6c04604e704e210624d400222cd989eb140a8b7ff479ced4f7c116e96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 263
x-xss-protection: 1; mode=block
x-request-id: b62987bf877802d6c0d7d20d06ca434da67d857232336ac4011dbf2ae21722c9
x-served-by: cache-lga21948-LGA, cache-fra19160-FRA
last-modified: Wed, 19 May 2021 15:44:25 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742307,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:54:41 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-arrow-right-black.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 warning.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 415 B
535 B 24ms
19ms Image
image/svg+xml 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/warning.svg?v=6090685077752278596

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

7d344c4345e9df8767626e58448d1286eb41a0fdbc9f1e6e6c4e2be7a74ca52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 254
x-xss-protection: 1; mode=block
x-request-id: 9b18c580e61c9cfad53bf378f4500f42bbd98ef5d94ae9fcba45f42119331d39
x-served-by: cache-lga21972-LGA, cache-fra19160-FRA
last-modified: Tue, 02 Feb 2021 23:37:00 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742284,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:40:57 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/warning.svg>; rel="canonical"
x-cache-hits: 2, 1

GET
H2 200 free-shipping.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 445 B
825 B 22ms
17ms Image
image/svg+xml 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/free-shipping.svg?v=5033123295007177537

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

7b3a311e463360814d373ee4ebd1f7ed7f2168953f50b409c5f0115d9bfe89e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 252
x-xss-protection: 1; mode=block
x-request-id: 2a0d4a97afcc6b95f8a7965a1e9b34fd60d963592aaaa6e1c05054356c109cab
x-served-by: cache-lga21969-LGA, cache-fra19160-FRA
last-modified: Tue, 02 Feb 2021 23:35:36 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742287,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:40:55 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/free-shipping.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 icon-coin-yellow-md.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 647 B
883 B 20ms
16ms Image
image/svg+xml 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-coin-yellow-md.svg?v=13281889291496749214

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

3fa4fd1e31aabb8a3ff5f8bbaae61c86fcb33566abfc08a3b9ff473eaff624d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 296
x-xss-protection: 1; mode=block
x-request-id: 3447955e468a3d72e0f46ca3713e308880e8a4dd543bb5bcb1fde2fa2fb3790f
x-served-by: cache-lga21939-LGA, cache-fra19160-FRA
last-modified: Tue, 02 Feb 2021 23:35:59 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742252,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:40:57 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-coin-yellow-md.svg>; rel="canonical"
x-cache-hits: 37, 1

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.0/ 61 KB
23 KB 47ms
21ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.6.0/gsap.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ed6cb466bd654fe36c57faacb1c88ad4e2793087431d6ffc5366961a4c978f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.herocosmetics.us
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1542884
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22265
cf-request-id: 0aa7dab18c00004abd11bbb000000001
timing-allow-origin: *
last-modified: Tue, 12 Jan 2021 06:17:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ffd3ef5-f398"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FJrfEIrK%2Bwb0ESNqP3eTxAq5xC1%2FQRuhb96uFLYDy8G9T0IQihJPKe4MRzIHtaMGw%2B1FCDcZzEi4amOTpV7fJ%2F3LrMPcqGRd9PxHaGSTUK9LAIYUC1YZbcyHDsfzeNuAzuI2QZuOGNfJASPSnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65ecc6fc18244abd-FRA
expires: Fri, 03 Jun 2022 16:43:20 GMT

GET
H2 200 swiper-bundle.min.js Show response
unpkg.com/swiper@6.6.2/ 141 KB
36 KB 115ms
97ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@6.6.2/swiper-bundle.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb23842e002864729d3e39cf25f636f55d6fce297c0154dd6b54d1f5b815d671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.herocosmetics.us
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:20 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2171706
fly-request-id: 01F62CZT1XGQREQPFRDWBPQVA5
content-encoding: br
vary: Accept-Encoding
cf-request-id: 0aa7dab1b800004e803f0cf000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"233d7-mZelZ23GqQ/jYOpc8MQCKmqF0Cg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65ecc6fc59354e80-FRA

GET
H3-29 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/ 2 KB
1 KB 36ms
26ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.herocosmetics.us
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7153081
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 701
cf-request-id: 0aa7dab2240000073e16bff000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-653"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=P%2F%2FqTA3px2j0E1eQ8k5HOD4Op%2Fcki874%2BSnT9jzuy%2FDiWAcC3OngqFDPdkZe%2BAn%2BT%2F9OpPsqLNh81KUGvSXOer%2FZes5%2FBZyHhaxfx9ph5SFHZ2teIsjIIRWhUHv2czR89N5bhei30JdTYM%2FBLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65ecc6fd0d0f073e-FRA
expires: Fri, 03 Jun 2022 16:43:20 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 86 KB
29 KB 13ms
13ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/jquery-3.4.1.min.js?v=16073738998526399014

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 29767
x-xss-protection: 1; mode=block
x-request-id: f6c3c7d9f46d23bb7f8b72d4969d1c0dd97f70606b8983d0761cd4ee6660de43
x-served-by: cache-lga21978-LGA, cache-fra19160-FRA
last-modified: Tue, 02 Feb 2021 23:36:27 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.518774,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:49:47 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/jquery-3.4.1.min.js>; rel="canonical"
x-cache-hits: 2, 1

GET
H2 200 api.jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/themes_support/ 6 KB
2 KB 12ms
12ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/api.jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
edge-cache-tag: mime-application/javascript,source-GcsBackend,segment2-144,segment4-36993,revision-dcc7fde3526707fd0500f2cd27f250b40a46b3d2,cdn-shopify-com-shopifycloud-shopify-assets-themes_support-api-jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301
x-cache: HIT, HIT
content-length: 1583
x-xss-protection: 1; mode=block
x-request-id: 46841aeb7a4980ce5d1d77b1df6440d9a216e261e69e81d2ec8c342b18d98ea1
x-served-by: cache-lga21966-LGA, cache-fra19160-FRA
last-modified: Fri, 16 Oct 2020 15:50:09 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.541275,VS0,VE0
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 11 May 2022 21:58:18 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/api.jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f.js>; rel="canonical"
x-cache-hits: 2, 37507

GET
H2 200 modernizr-2.7.1.min.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 9 KB
4 KB 13ms
13ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/modernizr-2.7.1.min.js?v=9797936173225597507

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

107dad5add93781ddf6c4562cc6da3dbe5b406bab97930e43df6d6c17a99af26

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
edge-cache-tag: mime-application/javascript,source-ShopAssetsBackend,segment2-35,segment4-9080,revision-b97d0749e6e56eaf5bdd2cc7789743f371464073,cdn-shopify-com-s-files-1-2181-4481-t-34-assets-modernizr-2-7-1-min-js,shop-21814481
x-cache: HIT, HIT
content-length: 3818
x-xss-protection: 1; mode=block
x-request-id: 95439e3e3ab523826db3dbcb82a3f0f4f8b45086fd0a6f06c4a3dcf065995f59
x-served-by: cache-lga21946-LGA, cache-fra19160-FRA
last-modified: Tue, 02 Feb 2021 23:36:35 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.555500,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Sun, 22 May 2022 05:51:36 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/modernizr-2.7.1.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 plugins.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 67 KB
20 KB 13ms
13ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/plugins.js?v=9930283815804661050

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

bf2cf0e0d7d2b13d1df01e0cd91a9d319acf0ccb9d8eabda3c3b0aa85b2bb0e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 20537
x-xss-protection: 1; mode=block
x-request-id: 86739bcb5b82182f6c397060d7dd241f9e4e4060209e663d022130934edd6acb
x-served-by: cache-lga21928-LGA, cache-fra19160-FRA
last-modified: Tue, 02 Feb 2021 23:36:42 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.570019,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 09 Jun 2022 04:21:55 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/plugins.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 vendorCritical.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 21 KB
8 KB 13ms
13ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/vendorCritical.js?v=17816662458381964622

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

322bb184560e44b31c3bf0ad13c88a7b79484ebf14d6f54191fba93a4017c4ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 7584
x-xss-protection: 1; mode=block
x-request-id: 74aef2c542621ff7fff8aba00275618fee2fa6b14c625ee5b23133f2fac7d35e
x-served-by: cache-lga21925-LGA, cache-fra19160-FRA
last-modified: Wed, 02 Jun 2021 16:37:23 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.587147,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 11:04:43 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/vendorCritical.js>; rel="canonical"
x-cache-hits: 2, 1

GET
H2 200 mainCritical.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 59 KB
14 KB 13ms
13ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/mainCritical.js?v=6147849908708683655

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

80933075fc79f4b871aa69faaa5053944a47984b61e57ffc19009ba3fc62b031

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 13971
x-xss-protection: 1; mode=block
x-request-id: 912061fbfb6a3f3c7f17aaac2a89ada7fe009c0e0184a17c7c2a113507e6ef1e
x-served-by: cache-lga21963-LGA, cache-fra19160-FRA
last-modified: Wed, 09 Jun 2021 19:59:17 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.601874,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 09 Jun 2022 19:59:19 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/mainCritical.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 main.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 4 KB
2 KB 20ms
16ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/main.js?v=7995992327244598130

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

4a4486833f30199f2aac4f8191450e38568b47eb834a818a489ed90fe7a0e62c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 1440
x-xss-protection: 1; mode=block
x-request-id: 7b2dd9496be81a108f282c639219d26fc51ba2be341c4d01ee4c40f7f96aa7f5
x-served-by: cache-lga21976-LGA, cache-fra19160-FRA
last-modified: Wed, 02 Jun 2021 16:36:51 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742238,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 11:04:44 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/main.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 vendorVimeo.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 19 KB
6 KB 21ms
18ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/vendorVimeo.js?v=12795021651730579807

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

ba59956084c9b7b830d30885f6975abc6c2a22638ca04930fec13808947eeeb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 5329
x-xss-protection: 1; mode=block
x-request-id: 9e3e9b855c1faf5e77ca6ac67ae5ac1c76dfc2b2e0b4db621c3f123a617765a0
x-served-by: cache-lga21929-LGA, cache-fra19160-FRA
last-modified: Wed, 02 Jun 2021 16:37:21 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742224,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:40:33 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/vendorVimeo.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 home.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 13 KB
4 KB 22ms
19ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.js?v=18248431689545240418

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

be064f7da15fe90f8a498b6afbd935c6178974a4cdfddfd0927436be99694fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 3645
x-xss-protection: 1; mode=block
x-request-id: b0e99dc4026b2194d3b2bc7cbd0f3698c752575c090738e0ea4b59c87f180c23
x-served-by: cache-lga13620-LGA, cache-fra19160-FRA
last-modified: Wed, 02 Jun 2021 16:36:53 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.742226,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:50:38 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 17095.js Show response
www.dwin1.com/ 29 KB
9 KB 95ms
44ms Script
application/javascript 2600:9000:206e:8000:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/17095.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:8000:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 181333c317e3622dfa81daf7d41a9efbd2057098229987ee7f842bbb467ff011

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ndDVrcfI7Stki4uimcofTgbPUca9YZbE
content-encoding: gzip
etag: W/"2dd1c4029b87409a45035e1d34d7e0ae"
age: 95
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 19 May 2021 11:33:14 GMT
server: AmazonS3
date: Sun, 13 Jun 2021 16:41:45 GMT
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 19e8b9893b6330d5d62599a448aea7db.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=600
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 23hhn-BsTJZAoqF4-AYmoTOPrTq7_swg1e_FqtgQIR8_KRT-CzLjrA==

GET
H2 200 webcomponents-loader.js Show response
unpkg.com/@webcomponents/webcomponentsjs@2.2.4/ 6 KB
2 KB 28ms
24ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@webcomponents/webcomponentsjs@2.2.4/webcomponents-loader.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c8eb3fac2da085b9b9162f25b769e760c25fbbfbe5edd7a354def8ee0bebe6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:20 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4480682
fly-request-id: 01F3XJZH3ZS0CAC7HPPEERA3VB
content-encoding: br
vary: Accept-Encoding
cf-request-id: 0aa7dab31f0000d6e922229000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1808-mMARMzAgKQO2ZUFKGA/4bHef7QM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65ecc6fe99d9d6e9-FRA

GET
H2 200 quadpay-widget-2.2.1.js Show response
widgets.quadpay.com/ 41 KB
11 KB 198ms
69ms Script
application/x-javascript 104.18.6.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.quadpay.com/quadpay-widget-2.2.1.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d5a1f0e119152966e25d1495fa074266b4e113d610752c6e66fff9abd1539dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2983
x-powered-by: ASP.NET
cf-request-id: 0aa7dab3bb00004be26382e000000001
last-modified: Mon, 26 Apr 2021 17:19:12 GMT
server: cloudflare
etag: W/"0e86646c03ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cf-polished: origSize=46324
cf-ray: 65ecc6ff8d244be2-AMS
cf-bgj: minify

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1 KB 159ms
50ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2b48bf931c510d8ee26e65fe1f112b2a42b2d48f228871f13fe9d9e7dc49e3e3

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:20 GMT
content-encoding: gzip
age: 151879
x-cache: HIT, HIT
access-control-max-age: 86400
content-length: 860
x-served-by: cache-lga21961-LGA, cache-hhn4081-HHN
access-control-allow-origin: *
allow: GET, OPTIONS
server: nginx
x-timer: S1623602601.868277,VS0,VE1
etag: W/"ef12c40872ccb39fa3908e4213a63064"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 1

GET
H2 200 dtag.js Show response
cdn.attn.tv/hero/ 0
376 B 38ms
7ms Script
text/javascript 2600:9000:2156:6600:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/hero/dtag.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
age: 71257
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/javascript
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
date: Sun, 13 Jun 2021 02:13:42 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: qlo60KT2M4YqrVwQDU44Yrs5r-QMwnTwOZ1ZWRWBlqyWOaVMmaDmeA==

OPTIONS
H2 200 config
api.taplytics.com/public_api/v1/ Frame 0
0 442ms
146ms Preflight
text/html 34.198.244.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.taplytics.com/public_api/v1/config?ad=5be0027a-5304-4610-955c-e78bab1fb30a&adt=browser&ct=browser&lv=0&sdk=2.23.1&rfr&ub=false&prms=%7B%22search%22%3A%7B%7D%2C%22location%22%3A%7B%22href%22%3A%22https%3A%2F%2Fwww.herocosmetics.us%2F%22%2C%22hash%22%3A%22%22%2C%22search%22%3A%22%22%2C%22host%22%3A%22www.herocosmetics.us%22%2C%22protocol%22%3A%22https%3A%22%2C%22pathname%22%3A%22%2F%22%2C%22title%22%3A%22%22%7D%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%7D&r_v=0&public_token=5dae9c5346204c8f803d17532ebc5776
Protocol: H2
Server: 34.198.244.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-244-47.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.herocosmetics.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
content-type: text/html; charset=utf-8
content-length: 13
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
accept-encoding
allow: GET,HEAD,POST
etag: W/"d-bMedpZYGrVt1nR4x+qdNZ2GqyRo"
vary: Accept-Encoding

POST
H2 200 config Show response
api.taplytics.com/public_api/v1/ 82 B
390 B 175ms
175ms XHR
application/json 34.198.244.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.taplytics.com/public_api/v1/config?ad=5be0027a-5304-4610-955c-e78bab1fb30a&adt=browser&ct=browser&lv=0&sdk=2.23.1&rfr&ub=false&prms=%7B%22search%22%3A%7B%7D%2C%22location%22%3A%7B%22href%22%3A%22https%3A%2F%2Fwww.herocosmetics.us%2F%22%2C%22hash%22%3A%22%22%2C%22search%22%3A%22%22%2C%22host%22%3A%22www.herocosmetics.us%22%2C%22protocol%22%3A%22https%3A%22%2C%22pathname%22%3A%22%2F%22%2C%22title%22%3A%22%22%7D%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%7D&r_v=0&public_token=5dae9c5346204c8f803d17532ebc5776
Requested by: Host: js.taplytics.com
URL: https://js.taplytics.com/jssdk/5dae9c5346204c8f803d17532ebc5776.min.js?sync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.244.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-244-47.compute-1.amazonaws.com
Software: / Express
Resource Hash: 6b269d85bdcedb32dcf64454edbe8ba165ae1246ac09b9c10fb4724281357057

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
accept-encoding
x-powered-by: Express
etag: W/"52-RgRg0HfWsgLTS2ueXuLoU9R7fvc"
vary: X-HTTP-Method-Override, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Accept
content-length: 82

GET
H2 200 gtm.js Show response
ssapi.herocosmetics.us/ 306 KB
93 KB 310ms
239ms Script
application/javascript 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: ef7b2df67c1a6c45c227e6ddabd306fb3bc4d533287f2273d1492787dcd5e848

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:20 GMT
content-encoding: gzip
last-modified: Sun, 13 Jun 2021 15:00:00 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-cloud-trace-context: 620988ea5e5ba027cc7b436cedc18b89;o=1
cache-control: private, max-age=450
content-length: 94466
expires: Sun, 13 Jun 2021 16:46:41 GMT

GET
H2 200 trekkie.storefront.6e6a2d3280f1c9e9e47b42b423dce96b03790e02.min.js Show response
cdn.shopify.com/s/ 72 KB
15 KB 28ms
21ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/trekkie.storefront.6e6a2d3280f1c9e9e47b42b423dce96b03790e02.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

59699aa2932f509b4113721118ac0afbc333ecd8d10b3a876807f5cb094fe90c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 14860
x-xss-protection: 1; mode=block
x-request-id: 11c4a3e5d56d35c16dd4e06a80347ada294a6e87f4bc2050eb0944232dc90881
x-served-by: cache-lga21968-LGA, cache-fra19160-FRA
last-modified: Fri, 11 Jun 2021 15:12:40 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.752190,VS0,VE0
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 11 Jun 2022 15:12:49 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.6e6a2d3280f1c9e9e47b42b423dce96b03790e02.min.js>; rel="canonical"
x-cache-hits: 3, 104571

GET
H2 200 shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/ 8 KB
3 KB 28ms
21ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 2605
x-xss-protection: 1; mode=block
x-request-id: bb76ab568b1c6c3afeb60ca45f73cd85665d5f747253147b45ec28722d1da93d
x-served-by: cache-lga21961-LGA, cache-fra19160-FRA
last-modified: Thu, 03 Jun 2021 18:45:56 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.752170,VS0,VE0
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 04 Jun 2022 14:36:09 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js>; rel="canonical"
x-cache-hits: 1, 227062

GET
H/1.1 200
OK 560977357 Show response
player.vimeo.com/video/ Frame 4781 15 KB
14 KB 352ms
245ms Document
text/html 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/560977357?background=true

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

410e3f6326f75b4e8f6181af570b9569ce5bc27714a98a297dfc7d3a3cd58efd

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.herocosmetics.us/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.herocosmetics.us/

Response headers

Connection: keep-alive
Content-Length: 11592
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Sun, 13 Jun 2021 16:52:46 GMT
Via: 1.1 varnish, 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 1
X-VServer: infra-playproxy-a-4
X-Vimeo-DC: ge
Accept-Ranges: bytes
Date: Sun, 13 Jun 2021 16:43:21 GMT
Age: 0
X-Served-By: cache-fra19182-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1623602601.870337,VS0,VE195
Vary: Accept-Encoding
X-Player-Backend: p

GET
H/1.1 200
OK 560970006 Show response
player.vimeo.com/video/ Frame F19F 15 KB
15 KB 341ms
237ms Document
text/html 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/560970006?background=true

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b58612a9e424382b76864a2a73a8ae9c4425ada6a2a1b0d93126b3e03cc020b5

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.herocosmetics.us/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.herocosmetics.us/

Response headers

Connection: keep-alive
Content-Length: 11883
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Sun, 13 Jun 2021 16:52:46 GMT
Via: 1.1 varnish, 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 1
X-VServer: infra-playproxy-a-2
X-Vimeo-DC: ge
Accept-Ranges: bytes
Date: Sun, 13 Jun 2021 16:43:21 GMT
Age: 0
X-Served-By: cache-fra19156-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1623602601.870257,VS0,VE188
Vary: Accept-Encoding
X-Player-Backend: p

GET
H2 200 Additional_Home_FS-min_300x@2x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 91 KB
92 KB 48ms
33ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Additional_Home_FS-min_300x@2x.png?v=1623176868

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

e1f7252e0b3549e24635aa6bb6a220658d14c66a7686e9ccba9fbac2bd2284fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 93562
x-xss-protection: 1; mode=block
x-request-id: f8e089d5910511dcfeb95f49b75261daf0d9de664ec5905146544107d353e193
x-served-by: cache-lga21969-LGA, cache-fra19160-FRA
last-modified: Tue, 08 Jun 2021 18:27:49 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.772161,VS0,VE2
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 18:27:49 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Additional_Home_FS-min_300x@2x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 FuturaPT-Book.woff2
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 40 KB
41 KB 38ms
26ms Font
font/woff2 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/FuturaPT-Book.woff2

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css?v=9000758215983734236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4064-HHN /

Resource Hash

9102e7d07194ef0d231630e5acb69d75f2e44f6c48610aa0f8330fbb6fa2794b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.herocosmetics.us
Referer: https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css?v=9000758215983734236
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 41248
x-xss-protection: 1; mode=block
x-request-id: 402d63b39dc260d2c9e6cff7ad6031feb1838f6d208ee99df4ac321539b17e7f
x-served-by: cache-lga21958-LGA, cache-hhn4064-HHN
last-modified: Tue, 02 Feb 2021 23:35:40 GMT
server: cache-hhn4064-HHN
x-timer: S1623602601.770884,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:40:40 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/FuturaPT-Book.woff2>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 FuturaPT-Heavy.woff2
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 46 KB
46 KB 25ms
13ms Font
font/woff2 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/FuturaPT-Heavy.woff2

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css?v=9000758215983734236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4064-HHN /

Resource Hash

d903a35a90276fed8d286f4de9f6ab44db076826cdb14a82d2e418aeb79b92ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.herocosmetics.us
Referer: https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css?v=9000758215983734236
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 46800
x-xss-protection: 1; mode=block
x-request-id: 3730f776dd84f46955e73d2c896d1e8a382a9573111ecf3b3f38fb1ea3ef5320
x-served-by: cache-lga13625-LGA, cache-hhn4064-HHN
last-modified: Tue, 02 Feb 2021 23:35:45 GMT
server: cache-hhn4064-HHN
x-timer: S1623602601.770920,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:51:12 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/FuturaPT-Heavy.woff2>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 FuturaPT-Demi.woff2
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 43 KB
43 KB 14ms
13ms Font
font/woff2 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/FuturaPT-Demi.woff2

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css?v=9000758215983734236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4064-HHN /

Resource Hash

b79adf570b66bcd072b6f3ea35e760f7433030c083c686a08b6ba740f532098a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.herocosmetics.us
Referer: https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css?v=9000758215983734236
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 43869
x-xss-protection: 1; mode=block
x-request-id: ea367174b9fe6b15493f2e210993404990658ca5babbdf5a6c92334f85b82a4b
x-served-by: cache-lga21948-LGA, cache-hhn4064-HHN
last-modified: Tue, 02 Feb 2021 23:35:43 GMT
server: cache-hhn4064-HHN
x-timer: S1623602601.835184,VS0,VE1
date: Sun, 13 Jun 2021 16:43:20 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:40:56 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/FuturaPT-Demi.woff2>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 gtm-suite.js Show response
shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/ 106 KB
34 KB 151ms
46ms Script
application/javascript 34.120.58.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/gtm-suite.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.58.162 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.58.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d04c01926dc18bb1aa1b0b07f12bb45c930a8c868f0b65e4c9961eaafa614c21

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 18:34:58 GMT
content-encoding: gzip
age: 79702
x-guploader-uploadid: ABg5-UylA_mNlzGu52mpd-MJJCHR0ZycbYh3dJUxFFNTdsLXAqBkByXDDP6CECiWN2i9pCvVWHu3OhfDfGBbWti6_I9uoQj_Xw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 33980
last-modified: Mon, 12 Apr 2021 15:05:44 GMT
server: UploadServer
etag: "c1db629ef1bba51f21c4a66368436442"
x-goog-hash: crc32c=2KKXoA==, md5=wdtinvG7pR8hxKZjaENkQg==
x-goog-generation: 1618239944482764
cache-control: no-transform
x-goog-stored-content-length: 33980
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 12 Jun 2022 18:34:58 GMT

GET
H2 200 analytics.js Show response
cdn.shopify.com/shopifycloud/media-analytics/v0.1/ 25 KB
8 KB 13ms
13ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/media-analytics/v0.1/analytics.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4064-HHN /

Resource Hash

2fbd65b2a6e539d2082c8d0780eb1d5461fd9f9156fa9cc144bb245c1b53e56c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.herocosmetics.us
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 7766
x-xss-protection: 1; mode=block
x-request-id: c05c83d522ba365b7bab7377b1cc8612961f07880e9a8d61be6dea0b82388cbe
x-served-by: cache-lga21950-LGA, cache-hhn4064-HHN
last-modified: Thu, 11 Mar 2021 09:14:27 GMT
server: cache-hhn4064-HHN
x-timer: S1623602601.878419,VS0,VE0
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 02 Jun 2021 05:37:34 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/media-analytics/v0.1/analytics.js>; rel="canonical"
x-cache-hits: 392, 337

GET
H2 200 session Show response
shop.app/pay/ 18 B
1 KB 290ms
173ms Fetch
application/json 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js?v=20210208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dc: gcp-us-east1,gke
p3p: CP="Not used"
access-control-max-age: 7200
server-timing: processing;dur=6, socket_queue;dur=1.627, edge;dur=1.058, util;dur=0.0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa7dab448000000d170857000000001
x-request-id: 73beba58852740acf2b6d99340e24cc2
x-runtime: 0.005474
server: cloudflare
x-frame-options: DENY
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.herocosmetics.us
vary: Accept-Encoding, Accept, Origin
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 65ecc70079a200d1-AMS
access-control-expose-headers

GET
H2 200 /
images.accentuate.io/ 76 KB
77 KB 74ms
42ms Image
image/png 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F6593728282666%2F1623112012638%2FFS-Duo-Thumb-596x596-.png%3Fv%3D0&c_options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbb88c4e7516dea47a990790a72a2cd6cf848ce3cc5a586d22e8d01b6aa6c861

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 423734
cf-ray: 65ecc6ffed381e47-FRA
server-timing: fastly;dur=1;cpu=0;start=2021-06-08T19:01:06.067Z;desc=hit,rtt;dur=85
vary: Accept-Encoding
content-length: 78118
cf-request-id: 0aa7dab3f100001e47d38f0000000001
last-modified: Tue, 08 Jun 2021 00:27:08 GMT
server: cloudflare
etag: "8b2c111ffb5dbd5b8310d50660447981"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=l%2B3Wajwl2GOLXLzpP1Mi2DOMMGHJPF3WzotwNp9rCGgMLc2ew2FeM19GcWiiAXzXvM78rjTCWgl1DzveVIMSHzDMpNvmfcoQ3UPuvpCFlK6ziSmf3wPuGBpWTL%2B0CPtkhWq3ZlSyCSxxuEohgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 70 KB
70 KB 81ms
49ms Image
image/jpeg 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F6593728282666%2F1623112790171%2FHover_Duo-min.jpg%3Fv%3D1623176411667&c_options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61d81fd71b21e28132253faaa368604bc04d58a1df833118b1b2b47487b085e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 423734
cf-ray: 65ecc6ffed3b1e47-FRA
server-timing: fastly;dur=1;cpu=0;start=2021-06-08T19:01:06.075Z;desc=hit,rtt;dur=86
vary: Accept-Encoding
content-length: 71312
cf-request-id: 0aa7dab3f100001e47dd93d000000001
x-request-id: 8d40411e23f1c9cd7d893d521b717658
last-modified: Tue, 08 Jun 2021 18:20:14 GMT
server: cloudflare
etag: "157ae121be8da3f8f2ba5c4db332040d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lWn9l9yXxtWnEwMzwNvcKTfO1qrSmPMKlntMlInzAS4lzSX1IbY%2BKlMRJ%2FXfHByI2vBjvi1cYF5XWZDNf3B%2Br80Gth7s2tmI5Bg3cRr3X9WB1MlJtvnK65NAWSQ4pzivXrpEQE7atyDUNnYAaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 51 KB
51 KB 81ms
49ms Image
image/png 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F6574246690858%2F1623112374459%2FFS_Mist_Transparent.png%3Fv%3D0&c_options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fc31808afdf7c785b86537a7fae0299a655d183ecc0bbe507395a25cee39dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 423734
cf-ray: 65ecc6ffed3d1e47-FRA
server-timing: fastly;dur=1;cpu=0;start=2021-06-08T19:01:06.095Z;desc=hit,rtt;dur=88
vary: Accept-Encoding
content-length: 51757
cf-request-id: 0aa7dab3f400001e473c8c0000000001
last-modified: Tue, 08 Jun 2021 00:36:06 GMT
server: cloudflare
etag: "5726b85b06a7bc042b0c4e943652223d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0V1%2Bvj4mh6mXAET7e6bTCPqxYVYg4I55RwhioLBDMC48y53bgYnwxRNctFNSIoCzsIv%2BvRdjcRISKrFIr25OO6fm%2BGn4W2%2FVLvz7bMqZx%2BS%2FuVg1lXxk6V7y6v0q%2BWV2uB9F5P7a9klBq5kdjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 34 KB
35 KB 80ms
49ms Image
image/jpeg 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F6574246690858%2F1623112544420%2FHover_Mist-min.jpg%3Fv%3D1623176368911&c_options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0e903b798852128fb3cf7a53e34a5113976f298e257bfcc712eb568ac03888c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 423734
cf-ray: 65ecc6ffed421e47-FRA
server-timing: fastly;dur=1;start=2021-06-08T19:01:06.077Z;desc=hit,rtt;dur=86
vary: Accept-Encoding
content-length: 34892
cf-request-id: 0aa7dab3f200001e4716985000000001
x-request-id: c2128159389f45cdc2154fe2f8189d96
last-modified: Tue, 08 Jun 2021 18:19:32 GMT
server: cloudflare
etag: "d10357f61b701abaa7114911a966f202"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QYVXQoYLGkD%2FF9uh2gjsh7u1nHeg6B3mt%2F7beHc6eJngGNS9ILjuGDDDHap0DQfmZVag0nfECnAFsgfzG3REirSZS6FzmpeXXLtfiIx1xOo45Nzez6jhBAwM%2FZ32URiVPIb9vJK4FtwXN8plXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 41 KB
41 KB 81ms
50ms Image
image/png 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F6574246559786%2F1623111147199%2FFS_Serum_Stick_Transparent.png%3Fv%3D0&c_options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d2afc659e6ff07b116339285477ffabecf32dac527395f88075804144e8ba34

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 423734
cf-ray: 65ecc6ffed451e47-FRA
server-timing: fastly;dur=1;cpu=0;start=2021-06-08T19:01:06.090Z;desc=hit,rtt;dur=89
vary: Accept-Encoding
content-length: 41487
cf-request-id: 0aa7dab3f200001e474f194000000001
x-request-id: 5fcc4b55b15c95ce19e2a793e1daed02
last-modified: Tue, 08 Jun 2021 00:12:29 GMT
server: cloudflare
etag: "a1a2bf17285de1159277c64ebffbb6c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BP12yVZNDSynjoKcLMZyEH0Z5gLKKy6yR%2FxzF7cRcDSYsd74fivlcbFYegKE4NWDULrHs05gtbQG5X4LxfymwYC5xyht2xrskhgLigN2Jxyczv2fDLaMRMhcbMpSzHvdJwIf0QoeIR6HQqvijg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 30 KB
31 KB 86ms
55ms Image
image/jpeg 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F6574246559786%2F1623112620034%2FHover_Serum-min.jpg%3Fv%3D1623176312016&c_options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1b82ff5864af3542fb9605958c4705216c0a48b884ec473ccd55b33f09417ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 423734
cf-ray: 65ecc6ffed471e47-FRA
server-timing: fastly;dur=1;cpu=0;start=2021-06-08T19:01:06.080Z;desc=hit,rtt;dur=88
vary: Accept-Encoding
content-length: 31161
cf-request-id: 0aa7dab3f300001e47ee155000000001
x-request-id: 01bb4798cb08e55b370704120bf633f2
last-modified: Tue, 08 Jun 2021 18:18:35 GMT
server: cloudflare
etag: "282fc42b5472a9643719637ada96aff3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=i2SuC0JE745q8TxvGMbBaLUScCCjJVL%2FnhPAe7z4gVwFq7w2JxF9yfk7AAXfUUrAv%2BASeEcyZTrj7SHx5ln20J%2Fmz3vQ8utWmd7mTWbDGbUAEGzrjcCIdbNwCXO3egs0eph3VZoHo0mcBB7rrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 consent-tracking-api.js Show response
cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/ 4 KB
2 KB 14ms
14ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4064-HHN /

Resource Hash

282046cc6cc153b29e51825afc6801ada4258cebc3741875f68386a133fbc747

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.herocosmetics.us
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 1463
x-xss-protection: 1; mode=block
x-request-id: 8cf6bf81d0507f6a2434be308e078f8dcd030e4dcb860eb44e1d674b96a93cf9
x-served-by: cache-lga21927-LGA, cache-hhn4064-HHN
last-modified: Tue, 01 Jun 2021 17:32:40 GMT
server: cache-hhn4064-HHN
x-timer: S1623602601.960339,VS0,VE0
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 09 Jun 2021 05:23:13 GMT
cache-control: public, max-age=1800, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-cache-hits: 696, 959

GET
H2 200 fender_analytics.bc2eab801986b537f470.js Show response
static.klaviyo.com/onsite/js/ 17 KB
6 KB 120ms
118ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/fender_analytics.bc2eab801986b537f470.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a5fd787f27556a9d61edfb597cd5b2f61366893726208c5fd719c14047853c7

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: apXcXB4FolY4.3_udRqwNqn1NEPPKYGb
content-encoding: gzip
etag: "e904d51c3f8f9a28d402d28f4d1ec699"
age: 151886
x-cache: HIT
fastly-restarts: 1
x-amz-id-2: tQUs1EXzrYeiWvr0W5jUiA4jz+2VawC3BuZRvl0euPKOszWddNRWNKJ5hCccGTgoLLsFI0KJTDM=
x-served-by: cache-hhn4081-HHN
accept-ranges: bytes
last-modified: Fri, 11 Jun 2021 22:30:47 GMT
server: AmazonS3
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
x-amz-request-id: 1QPS9G984D23X8NZ
via: 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
content-length: 5795
content-type: application/x-javascript
x-cache-hits: 133716

GET
H2 200 sharedUtils.ff79bf923e79d7911102.js Show response
static.klaviyo.com/onsite/js/ 72 KB
18 KB 120ms
118ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.ff79bf923e79d7911102.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f69169f5e6d4cbc91f140c53b2a18e2731847e36b3c0da15b51a14c748355d5

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ZSkdz4mTtS0dxLiOPUDkOjHEQ3Q4dAWA
content-encoding: gzip
etag: "502f6b9a0f69a084385147fb98ba3702"
age: 151882
x-cache: HIT
fastly-restarts: 1
x-amz-id-2: 9uo6q1sdy6G7iRGviNo/Npjr9WihNKmtBS5M5rIrGZJ3zEP1nfCsXLrbTSIDKDqVZwlOIjeidxk=
x-served-by: cache-hhn4081-HHN
accept-ranges: bytes
last-modified: Fri, 11 Jun 2021 22:30:47 GMT
server: AmazonS3
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
x-amz-request-id: 1108AE10V6ZCE9DP
via: 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
content-length: 18588
content-type: application/x-javascript
x-cache-hits: 142956

GET
H2 200 static.2511c75dc3eed41cd68e.js Show response
static.klaviyo.com/onsite/js/ 12 KB
5 KB 119ms
117ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/static.2511c75dc3eed41cd68e.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aacf10ef41186272da655129c129356eda276a22babbc5c4034db907140097c0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: EZxs04TpiJSCvUxkKe1zyS89Te5nfmXk
content-encoding: gzip
etag: "a64d80c2e7bff3461116c1e940e5ce22"
age: 151876
x-cache: HIT
fastly-restarts: 1
x-amz-id-2: oWS71/2AQ3PzAM3pHiIosVhA1mTjgwoiYWpMtibQCZxjMKlKQ+qDCwyVcy5qEYpar9hHo6ggKlI=
x-served-by: cache-hhn4081-HHN
accept-ranges: bytes
last-modified: Fri, 11 Jun 2021 22:30:47 GMT
server: AmazonS3
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
x-amz-request-id: TVBECA4EJH6DRV1R
via: 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
content-length: 5007
content-type: application/x-javascript
x-cache-hits: 134046

GET
H2 200 styles.e4cca842c10ad5df6926.js Show response
static.klaviyo.com/onsite/js/ 239 B
386 B 120ms
118ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/styles.e4cca842c10ad5df6926.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22ed99ec8e4851160f11f8dcf462c43a1ff343793d2521be5256958bdeb19ced

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: aKwagh8TlVe4BCWlmYMPhgs5oRsGjfrv
content-encoding: gzip
etag: "fe134dc7e5f049d83248ee479726b02d"
age: 151868
x-cache: HIT
fastly-restarts: 1
x-amz-id-2: VcsJyF0TXsSctPUm9eQXJGcf9LNjJosS27qumk7jBzkZU+p1OIoJhwA7bi4iq18xCxif5GFrvmY=
x-served-by: cache-hhn4081-HHN
accept-ranges: bytes
last-modified: Fri, 11 Jun 2021 22:30:48 GMT
server: AmazonS3
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
x-amz-request-id: KRQTGND5WAYT9S70
via: 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
content-length: 163
content-type: application/x-javascript
x-cache-hits: 89442

GET
H2 200 sentry.e9c13b4f41b96aec7b8a.js Show response
static.klaviyo.com/onsite/js/ 40 KB
14 KB 52ms
50ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sentry.e9c13b4f41b96aec7b8a.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb816046f2eeabf435bf4702316a76a4705514a0a67154d293148fb9f6d97a57

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JgrzDpctZW7FWxZ3rfu9HtMyvlAmLqMa
content-encoding: gzip
etag: "c35b07d5b5ba2091dde78dcd3a319c09"
age: 151868
x-cache: HIT
fastly-restarts: 1
x-amz-id-2: Cjk7lsMuJvQpThdW7XFEhsonHA74QBlBqlN1XaJykp5jRbUcM3CeWQAh3WSIPu5jMhFk91e4V4I=
x-served-by: cache-hhn4081-HHN
accept-ranges: bytes
last-modified: Fri, 11 Jun 2021 22:30:47 GMT
server: AmazonS3
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
x-amz-request-id: KRQP7JJ18J9GZ5Y2
via: 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
content-length: 13798
content-type: application/x-javascript
x-cache-hits: 92729

GET
H2 200 vendors~signup_forms.708874df128ec67372d3.js Show response
static.klaviyo.com/onsite/js/ 209 KB
61 KB 52ms
50ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.708874df128ec67372d3.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9acc13b0c5d36c2b2132cb7f0b90f943c0800fd05a0ad079e7fcd933b378fdf

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: YYIhfALRuOHu_alGPh8ipe.C.NG01tlU
content-encoding: gzip
etag: "c4e8fe53a5ba2447cdd480bbf2ebc17d"
age: 151886
x-cache: HIT
fastly-restarts: 1
x-amz-id-2: Q5BS+oBToQXaDXliLDqf2paSjuY67AyZH1PhafqBoMcleEOZmXO4KVVaDsGBy1FYAspbkyQkAsU=
x-served-by: cache-hhn4081-HHN
accept-ranges: bytes
last-modified: Fri, 11 Jun 2021 22:30:49 GMT
server: AmazonS3
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
x-amz-request-id: 1QPZ75GD8EW8S7WK
via: 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
content-length: 62258
content-type: application/x-javascript
x-cache-hits: 83902

GET
H2 200 signup_forms.85ba2c31fdab78c18876.js Show response
static.klaviyo.com/onsite/js/ 182 KB
41 KB 52ms
51ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.85ba2c31fdab78c18876.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3f07c81406bbdb752fd973049bf14123fd43d804b745e5448a535280f535909

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UfIk5QQaEqRH3xMLzta3TE1tVBI7SRsu
content-encoding: gzip
etag: "3d67f9a13ccb27cc265f5b0f33e8ce59"
age: 151874
x-cache: HIT
fastly-restarts: 1
x-amz-id-2: Q/J/WSPQ+zJqxtGYUHwS3F4OaMKjkfM05lyN3qPB31fxaNaRcmYEMaCod7Pa6YaU3BwJtxMlp3A=
x-served-by: cache-hhn4081-HHN
accept-ranges: bytes
last-modified: Fri, 11 Jun 2021 22:30:47 GMT
server: AmazonS3
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
x-amz-request-id: TDF849X861XWRE69
via: 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
content-length: 41268
content-type: application/x-javascript
x-cache-hits: 97349

GET
H2 200 1.f492a3d1ada3f6002e9a.css
static.klaviyo.com/onsite/js/ 65 KB
6 KB 119ms
118ms Stylesheet
text/css 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/1.f492a3d1ada3f6002e9a.css
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a630ce79186c69f2f0d1406f523cf4a4f5406677ea7a3ce0a87e007251ef178

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: GiJXTIKvZgZy9YREVSKSnOYUuFi3ugJx
content-encoding: gzip
etag: "5e4123e6002c2e8305a442b64af5b874"
age: 151870
x-cache: HIT
fastly-restarts: 1
x-amz-id-2: oSmHXipyUGigd16vmEI8LwAjXlXl7M/DVJ09Vr2QeCBMjeYirvzPkF/maiGDQfv6gB6yeAhGj70=
x-served-by: cache-hhn4081-HHN
accept-ranges: bytes
last-modified: Fri, 11 Jun 2021 22:30:49 GMT
server: AmazonS3
date: Sun, 13 Jun 2021 16:43:20 GMT
vary: Accept-Encoding
x-amz-request-id: RSS5NQH9PGT2XP5K
via: 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
content-length: 5462
content-type: text/css
x-cache-hits: 89309

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v6/ 40 KB
13 KB 169ms
56ms Script
application/javascript 99.86.245.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/media-analytics/v0.1/analytics.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.245.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-245-69.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 18:06:24 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 05 Feb 2020 15:23:02 GMT
Server: AmazonS3
Age: 8980618
ETag: W/"e63788b8657ac52b3cdbb970e551c2a4"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 e010e3963cfd47d783f0503a3dbc3b90.cloudfront.net (CloudFront)
Cache-Control: public, max-age=315360000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: AuC2kYSuBPByjK7d9WTQkMW8ZudHoOnQfHCRav3RVKbM5V0himxoyw==

GET
H3-29 200 cart.js Show response
www.herocosmetics.us/ 283 B
1 KB 277ms
218ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cart.js?v=1623602600982

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12984a120f9db14993505ca505fad401dad56d4bba43b5a671f2b4222925816

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: secure_customer_sig=; _shopify_country=Poland; cart_currency=USD; _orig_referrer=; _landing_page=%2F; _y=116cf14a-a102-4b39-b8db-84ff18332463; _s=d66b6aac-c8dc-43f3-a00a-6e9911439665; _shopify_y=116cf14a-a102-4b39-b8db-84ff18332463; _shopify_s=d66b6aac-c8dc-43f3-a00a-6e9911439665; _tl_csid=a56b8faf-6d7f-48df-8b40-03ec9e1752ba; _tl_duuid=5be0027a-5304-4610-955c-e78bab1fb30a; _tl_config=JTdCJTIyZXhwVmFyc05hbWVzJTIyJTNBJTdCJTdEJTJDJTIyZXhwVmFyc0lkcyUyMiUzQSU3QiU3RCUyQyUyMmR5bmFtaWNWYXJzJTIyJTNBJTdCJTIyRXhwYW5kZWQlMjBEZXRhaWxzJTIyJTNBJTdCJTIybmFtZSUyMiUzQSUyMkV4cGFuZGVkJTIwRGV0YWlscyUyMiUyQyUyMnZhcmlhYmxlVHlwZSUyMiUzQSUyMkNvZGUlMjBCbG9jayUyMiUyQyUyMnZhbHVlJTIyJTNBZmFsc2UlN0QlMkMlMjJDb2xsYXBzZWQlMjBEZXRhaWxzJTIyJTNBJTdCJTIybmFtZSUyMiUzQSUyMkNvbGxhcHNlZCUyMERldGFpbHMlMjIlMkMlMjJ2YXJpYWJsZVR5cGUlMjIlM0ElMjJDb2RlJTIwQmxvY2slMjIlMkMlMjJ2YWx1ZSUyMiUzQWZhbHNlJTdEJTJDJTIyVGVzdF9UcmFja19Db252ZXJzaW9uJTIyJTNBJTdCJTIybmFtZSUyMiUzQSUyMlRlc3RfVHJhY2tfQ29udmVyc2lvbiUyMiUyQyUyMnZhcmlhYmxlVHlwZSUyMiUzQSUyMkNvZGUlMjBCbG9jayUyMiUyQyUyMnZhbHVlJTIyJTNBZmFsc2UlN0QlMkMlMjJUcmFja19Db252ZXJzaW9uJTIyJTNBJTdCJTIybmFtZSUyMiUzQSUyMlRyYWNrX0NvbnZlcnNpb24lMjIlMkMlMjJ2YXJpYWJsZVR5cGUlMjIlM0ElMjJDb2RlJTIwQmxvY2slMjIlMkMlMjJ2YWx1ZSUyMiUzQWZhbHNlJTdEJTJDJTIyUERQJTIwQWRkJTIwVG8lMjBDYXJ0JTIwLSUyMENvbnRpbnVlJTIwU2hvcHBpbmclMjIlM0ElN0IlMjJuYW1lJTIyJTNBJTIyUERQJTIwQWRkJTIwVG8lMjBDYXJ0JTIwLSUyMENvbnRpbnVlJTIwU2hvcHBpbmclMjIlMkMlMjJ2YXJpYWJsZVR5cGUlMjIlM0ElMjJDb2RlJTIwQmxvY2slMjIlMkMlMjJ2YWx1ZSUyMiUzQWZhbHNlJTdEJTJDJTIyUERQJTIwQWRkJTIwVG8lMjBDYXJ0JTIwLSUyMFByZXZpZXclMjBNb2RhbCUyMiUzQSU3QiUyMm5hbWUlMjIlM0ElMjJQRFAlMjBBZGQlMjBUbyUyMENhcnQlMjAtJTIwUHJldmlldyUyME1vZGFsJTIyJTJDJTIydmFyaWFibGVUeXBlJTIyJTNBJTIyQ29kZSUyMEJsb2NrJTIyJTJDJTIydmFsdWUlMjIlM0FmYWxzZSU3RCUyQyUyMk1vYmlsZSUyMEFkZCUyMFRvJTIwQ2FydCUyMC0lMjBDb250aW51ZSUyMFNob3BwaW5nJTIyJTNBJTdCJTIybmFtZSUyMiUzQSUyMk1vYmlsZSUyMEFkZCUyMFRvJTIwQ2FydCUyMC0lMjBDb250aW51ZSUyMFNob3BwaW5nJTIyJTJDJTIydmFyaWFibGVUeXBlJTIyJTNBJTIyQ29kZSUyMEJsb2NrJTIyJTJDJTIydmFsdWUlMjIlM0FmYWxzZSU3RCUyQyUyMk1vYmlsZSUyMEFkZCUyMFRvJTIwQ2FydCUyMC0lMjBQcmV2aWV3JTIwTW9kYWwlMjIlM0ElN0IlMjJuYW1lJTIyJTNBJTIyTW9iaWxlJTIwQWRkJTIwVG8lMjBDYXJ0JTIwLSUyMFByZXZpZXclMjBNb2RhbCUyMiUyQyUyMnZhcmlhYmxlVHlwZSUyMiUzQSUyMkNvZGUlMjBCbG9jayUyMiUyQyUyMnZhbHVlJTIyJTNBZmFsc2UlN0QlMkMlMjJQcm9kdWN0JTIwR3JpZCUyMC0lMjBTY3JvbGxhYmxlJTIyJTNBJTdCJTIybmFtZSUyMiUzQSUyMlByb2R1Y3QlMjBHcmlkJTIwLSUyMFNjcm9sbGFibGUlMjIlMkMlMjJ2YXJpYWJsZVR5cGUlMjIlM0ElMjJDb2RlJTIwQmxvY2slMjIlMkMlMjJ2YWx1ZSUyMiUzQWZhbHNlJTdEJTdEJTdE; tl_sopts_a56b8faf-6d7f-48df-8b40-03ec9e1752ba_p_p_l_h=aHR0cHMlM0ElMkYlMkZ3d3cuaGVyb2Nvc21ldGljcy51cyUyRg==; tl_sopts_a56b8faf-6d7f-48df-8b40-03ec9e1752ba_p_p_l=JTdCJTIyaHJlZiUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3Lmhlcm9jb3NtZXRpY3MudXMlMkYlMjIlMkMlMjJoYXNoJTIyJTNBJTIyJTIyJTJDJTIyc2VhcmNoJTIyJTNBJTIyJTIyJTJDJTIyaG9zdCUyMiUzQSUyMnd3dy5oZXJvY29zbWV0aWNzLnVzJTIyJTJDJTIycHJvdG9jb2wlMjIlM0ElMjJodHRwcyUzQSUyMiUyQyUyMnBhdGhuYW1lJTIyJTNBJTIyJTJGJTIyJTJDJTIydGl0bGUlMjIlM0ElMjIlMjIlN0Q=; tl_sopts_a56b8faf-6d7f-48df-8b40-03ec9e1752ba_p_p_v_d=MjAyMS0wNi0xM1QxNiUzQTQzJTNBMjAuNzE4Wg==
:path: /cart.js?v=1623602600982
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.herocosmetics.us
referer: https://www.herocosmetics.us/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.herocosmetics.us/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa7dab47200000b5716158000000001
x-sorting-hat-shopid: 21814481
x-shardid: 41
x-storefront-renderer-rendered: 1
server: cloudflare
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
x-shopid: 21814481
x-request-id: 779f7c3e-4606-44c3-841d-5ed6be803a15
x-download-options: noopen
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Mon, 13 Jun 2022 16:43:21 GMT; secure; HttpOnly cart_currency=USD; path=/; expires=Sun, 27 Jun 2021 16:43:21 GMT _y=116cf14a-a102-4b39-b8db-84ff18332463; Expires=Mon, 13-Jun-22 16:43:21 GMT; Domain=herocosmetics.us; Path=/; SameSite=Lax _s=d66b6aac-c8dc-43f3-a00a-6e9911439665; Expires=Sun, 13-Jun-21 17:13:21 GMT; Domain=herocosmetics.us; Path=/; SameSite=Lax _shopify_y=116cf14a-a102-4b39-b8db-84ff18332463; Expires=Mon, 13-Jun-22 16:43:21 GMT; Domain=herocosmetics.us; Path=/; SameSite=Lax _shopify_s=d66b6aac-c8dc-43f3-a00a-6e9911439665; Expires=Sun, 13-Jun-21 17:13:21 GMT; Domain=herocosmetics.us; Path=/; SameSite=Lax
cf-ray: 65ecc700bf910b57-AMS
x-sorting-hat-podid: 41
x-cartjs-updatedat: 0

GET
H2 200 /
images.accentuate.io/ 7 KB
3 KB 61ms
60ms Image
image/svg+xml 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F1231903719466%2F1610646706858%2FFSA-badge.svg%3Fv%3D0&c_options=w_96,h_96

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300807a8632339de01c7fada5c4bc8a458fcf2bba7861d74ca889ee8446e5ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 341106
cf-ray: 65ecc7013fef1e47-FRA
content-disposition: attachment; filename="FSA-badge.svg"
server-timing: fastly;dur=1;start=2021-05-26T14:31:20.008Z;desc=hit,rtt;dur=88
vary: Accept-Encoding
content-length: 2465
cf-request-id: 0aa7dab4c100001e471909c000000001
last-modified: Thu, 14 Jan 2021 18:15:18 GMT
server: cloudflare
etag: W/"3ce52fcea30e91fbcedf6161bea20fd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=n7Pmcw8Uh05iV5H6kpLYwLllKVSmpacFQ%2Fo%2B9nYZ%2F5k8k7BnSwtXry6WmXH5I4u%2BqPtRpRItugH0zk52ylTI6t4GQSdACjmxoHiWgtTOXPmKsbi5vQhVbYFPdzjF79Gxn8oLPfS5IeKnc9p4cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 15 KB
6 KB 32ms
31ms Image
image/svg+xml 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F1231903719466%2F1611628572042%2FBestofBeauty_2020_RGB.svg%3Fv%3D0&c_options=w_96,h_96

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfbbd0772eda291e13d714b63c76011a05b1a830ee633732e379b487cb076dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 341106
cf-ray: 65ecc7013ff21e47-FRA
content-disposition: attachment; filename="BestofBeauty_2020_RGB.svg"
server-timing: fastly;dur=1;cpu=0;start=2021-05-26T14:31:20.186Z;desc=hit,rtt;dur=88
vary: Accept-Encoding
content-length: 5474
cf-request-id: 0aa7dab4c200001e4716996000000001
last-modified: Tue, 26 Jan 2021 02:36:32 GMT
server: cloudflare
etag: W/"2dcdc8cac3fe579880ae89981fe63eeb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=itjWZFecksnePr8N0ra69zXx%2BHbY2SXBHru4j8FXwZRwrcUGJJmxsY8S5%2Bi2wGllVWMX2xv%2FhcvDW8HJgts7vYkECQcXOP%2F%2FMU2rF6QECVBRknUghwhuWB2e%2BGZIknGOqgeFCC%2B2ljUpdHKhGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 26 KB
26 KB 46ms
45ms Image
image/jpeg 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F1231903719466%2F1610490568194%2Fmighty-patch-original-hover.jpg%3Fv%3D0&c_options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80605dd6653d1705776c10448f6fc7453bcf6de08ae0551f8b79b2c3b986729f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 268723
cf-ray: 65ecc7013ff51e47-FRA
server-timing: fastly;dur=1;cpu=0;start=2021-05-27T09:16:04.398Z;desc=hit,rtt;dur=86
vary: Accept-Encoding
content-length: 26525
cf-request-id: 0aa7dab4c200001e471db13000000001
last-modified: Tue, 12 Jan 2021 22:30:37 GMT
server: cloudflare
etag: "e8ee9b945e3d79e8ca48ae300db11e62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gein4%2B7ZneV2Bl0bwYrAcVu568xbfRFqSq9JWqALGD5ffJnBV3hmQ%2BUpdWXpwhjP2WrbN5GG6HhmYNs7b98INtm1kGfndSBXBbylmKq6TJP%2BTiUewm5wdgnIVJHeVOrcxLtjTYmDOJwE8G7tpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 2 KB
3 KB 28ms
27ms Image
image/png 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F4394508714026%2F1611629196164%2FELLE2020Beauty_Awards_LogoV1-96x96.png%3Fv%3D0&c_options=w_96,h_96

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe7ec77584ca08b2e86b4a7a7061236a59fe704eb72c94b723d4e49f8dd829ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 348718
cf-ray: 65ecc7013ff91e47-FRA
server-timing: fastly;dur=1;cpu=0;start=2021-05-26T14:31:19.449Z;desc=hit,rtt;dur=86
vary: Accept-Encoding
content-length: 2257
cf-request-id: 0aa7dab4c200001e474c851000000001
last-modified: Tue, 26 Jan 2021 02:46:42 GMT
server: cloudflare
etag: "e1ee5c553dc755f45236b9bd928a7a03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=o8GNBCnbGCg2HBkiAG5Oq%2FKAq9GKdn0FesH5T6GM0U3oilBOspyTAH99ciNi6pulLKXBTeLw%2FivjPZeieJmpXeB7Kx57a6HhpxPwdtReEFQCvbWpeU8uHNw49QGyzzgNoeq0p2EieDvE4THDkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 54 KB
55 KB 38ms
37ms Image
image/jpeg 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F4394508714026%2F1611612063770%2FHero_RB_Thumbnail_hover_596x596.jpg%3Fv%3D0&c_options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c62195b74b679afaf7051f3996694e08e337c2abfeeaa12961afff3a337b9500

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 268723
cf-ray: 65ecc7013ffc1e47-FRA
server-timing: fastly;dur=1;cpu=0;start=2021-05-27T09:16:03.520Z;desc=hit,rtt;dur=88
vary: Accept-Encoding
content-length: 55152
cf-request-id: 0aa7dab4c300001e47ee16c000000001
last-modified: Mon, 25 Jan 2021 22:01:51 GMT
server: cloudflare
etag: "90d7a5bc8ed0c91651574d81621696f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=v%2FuYMRPr7mf3QemqtBfX1S7CMS%2FlMbrhrtSDI6JUoOEFxLhh47ubzcBRa4uocX5p25yLXRSWii7EbZRPSrXyHmPgL1Rmt1%2F52L6OK0eOpSzZU3yhgxApmBEl%2BzdKMOH%2FDgNn37aOJ%2FcBbLH1VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 39 KB
40 KB 53ms
53ms Image
image/jpeg 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F4562059722794%2F1611612203387%2FHero_LW_Thumbnail_596x596-hover.png%3Fv%3D0&c_options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d61b4b5ada5dbe2f615107e37ee9ee56f963846d57a73d0a187fd34066cd89b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 250216
cf-ray: 65ecc7013ffe1e47-FRA
server-timing: fastly;dur=1;start=2021-05-27T15:31:33.332Z;desc=hit,rtt;dur=85
vary: Accept-Encoding
content-length: 40110
cf-request-id: 0aa7dab4c700001e471f0e1000000001
last-modified: Mon, 25 Jan 2021 22:03:43 GMT
server: cloudflare
etag: "ad963afd531a89e06b7da7edf79d176d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YYocjwL7%2BlbfMtUrXI17fIi7AVoyyGxbWzw5Tmh28j4VjqO93L%2BPgcvEItXvWWbn4MV6pvU2sbxh%2BdjB7vUVaUC%2BsJNcxKI1Yily4Kk7KACbQf%2FAfUWNdVKteoy81xd4FFQKQ%2FlllIbGVqBxfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sentry.js Show response
shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/ 59 KB
17 KB 47ms
47ms Script
application/javascript 34.120.58.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/sentry.js
Requested by: Host: shopify-gtm-suite.getelevar.com
URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/gtm-suite.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.58.162 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.58.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 44e547374427e4eba37a23b8ee1681c92e989278a6e185a20751f4baf9d61d3d

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 03:27:26 GMT
content-encoding: gzip
age: 47755
x-guploader-uploadid: ABg5-Uzz1mksQQEL1BavHczBze0ey4TCoOgrUSRMNLg5feHNqJdmyXevHR08kIzKtJDnOtTT2OwUwv7YpvQEmw2m21Af6yHeEw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 17221
last-modified: Mon, 12 Apr 2021 15:05:44 GMT
server: UploadServer
etag: "592aec8df0c758125e286dbf68333a80"
x-goog-hash: crc32c=fMvb8A==, md5=WSrsjfDHWBJeKG2/aDM6gA==
x-goog-generation: 1618239944646708
cache-control: no-transform
x-goog-stored-content-length: 17221
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 13 Jun 2022 03:27:26 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
831 B 131ms
109ms Script
application/javascript 2a02:26f0:6c00:28c::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6e6a2d3280f1c9e9e47b42b423dce96b03790e02.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 503f17f1ead39e733bbf304e686d367d5c7051a5df079f15b7e251b479959b13

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "57947439b864e017feed0d94316d5a8c"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 15208325-2.16.186.204
accept-ranges: bytes
content-length: 583
access-control-expose-headers: X-CDN

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 112 KB
33 KB 384ms
255ms Script
application/javascript 2.16.186.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2R434VBHJVP7P6R4110&lib=ttq
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6e6a2d3280f1c9e9e47b42b423dce96b03790e02.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b8e6ad9cd6b3425f7fde8ec7eba7517381c9224b73328fe698a9832bdb4607d6

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id: 1b49a4e6.395e4599
date: Sun, 13 Jun 2021 16:43:21 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-44-10-191.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-220.deploy.akamaitechnologies.com (AkamaiGHost/10.4.2-33748240) (-)
x-parent-response-time: 181,2.16.186.220
server-timing: cdn-cache; desc=MISS, edge; dur=139, origin; dur=42, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 202106131643210102360171343F0AA444
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 42,23.44.10.191
x-tt-trace-host: 015ca1ac3ac3fd8ac083d385f8ca36f0c2989ff2e60d6c444332a7dc49e7745fcd07216d6bb89ac005bffd7bd0932ab03d03aa69affb43d938d51e55a20a254dfe12cc20fd9d9684998eece048b2263245b74c63f715452f9f5e9be298e7d930d1a9ce7647c98ec0e85a0bba200192cba4
expires: Sun, 13 Jun 2021 16:43:21 GMT

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 419 B
746 B 151ms
49ms XHR
application/json 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=LGmb7q

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e143fe2aec7d553ad779af2aaec8243746dcbbf147321f9d69b86b78bc4b5b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 453756
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=900
content-length: 419
x-served-by: cache-bos4627-BOS, cache-hhn4070-HHN
allow: GET, HEAD, OPTIONS
server: nginx
vary: Cookie
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 2

GET
H2 200 vendors~View.5549aaf66ccf134e4d03.js
static.klaviyo.com/onsite/js/ 0
34 KB 49ms
49ms Other
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~View.5549aaf66ccf134e4d03.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signup_forms.85ba2c31fdab78c18876.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6K026TRY0PJJyR0tDktGe3xwkhzC7tTv
content-encoding: gzip
etag: "fd3b48cd7f02fd9d8fcb6703ed46fd6b"
age: 151874
x-cache: HIT
fastly-restarts: 1
x-amz-id-2: 49tF5ta3qL5nyAW6t8j3UnApltFX2UEGvbU3bdQfny36KIXGpcYUua67B0oFniB0uA5INE7LtpA=
x-served-by: cache-hhn4081-HHN
accept-ranges: bytes
last-modified: Fri, 11 Jun 2021 22:30:48 GMT
server: AmazonS3
date: Sun, 13 Jun 2021 16:43:21 GMT
vary: Accept-Encoding
x-amz-request-id: WTZFHV0ZVW9577QG
via: 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
content-length: 34870
content-type: application/x-javascript
x-cache-hits: 77653

GET
H2 200 View.200420438b4c945b79d1.js
static.klaviyo.com/onsite/js/ 0
18 KB 54ms
54ms Other
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/View.200420438b4c945b79d1.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signup_forms.85ba2c31fdab78c18876.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: IjTybX2vjUgggivnCCtROFwX40CFcaJP
content-encoding: gzip
etag: "ff80206431ffd9a81be72868c2994f1b"
age: 151871
x-cache: HIT
fastly-restarts: 1
x-amz-id-2: SBqewm7+dn2Aydz5TsjK6K6zw6Zld4bcK84+iS7GEcuLKIJGT/VJb18Lrh4audxPb0nudh2rV6c=
x-served-by: cache-hhn4081-HHN
accept-ranges: bytes
last-modified: Fri, 11 Jun 2021 22:30:46 GMT
server: AmazonS3
date: Sun, 13 Jun 2021 16:43:21 GMT
vary: Accept-Encoding
x-amz-request-id: 0H0DVEGQGH4CC1JA
via: 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
content-length: 18547
content-type: application/x-javascript
x-cache-hits: 76836

GET
H2 200 player.js Show response
f.vimeocdn.com/p/3.35.0/js/ Frame F19F 639 KB
150 KB 156ms
52ms Script
application/javascript 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/560970006?background=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9fc173973d99f7ac5f24258d865fa126515bf1894286d17d181d5db0e6ce2e01

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 318279
x-guploader-uploadid: ABg5-Uw0OjDLFXOT9BY17nOIMEopJUREH9YYpY7i-y6CKMAdVF27qgdgwdAZfLgyx4BMqhFrDalrTJ7yUxny3WBpcfXS0DB12A
x-cache: HIT, HIT
content-encoding: br
content-length: 153060
x-served-by: cache-bwi5182-BWI, cache-hhn4073-HHN
last-modified: Wed, 09 Jun 2021 19:46:52 GMT
server: UploadServer
x-timer: S1623602601.367476,VS0,VE0
etag: "3140ff13e4b8688df5257aad32f2882a"
vary: Accept-Encoding,x-http-method-override
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 1, 6705

GET
H2 200 player.css
f.vimeocdn.com/p/3.35.0/css/ Frame F19F 162 KB
17 KB 228ms
124ms Stylesheet
text/css 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.35.0/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/560970006?background=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e80a47825c8066d1b1be6d53baf316f0b9e0d1132dbd72566803fb44b9fbfcb7

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 334033
x-guploader-uploadid: ABg5-UysZt9P-qSMw49Hcj2FoTcwloMTaWBl4EDyb5UxaHIFeK7wzRErajqgXuj3PBsGYIf3XASY4ruWUon2iZ9HyHY
x-cache: MISS, HIT
content-encoding: br
content-length: 17626
x-served-by: cache-bwi5181-BWI, cache-hhn4073-HHN
last-modified: Wed, 09 Jun 2021 19:46:52 GMT
server: UploadServer
x-timer: S1623602601.367589,VS0,VE0
etag: "b974b623abae70900fe1bcd901815e61"
vary: Accept-Encoding,x-http-method-override
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 0, 375078

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame F19F 3 KB
2 KB 155ms
51ms Script
text/javascript 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/560970006?background=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
content-encoding: gzip
age: 456783
x-cache: HIT, HIT
x-cache-hits: 1, 303602
content-length: 1238
x-served-by: cache-bwi5131-BWI, cache-hhn4073-HHN
last-modified: Tue, 08 Jun 2021 09:00:41 GMT
server: Apache
cache-control: max-age=315360000
x-timer: S1623602601.367525,VS0,VE0
etag: "a68-5c43d64752040"
vary: Accept-Encoding,x-http-method-override
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
x-vimeo-dc: ge
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Jun 2031 09:50:18 GMT

GET
H2 200 player.js Show response
f.vimeocdn.com/p/3.35.0/js/ Frame 4781 639 KB
150 KB 207ms
124ms Script
application/javascript 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/560977357?background=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9fc173973d99f7ac5f24258d865fa126515bf1894286d17d181d5db0e6ce2e01

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 318279
x-guploader-uploadid: ABg5-Uw0OjDLFXOT9BY17nOIMEopJUREH9YYpY7i-y6CKMAdVF27qgdgwdAZfLgyx4BMqhFrDalrTJ7yUxny3WBpcfXS0DB12A
x-cache: HIT, HIT
content-encoding: br
content-length: 153060
x-served-by: cache-bwi5182-BWI, cache-hhn4073-HHN
last-modified: Wed, 09 Jun 2021 19:46:52 GMT
server: UploadServer
x-timer: S1623602601.367529,VS0,VE0
etag: "3140ff13e4b8688df5257aad32f2882a"
vary: Accept-Encoding,x-http-method-override
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 1, 6706

GET
H2 200 player.css
f.vimeocdn.com/p/3.35.0/css/ Frame 4781 162 KB
17 KB 206ms
124ms Stylesheet
text/css 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.35.0/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/560977357?background=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e80a47825c8066d1b1be6d53baf316f0b9e0d1132dbd72566803fb44b9fbfcb7

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 334033
x-guploader-uploadid: ABg5-UysZt9P-qSMw49Hcj2FoTcwloMTaWBl4EDyb5UxaHIFeK7wzRErajqgXuj3PBsGYIf3XASY4ruWUon2iZ9HyHY
x-cache: MISS, HIT
content-encoding: br
content-length: 17626
x-served-by: cache-bwi5181-BWI, cache-hhn4073-HHN
last-modified: Wed, 09 Jun 2021 19:46:52 GMT
server: UploadServer
x-timer: S1623602601.367545,VS0,VE0
etag: "b974b623abae70900fe1bcd901815e61"
vary: Accept-Encoding,x-http-method-override
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 0, 375078

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 4781 3 KB
1 KB 131ms
52ms Script
text/javascript 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/560977357?background=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
content-encoding: gzip
age: 456783
x-cache: HIT, HIT
x-cache-hits: 1, 303602
content-length: 1238
x-served-by: cache-bwi5131-BWI, cache-hhn4073-HHN
last-modified: Tue, 08 Jun 2021 09:00:41 GMT
server: Apache
cache-control: max-age=315360000
x-timer: S1623602601.367497,VS0,VE0
etag: "a68-5c43d64752040"
vary: Accept-Encoding,x-http-method-override
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
x-vimeo-dc: ge
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Jun 2031 09:50:18 GMT

OPTIONS
H2 200 produce
monorail-edge.shopifysvc.com/v1/ Frame 0
0 483ms
161ms Preflight 34.121.8.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Protocol

Server

34.121.8.176 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms
Origin: https://www.herocosmetics.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1

OPTIONS
H2 200 produce
monorail-edge.shopifysvc.com/v1/ Frame 0
0 483ms
161ms Preflight 34.121.8.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Protocol

Server

34.121.8.176 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms
Origin: https://www.herocosmetics.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1

GET
H2 200 shopify-boomerang-1.0.0.min.js Show response
cdn.shopify.com/shopifycloud/boomerang/ 58 KB
18 KB 14ms
13ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19160-FRA /

Resource Hash

bad553fcc71e4b5d3b1a4c415e71a7de21a655c0e7bc2192b17d5b77dcf66ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
edge-cache-tag: mime-application/javascript,source-GcsBackend,segment2-96,segment4-24675,revision-dcc7fde3526707fd0500f2cd27f250b40a46b3d2,cdn-shopify-com-shopifycloud-boomerang-shopify-boomerang-1-0-0-min-js
x-cache: HIT, HIT
content-length: 17273
x-xss-protection: 1; mode=block
x-request-id: 37e79155d1a29404a934aa6bffe5aa0cc4c2b89cf7ca66be279e611437fa1a7c
x-served-by: cache-lga21976-LGA, cache-fra19160-FRA
last-modified: Sat, 24 Apr 2021 16:29:36 GMT
server: cache-fra19160-FRA
x-timer: S1623602601.365292,VS0,VE0
date: Sun, 13 Jun 2021 16:43:21 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 11 May 2022 21:58:18 GMT
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-cache-hits: 2, 219055

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
479 B 492ms
158ms Ping
text/plain 34.121.8.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6e6a2d3280f1c9e9e47b42b423dce96b03790e02.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.121.8.176 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 9142b53a-68c5-42dd-af56-830d38d1316f

POST
H2 200 produce
monorail-edge.shopifysvc.com/v1/ 0
0 159ms
158ms Fetch 34.121.8.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.121.8.176 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
X-Monorail-Edge-Event-Created-At-Ms: 1623602601371
X-Monorail-Edge-Event-Sent-At-Ms: 1623602601372
X-Monorail-Edge-Client-Message-Id: 5636f582-bc61-459e-9357-7255a35b1d9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: d364b91a-511a-4a3d-916a-cf889985a7ce

POST
H2 200 produce
monorail-edge.shopifysvc.com/v1/ 0
0 159ms
159ms Fetch 34.121.8.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.121.8.176 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
X-Monorail-Edge-Event-Created-At-Ms: 1623602601373
X-Monorail-Edge-Event-Sent-At-Ms: 1623602601373
X-Monorail-Edge-Client-Message-Id: d29a07f3-03e0-4ff0-babc-1eb9b6cc9b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 44bf8ec8-d487-4ef3-a5b2-425935efe5d9

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
478 B 472ms
159ms Ping
text/plain 34.121.8.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6e6a2d3280f1c9e9e47b42b423dce96b03790e02.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.121.8.176 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 457bc7a2-8ef9-4289-8d80-40e44d581aa0

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v4/LGmb7q/ 27 KB
4 KB 148ms
46ms XHR
application/json 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v4/LGmb7q/full-forms
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d45d13d33ab367f9e838af93e21373dce68b4812aae430d6f6beecd6e59a7cb3

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
content-encoding: gzip
age: 3577
via: 1.1 varnish
x-cache: HIT
client-geo-continent: EU
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/LGmb7q custom-fonts/LGmb7q
content-length: 3259
x-amz-id-2: pal9/xjqG2QGOCyBhGheYcSRQ2/XmLnCkITf0NosjJs6I+gbIeNczi4N6LfCXwnLFGdiJk3hhAg=
x-served-by: cache-hhn4070-HHN
client-geo-country: PL
last-modified: Sun, 13 Jun 2021 15:43:32 GMT
server: AmazonS3
x-timer: S1623602602.503062,VS0,VE1
etag: "b2512223306505ac95b233ae2737df64"
vary: Accept-Encoding
x-amz-request-id: DJKSM1G5SGRTBFW5
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
content-type: application/json
x-cache-hits: 1

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 142ms
142ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.herocosmetics.us/
Bugsnag-Sent-At: 2021-06-13T16:43:21.386Z
Bugsnag-Api-Key: 8c99c9a3050de729b74948931f71f72e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 google
bugsnag-session-uuid: bbe6bf1b-3beb-4fe9-b8b1-3165c6eed23f
alt-svc: clear
content-length: 21
content-type: application/json

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 163ms
145ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://www.herocosmetics.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Sun, 13 Jun 2021 16:43:21 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
478 B 454ms
158ms Ping
text/plain 34.121.8.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6e6a2d3280f1c9e9e47b42b423dce96b03790e02.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.121.8.176 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 214a9b04-4788-49a8-8de7-ae4d51e583c6

GET
H2 200 dlg5qkv.css
use.typekit.net/ 6 KB
1 KB 104ms
89ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/dlg5qkv.css

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

ce1b5051064a612fd3eb2324f0e0cc8bd2e769e17a864a8b5c4361cfa17577ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Sun, 13 Jun 2021 16:43:21 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 910

GET
H2 200 redemption_options Show response
app.swellrewards.com/api/v2/ 789 B
915 B 587ms
280ms XHR
application/json 3.222.129.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.swellrewards.com/api/v2/redemption_options?guid=A19H8vTS9KoU0V2U-uthxg&api_key=4QPV4PDV540793TlWEIItQtt

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.222.129.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

d6ee2a4d36c2d690b45d391edbc231d50aa0f653e5c8fc701bacb38ceea75235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
via: kong/2.1.4
x-content-type-options: nosniff
x-ratelimit-limit-second: 10000
ratelimit-reset: 1
x-ratelimit-remaining-second: 9999
x-kong-proxy-latency: 2
x-kong-upstream-latency: 137
l5d-success-class: 1.0
ratelimit-limit: 10000
content-encoding: gzip
vary: Origin
content-length: 289
x-xss-protection: 1; mode=block
x-request-id: 572ddd76-59b7-4845-b331-1880960fe9fc
x-runtime: 0.116585
server: nginx
x-frame-options: ALLOWALL
etag: W/"d6ee2a4d36c2d690b45d391edbc231d5"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, DESTROY, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
ratelimit-remaining: 9999

POST
H/1.1 403
Forbidden / Show response
o120794.ingest.sentry.io/api/5466470/store/ 56 B
472 B 653ms
155ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o120794.ingest.sentry.io/api/5466470/store/?sentry_key=44e18bf799be4e9eba9e25424641c4ed&sentry_version=7

Requested by

Host: shopify-gtm-suite.getelevar.com
URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/sentry.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 13 Jun 2021 16:43:22 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://www.herocosmetics.us
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 56

POST
H/1.1 403
Forbidden / Show response
o120794.ingest.sentry.io/api/5466470/store/ 56 B
472 B 804ms
154ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o120794.ingest.sentry.io/api/5466470/store/?sentry_key=44e18bf799be4e9eba9e25424641c4ed&sentry_version=7

Requested by

Host: shopify-gtm-suite.getelevar.com
URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/sentry.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 13 Jun 2021 16:43:22 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://www.herocosmetics.us
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 56

GET
H2 200 /
images.accentuate.io/ 7 KB
3 KB 74ms
73ms Image
image/svg+xml 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F4347370569770%2F1611630320104%2FFSA-badge.svg%3Fv%3D0&c_options=w_96,h_96

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300807a8632339de01c7fada5c4bc8a458fcf2bba7861d74ca889ee8446e5ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 338706
cf-ray: 65ecc7036c271e47-FRA
content-disposition: attachment; filename="FSA-badge.svg"
server-timing: fastly;dur=1;start=2021-05-26T14:31:19.738Z;desc=hit,rtt;dur=85
vary: Accept-Encoding
content-length: 2465
cf-request-id: 0aa7dab62500001e47d68b0000000001
last-modified: Tue, 26 Jan 2021 03:05:47 GMT
server: cloudflare
etag: W/"3ce52fcea30e91fbcedf6161bea20fd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4sFFiXaIQKpJms63INv8ff7TY2DvyMlppm%2BqOzRPCx3m8at%2BTStlOVl3dhQ9pJltA%2BflN7xS4OKJGOQQVWO74EhVLDXzAwAvTsKgwwLxBKT8s2qvMMJ4P%2B5P1w7r05FBRNpkz9yhBGFpO65IHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 40 KB
41 KB 35ms
35ms Image
image/jpeg 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F4347370569770%2F1611616180146%2Fmpb_thumbnail_hover.jpg%3Fv%3D0&c_options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

167579ea740d12d9ee3211651c7cdf359b5c4fbc99031fba50eee133aa48878c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 268721
cf-ray: 65ecc7036c2a1e47-FRA
server-timing: fastly;dur=1;cpu=0;start=2021-05-27T09:16:03.543Z;desc=hit,rtt;dur=89
vary: Accept-Encoding
content-length: 41361
cf-request-id: 0aa7dab62600001e47e28d2000000001
last-modified: Mon, 25 Jan 2021 23:13:08 GMT
server: cloudflare
etag: "feba263fda0d76f768f79bcad4382a60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WHyfUBrv%2BXDlzhXqM80a70V4C6gIpHkWGzNKk0L9T9tjDmNpkkTvq7TSMzCyQtRTSfWagDGZGUyJIJ%2FTsqBnKAcnHzZOw1yT9sXbfBIls5RrDmoO8Vkau6HjcrleODKGZd6a27u9zrtj6cMxhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 119 KB
46 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D939QWJC76&l=dataLayer&cx=c

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29613c11dae0153326476fbcbb8801692bf38bef21aad3e2f5247711b39c910c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46881
x-xss-protection: 0
expires: Sun, 13 Jun 2021 16:43:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 39ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6284
date: Sun, 13 Jun 2021 14:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 13 Jun 2021 16:58:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
25 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24515
x-fb-rlafr: 0
pragma: public
x-fb-debug: k9D/8dkARM/JEmWIq+V/Vbf6+PMWnss6g6yD87tYe48TPci1m/Nomtk0pjSY8VxN4IbuqRxfFPM/nJdvk7mJeA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 13 Jun 2021 16:43:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn4.mxpnl.com/libs/ 75 KB
25 KB 151ms
50ms Script
text/javascript 35.186.235.23
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.235.23 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 23.235.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:33:30 GMT
content-encoding: gzip
age: 591
x-guploader-uploadid: ABg5-UwMbIxW2G6U9Zh1M3I2-N9e5l0kgE2N0tNrs-K4PvOo2aGiO174Rtt1mkKmDs3Y42McT8UmIF1Jw0fNTiSE5Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 25572
last-modified: Thu, 28 Jan 2021 18:21:54 GMT
server: UploadServer
etag: "765779983eed1c9fc2821b4507eea08b"
vary: Accept-Encoding
x-goog-hash: crc32c=kP//+g==, md5=dld5mD7tHJ/CghtFB+6giw==
x-goog-generation: 1611858114590219
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 25572
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 13 Jun 2021 16:43:30 GMT

GET
H2 200 hotjar-1133465.js Show response
static.hotjar.com/c/ 4 KB
2 KB 212ms
105ms Script
application/javascript 99.86.241.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1133465.js?sv=7

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.241.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-241-30.vie50.r.cloudfront.net

Software

Resource Hash

89a5f38aec15e6dd7c5ba9e603b39373595e53181a725cabf150fd38c1043e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
etag: W/f8c3bbe80406d0a0c20ddfd70bfb47ea
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1905
via: 1.1 108e63109879954f4e720db50559f788.cloudfront.net (CloudFront)
x-amz-cf-id: dh6P3SbkvIkVZKAQ0WI98yIwsZzu69TxmTVJJL7juSSjtTRy_VLeAw==

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 19 KB
7 KB 51ms
51ms Script
application/javascript 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0560eade6d8b6096f5313d589464069f72aa2b7eb92ae5c017d479959cba21c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: 0
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 832
X-Cache: HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection: keep-alive
X-VServer: infra-playproxy-a-3
Content-Length: 5935
X-Xss-Protection: 1; mode=block
X-Served-By: cache-fra19182-FRA
X-Player-Backend: p
Expires: Sun, 13 Jun 2021 16:59:29 GMT
Server: nginx
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer: S1623602602.571002,VS0,VE0
Date: Sun, 13 Jun 2021 16:43:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Via: 1.1 varnish, 1.1 varnish
Vary: Accept-Encoding
X-Vimeo-DC: ge
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache-Hits: 583

GET
H2 200 main.c6ca189a.js Show response
s.pinimg.com/ct/lib/ 50 KB
17 KB 114ms
114ms Script
application/javascript 2a02:26f0:6c00:28c::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.c6ca189a.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e68c7f596671913cde21ea0a5c4367b743a79422d87b0659e22f00673c5aeb8

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "6ed3b8d9c0f104e8bf55431013d34078"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 152085f3-2.16.186.204
accept-ranges: bytes
content-length: 17534
access-control-expose-headers: X-CDN

POST
H2 204 metric Show response
telemetrics.klaviyo.com/v1/ 0
332 B 409ms
294ms XHR
text/plain 99.86.241.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://telemetrics.klaviyo.com/v1/metric
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-20.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amzn-requestid: 6dae244f-abd8-47b2-abac-6090a0699e16
x-cache: Miss from cloudfront
access-control-allow-origin: *
x-amzn-trace-id: Root=1-60c635a9-174defb94c1eae922f95f9d8;Sampled=0
x-amz-apigw-id: A31SjHH4oAMFp6Q=
x-amz-cf-id: lVeEvyXBu2WJHueGDQAmfqk1dAIbP8I2pxnyyfHqhuqTNXkWKG-G-w==

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame F19F 0
790 B 275ms
173ms Ping
text/plain 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=d30f6d09107276f5e0b10a1f766457f1923d6c071623602600

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Served-By: cache-bwi5155-BWI, cache-hhn4077-HHN
X-Vimeo-DC: ge
Server: nginx
X-Timer: S1623602602.735013,VS0,VE117
X-Frame-Options: sameorigin
Date: Sun, 13 Jun 2021 16:43:21 GMT
Vary: User-Agent
Expires: Sun, 13 Jun 2021 04:43:21 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server: pweb-v11240-tqznh
X-UA-Compatible: IE=edge
Accept-Ranges: bytes
X-Cache-Hits: 0, 0

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 21ms
6ms Stylesheet
text/css 2a02:26f0:6c00:28d::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=dlg5qkv&ht=tk&f=10881.10882.10884.10885.15586.15587.32874.32875&a=5660581&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/dlg5qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

POST
H2 200 player-test-impression
fresnel.vimeocdn.com/add/ Frame F19F 0
110 B 249ms
147ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 1159559236
i.vimeocdn.com/video/ Frame F19F 15 KB
15 KB 52ms
51ms Image
image/avif 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1159559236?mw=800&mh=533
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/560970006?background=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 99c125f0881ef3bcc179f9b6424b78a2b2af67185056dc0fae650ef660769798

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 255405
x-viewmaster-lossless-format: false
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 15260
viewmaster-server: viewmaster-us-central1-p0xb
x-served-by: cache-dfw18623-DFW, cache-hhn4073-HHN
x-timer: S1623602602.725948,VS0,VE1
etag: e1e8372f1eb6fa2dea42c0c94a09527a
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame F19F 0
40 B 241ms
148ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d30f6d09107276f5e0b10a1f766457f1923d6c071623602600
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 19 KB
7 KB 56ms
56ms Script
application/javascript 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0560eade6d8b6096f5313d589464069f72aa2b7eb92ae5c017d479959cba21c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: 0
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 832
X-Cache: HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection: keep-alive
X-VServer: infra-playproxy-a-3
Content-Length: 5935
X-Xss-Protection: 1; mode=block
X-Served-By: cache-fra19182-FRA
X-Player-Backend: p
Expires: Sun, 13 Jun 2021 16:59:29 GMT
Server: nginx
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer: S1623602602.735197,VS0,VE0
Date: Sun, 13 Jun 2021 16:43:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Via: 1.1 varnish, 1.1 varnish
Vary: Accept-Encoding
X-Vimeo-DC: ge
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache-Hits: 584

POST
H2 200 player-test-impression
fresnel.vimeocdn.com/add/ Frame 4781 0
40 B 203ms
173ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 1159574749
i.vimeocdn.com/video/ Frame 4781 39 KB
39 KB 53ms
52ms Image
image/avif 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1159574749
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/560977357?background=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bd43ab48e1c9e45a02cf6d15ee14e786d6d53fcab16cc68ebbb55528464b981e

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 255404
x-viewmaster-lossless-format: false
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 39532
viewmaster-server: viewmaster-us-central1-w1jk
x-served-by: cache-dfw18632-DFW, cache-hhn4073-HHN
x-timer: S1623602602.793103,VS0,VE1
etag: 79e31ed9bf85ca615bdbe280d4ef3c98
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 4781 0
40 B 202ms
174ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d34b6c58f00de160ecb08c2883bdf18087996a611623602600
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame F19F 0
40 B 174ms
173ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d30f6d09107276f5e0b10a1f766457f1923d6c071623602600
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H2 200 play
player-telemetry.vimeo.com/player-events/log/ Frame F19F 0
60 B 175ms
173ms Ping
text/html 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/play
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK master.json Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb10... Frame F19F 17 KB
18 KB 41ms
13ms XHR
application/json 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb101943/sep/video/4ac8f5a6,550c2c51,b4e026b2,5ec92765,67c47c1b,06659a05,2a6afd3d/audio/b91c53fa,ff2918db/master.json?query_string_ranges=1&base64_init=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cf760c8e8873e89f3a0420b0ef4f92a2b1f091373940ce80546c3ae7aea177d6

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

AK-REFERENCE-ID: 0.5ba1002.1623602601.91983d9
Date: Sun, 13 Jun 2021 16:43:21 GMT
X-VIM-CACHEBC: EP:H11,E:h
Connection: keep-alive
Content-Type: application/json
Access-Control-Allow-Origin: *
Origin-Retrieved-Hour: 1623261600
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=2250975
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Timing-Allow-Origin: *
Akamai-Mon-Iucid-Del: 877678
Aka-c-hit: cache-hit
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Content-Length: 17741

GET
H3-29 200 173724809895244 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 79ms
68ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/173724809895244?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

84bcb240059d02bd10ea054d2bd07d4f6ab712f6513bdb13a01f37347c376edd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Ly8/R6x5TYqE9OiBUP4Dt47kgPfhjwhkfEyYTOKJXDT6o1R9JR1sn9jUXaLIhipUuUW6ksBzNTEzQpe4zzyU/A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 13 Jun 2021 16:43:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 4781 0
40 B 248ms
247ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d34b6c58f00de160ecb08c2883bdf18087996a611623602600
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H2 200 play
player-telemetry.vimeo.com/player-events/log/ Frame 4781 0
41 B 248ms
243ms Ping
text/html 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/play
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK master.json Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2F640c1f46-e20e-46d3-ad67-8d1a48f5cd23%2F%2A~hmac=7879caa6c33c5cf3ab938639f2aa5850e8125f3bcd79a11b61a60d909b4cca19/640c1f46-e20e-46d3-ad67-8d1a48f5... Frame 4781 16 KB
16 KB 35ms
20ms XHR
application/json 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2F640c1f46-e20e-46d3-ad67-8d1a48f5cd23%2F%2A~hmac=7879caa6c33c5cf3ab938639f2aa5850e8125f3bcd79a11b61a60d909b4cca19/640c1f46-e20e-46d3-ad67-8d1a48f5cd23/sep/video/52ee939c,fd258781,082ffbc8,cea6ea73,713b176a,a58faa89/audio/37d643f5,69ab5b4c/master.json?query_string_ranges=1&base64_init=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ce3949c6a175e5cc3545de5dccf97191e406479f34866e74b63ad5453fc01335

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

AK-REFERENCE-ID: 0.5ba1002.1623602601.91983ed
Date: Sun, 13 Jun 2021 16:43:21 GMT
X-VIM-CACHEBC: EP:H11,E:m,PE:h
Connection: keep-alive
Content-Type: application/json
Access-Control-Allow-Origin: *
Origin-Retrieved-Hour: 1623452400
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=2444293
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Timing-Allow-Origin: *
Akamai-Mon-Iucid-Del: 877678
Aka-c-hit: cache-hit
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Content-Length: 16126

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=742210535&t=pageview&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2142327364&gjid=200887217&cid=544980191.1623602602&tid=UA-102753205-1&_gid=2144995835.1623602602&_r=1&gtm=2yg690N73MWQN&z=1002034478

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herocosmetics.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 226ms
224ms Script
application/javascript 2.16.186.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2R434VBHJVP7P6R4110&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id: f7da9ef0.395e49da
date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-88-70-188.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-220.deploy.akamaitechnologies.com (AkamaiGHost/10.4.2-33748240) (-)
x-parent-response-time: 158,2.16.186.220
server-timing: cdn-cache; desc=MISS, edge; dur=153, origin; dur=5, inner; dur=0
pragma: no-cache
server: nginx
x-tt-logid: 202106131643210102360430825E077ED7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,104.88.70.188
x-tt-trace-host: 015ca1ac3ac3fd8ac083d385f8ca36f0c2c055852721cd6aa3248c6ca8eda2ee157d3fbf9d257a48dda803f770acf9b8e9699472d20025e2a45a42cf05b088cf7031d31bfbaca77b5526e2cd52da0d02a5e53d7556579888851e863116ac5e538aa6d6aeb89fe770a005f6734f7614ed43
expires: Sun, 13 Jun 2021 16:43:22 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 219ms
219ms Script
application/javascript 2.16.186.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C2R434VBHJVP7P6R4110&hostname=www.herocosmetics.us
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2R434VBHJVP7P6R4110&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a6af30707ccaee17998fe603cd9f56a88c9c579f7d84915ce5303dbb77f3f118

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id: f7d94502.395e4a12
date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-88-70-188.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-220.deploy.akamaitechnologies.com (AkamaiGHost/10.4.2-33748240) (-)
x-parent-response-time: 158,2.16.186.220
server-timing: cdn-cache; desc=MISS, edge; dur=152, origin; dur=6, inner; dur=0
content-length: 1671
pragma: no-cache
server: nginx
x-tt-logid: 202106131643210102360171345F0AD002
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,104.88.70.188
x-tt-trace-host: 015ca1ac3ac3fd8ac083d385f8ca36f0c2c055852721cd6aa3248c6ca8eda2ee157d3fbf9d257a48dda803f770acf9b8e9699472d20025e2a45a42cf05b088cf7026bb81b3e77cf2295de30fc3606ac1ad3f0315de0e66f0300821d3cb576f67694b51db2ab9129e3feeedf7c7655a4058
expires: Sun, 13 Jun 2021 16:43:22 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-D939QWJC76&gtm=2oe690&_p=742210535&sr=1600x1200&ul=en-us&cid=544980191.1623602602&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sid=1623602601&sct=1&seg=0&en=page_view&_fv=1&_ss=1&up.visitor_type=guest
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D939QWJC76&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herocosmetics.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 26ms
25ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-D939QWJC76&cv=1&v=3&t=t&pid=483472659&rv=690&es=1&e=gtm.init_consent&eid=10&ut=C&tc=13&z=0

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:21 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 26ms
25ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-D939QWJC76&cv=1&v=3&t=t&pid=483472659&rv=690&es=1&e=gtm.init&eid=11&ut=C&tc=13&z=0

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:21 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame F19F 0
40 B 152ms
152ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d30f6d09107276f5e0b10a1f766457f1923d6c071623602600
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Jun 2021 16:43:21 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK b91c53fa.mp4 Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb10... Frame F19F 48 KB
49 KB 13ms
12ms XHR
video/mp4 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb101943/parcel/audio/b91c53fa.mp4?range=903-50439
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 1058c844c99e190859f5a1185f5e8ae3ba60a41700b2e17ba5cbeff443749598

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:21 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:h
Origin-Retrieved-Hour: 1623261600
Connection: keep-alive
Content-Length: 49537
AK-REFERENCE-ID: 0.5ba1002.1623602601.9198400
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Wed, 09 Jun 2021 17:15:18 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=2250970
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Fri, 09 Jul 2021 17:59:31 GMT

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 4781 0
40 B 154ms
154ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d34b6c58f00de160ecb08c2883bdf18087996a611623602600
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Jun 2021 16:43:22 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK 37d643f5.mp4 Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2F640c1f46-e20e-46d3-ad67-8d1a48f5cd23%2F%2A~hmac=7879caa6c33c5cf3ab938639f2aa5850e8125f3bcd79a11b61a60d909b4cca19/640c1f46-e20e-46d3-ad67-8d1a48f5... Frame 4781 48 KB
49 KB 16ms
15ms XHR
video/mp4 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2F640c1f46-e20e-46d3-ad67-8d1a48f5cd23%2F%2A~hmac=7879caa6c33c5cf3ab938639f2aa5850e8125f3bcd79a11b61a60d909b4cca19/640c1f46-e20e-46d3-ad67-8d1a48f5cd23/parcel/audio/37d643f5.mp4?range=903-50439
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 1058c844c99e190859f5a1185f5e8ae3ba60a41700b2e17ba5cbeff443749598

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:21 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:h
Origin-Retrieved-Hour: 1623261600
Connection: keep-alive
Content-Length: 49537
AK-REFERENCE-ID: 0.5ba1002.1623602601.91983ea
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Wed, 09 Jun 2021 17:33:17 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=2251150
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Fri, 09 Jul 2021 18:02:31 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
437 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-102753205-1&cid=544980191.1623602602&jid=2142327364&gjid=200887217&_gid=2144995835.1623602602&_u=YEBAAEAAAAAAAC~&z=466537439

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 13 Jun 2021 16:43:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.herocosmetics.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 336 B
751 B 180ms
74ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613867077094&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1623602601934

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

a1a4e6b45c894bfe857fa7018facf81aa4316fcfeeb768bdbf3a4eb5cf69e6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
access-control-allow-origin: https://www.herocosmetics.us
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1310651128776747
pin-unauth: dWlkPU1UY3hZelpqWldRdFpUYzBaUzAwTXpWa0xXSXpZek10T1RRNFptSTBPV1ZqTlRJeg
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 300
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
301 B 183ms
79ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613867077094&pd=%7B%22np%22%3A%22shopify%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.herocosmetics.us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c6ca189a%22%2C%22floc_enabled%22%3Afalse%2C%22ecm_enabled%22%3Afalse%7D&cb=1623602601936

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:22 GMT
referrer-policy: origin
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 3473242951664838
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
543 B 179ms
75ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%7D&tid=2613867077094&pd=%7B%22np%22%3A%22shopify%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.herocosmetics.us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c6ca189a%22%2C%22floc_enabled%22%3Afalse%2C%22ecm_enabled%22%3Afalse%7D&cb=1623602601936

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:22 GMT
referrer-policy: origin
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1029563629462222
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
349 B 170ms
71ms XHR
application/json 130.211.34.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?ip=1&_=1623602601957

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

130.211.34.183 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

183.34.211.130.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Sun, 13 Jun 2021 16:43:22 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.herocosmetics.us
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 18
alt-svc: clear
content-length: 1

GET
H2 200 modules.12f7375208c548a9407a.js Show response
script.hotjar.com/ 219 KB
58 KB 169ms
60ms Script
application/javascript 13.32.2.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.12f7375208c548a9407a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1133465.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.2.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-2-16.vie50.r.cloudfront.net

Software

Resource Hash

56cbbea804457ac4fb51feed9a257425f80de37b59c9e11999e535ad71b5b93b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 08:20:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 289397
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 58989
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 08:19:21 GMT
etag: "db53be7d871751d933c8621fa2536395"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: c0B8pckL0GcMy16pUh4AngBj6ZjtwzMQsG8ZqP3a9IsoJX0cgcENrw==

GET
H/1.1 200
OK 5ec92765.mp4 Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb10... Frame F19F 248 KB
249 KB 30ms
30ms XHR
video/mp4 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb101943/parcel/video/5ec92765.mp4?range=901-254865
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: a387670fdd0f1b27de3fef6dba6dffcb7ec1a828d50457b9cd01189c6fb77e49

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:22 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,PE:h
Origin-Retrieved-Hour: 1623258000
Connection: keep-alive
Content-Length: 253965
AK-REFERENCE-ID: 0.5ba1002.1623602602.9198464
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Wed, 09 Jun 2021 17:16:58 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=2249574
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Fri, 09 Jul 2021 17:36:16 GMT

GET
H/1.1 200
OK fd258781.mp4 Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2F640c1f46-e20e-46d3-ad67-8d1a48f5cd23%2F%2A~hmac=7879caa6c33c5cf3ab938639f2aa5850e8125f3bcd79a11b61a60d909b4cca19/640c1f46-e20e-46d3-ad67-8d1a48f5... Frame 4781 220 KB
221 KB 17ms
17ms XHR
video/mp4 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2F640c1f46-e20e-46d3-ad67-8d1a48f5cd23%2F%2A~hmac=7879caa6c33c5cf3ab938639f2aa5850e8125f3bcd79a11b61a60d909b4cca19/640c1f46-e20e-46d3-ad67-8d1a48f5cd23/parcel/video/fd258781.mp4?range=901-226162
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: b841b5b447408664e16172289e68e3b3af3bd554a7b85fb1886e01b63fa97569

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:21 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:h
Origin-Retrieved-Hour: 1623258000
Connection: keep-alive
Content-Length: 225262
AK-REFERENCE-ID: 0.5ba1002.1623602601.919845b
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Wed, 09 Jun 2021 17:34:00 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=2249358
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Fri, 09 Jul 2021 17:32:39 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 31ms
30ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-102753205-1&cid=544980191.1623602602&jid=2142327364&_u=YEBAAEAAAAAAAC~&z=757943930

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 53ms
32ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-102753205-1&cid=544980191.1623602602&jid=2142327364&_u=YEBAAEAAAAAAAC~&z=757943930

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=173724809895244&ev=PageView&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&rl=&if=false&ts=1623602602009&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1623602602003.1322824832&it=1623602601811&coo=false&rqm=GET

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 13 Jun 2021 16:43:22 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 8509 2 KB
1 KB 159ms
51ms Document
text/html 13.32.2.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1133465.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-38.vie50.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.herocosmetics.us/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.herocosmetics.us/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 03 Jun 2021 10:15:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 03 Jun 2021 10:14:54 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e544866f1454c4458d3a6644b47d065f.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: l91Bk6RpgghET7R0ygZ7z8iXpZH_SXDz6ooR_7-kaRCPvnqLmhJzOQ==
age: 887297

GET
H/1.1 200
OK ff2918db.mp4 Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb10... Frame F19F 72 KB
73 KB 24ms
23ms XHR
video/mp4 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb101943/parcel/audio/ff2918db.mp4?range=903-74380
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: ad0c7ec3be4d30795b55ce912aaebdd25c757d94581ea914c8d44c0c53577e23

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:22 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,PE:h
Origin-Retrieved-Hour: 1623258000
Connection: keep-alive
Content-Length: 73478
AK-REFERENCE-ID: 0.5ba1002.1623602602.91984af
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Wed, 09 Jun 2021 17:15:19 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=2248369
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Fri, 09 Jul 2021 17:16:11 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=742210535&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Play&el=FS%20DUO%20FINAL%206x7_2%20%7C%20https%3A%2F%2Fwww.herocosmetics.us%2F&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=544980191.1623602602&tid=UA-102753205-1&_gid=2144995835.1623602602&gtm=2yg690N73MWQN&z=1909445827

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 13:37:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11138
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 4781 0
40 B 151ms
151ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d34b6c58f00de160ecb08c2883bdf18087996a611623602600
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Jun 2021 16:43:22 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
242 B 174ms
73ms XHR
text/plain 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:22 GMT
referrer-policy: origin
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1168816706765901
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK segment-1.m4s Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb10... Frame F19F 2 MB
2 MB 20ms
20ms XHR
video/mp4 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb101943/sep/video/4ac8f5a6/chop/segment-1.m4s
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b547be2f9bef4e3251eefeae0b039f9a20a9a452f05595e76be4e1b22eda7cc9

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:22 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:h
Using-Starlord: true
Origin-Retrieved-Hour: 1623258000
Connection: keep-alive
Content-Length: 1670309
AK-REFERENCE-ID: 0.5ba1002.1623602602.9198511
Akamai-Mon-Iucid-Del: 877678
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=2248663
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
734 B 246ms
246ms Ping
application/octet-stream 2.16.186.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2R434VBHJVP7P6R4110&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1fc03a64.395e4c39
date: Sun, 13 Jun 2021 16:43:22 GMT
x-cache-remote: TCP_MISS from a23-44-10-150.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
upstream-caught: 1623602602296271
x-cache: TCP_MISS from a2-16-186-220.deploy.akamaitechnologies.com (AkamaiGHost/10.4.2-33748240) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 187,2.16.186.220
server-timing: cdn-cache; desc=MISS, edge; dur=139, origin; dur=48, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202106131643220102360401585109591C
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 48,23.44.10.150
x-tt-trace-host: 015ca1ac3ac3fd8ac083d385f8ca36f0c2989ff2e60d6c444332a7dc49e7745fcdcde1f90c1f7e426275c3703ffd59ff812ab50051a3949150b0f0446b884975e0e35395bf8e3788ec9e55652b06e21c726007ed1b5ac455a0a58c117663b82f227140a866137b6b3bf964169ab32254be
expires: Sun, 13 Jun 2021 16:43:22 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
733 B 239ms
239ms Ping
application/octet-stream 2.16.186.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2R434VBHJVP7P6R4110&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1b49ae82.395e4c3a
date: Sun, 13 Jun 2021 16:43:22 GMT
x-cache-remote: TCP_MISS from a23-44-10-191.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
upstream-caught: 1623602602289056
x-cache: TCP_MISS from a2-16-186-220.deploy.akamaitechnologies.com (AkamaiGHost/10.4.2-33748240) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 179,2.16.186.220
server-timing: cdn-cache; desc=MISS, edge; dur=138, origin; dur=41, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20210613164322010236041097040D339D
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 41,23.44.10.191
x-tt-trace-host: 015ca1ac3ac3fd8ac083d385f8ca36f0c2989ff2e60d6c444332a7dc49e7745fcd07216d6bb89ac005bffd7bd0932ab03d03aa69affb43d938d51e55a20a254dfeedb54d6ded58d42a32e39c6ed0b362f7091d12c73dcd8a75aa6926797c7992ef703a507f6961b342adad6e2848ccded0
expires: Sun, 13 Jun 2021 16:43:22 GMT

GET
H2 200 widget.js Show response
staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/ 402 KB
111 KB 36ms
11ms Script
text/javascript 2a02:26f0:1700:188::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.js?shop=tbate.myshopify.com

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:188::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

0fd4b77e23ccb3041cd03377aaa0738dd2824c6cf05d2a3784f7b410b9a9c40d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=4
vary: Accept-Encoding
content-length: 112740
x-xss-protection: 1; mode=block
x-request-id: c3130f84-5921-461e-bc8a-92c4123e14d7
x-runtime: 0.019384
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"9325af9f08929e8880823ec418d040d1"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1527
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 get-loader.js Show response
loader.wisepops.com/ 54 KB
16 KB 69ms
46ms Script
text/javascript 2606:4700:20::ac43:4adc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loader.wisepops.com/get-loader.js?v=1&site=AgZWxvaJBc&shop=tbate.myshopify.com
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef6515b33069e8a1be6e8527cd2e28d6b98098e77c6fcabc674f1d418c517db0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iSkCErLTphqUYJUdA5KAO8bEmyzGg5wK%2FPljvaoofG4yOH9t0l%2FmoJZ%2BwL5vkBWQdFSS4iKNSw5eeYGq01pqdEB6haUL1RNYIfWRFosslBBrdvkpjQp2H3V2FSvHt4ZHdZ%2FN2ni9s1xKzLSJ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
x-cloud-trace-context: e92f67a1d2a461075127311811cdae65
cache-control: public, max-age=3600
cf-ray: 65ecc7080c37dfff-FRA
cf-request-id: 0aa7dab9000000dfffd5af0000000001

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1 KB 55ms
53ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q&shop=tbate.myshopify.com
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2b48bf931c510d8ee26e65fe1f112b2a42b2d48f228871f13fe9d9e7dc49e3e3

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: gzip
age: 151876
x-cache: HIT, HIT
access-control-max-age: 86400
content-length: 860
x-served-by: cache-lga21939-LGA, cache-hhn4081-HHN
access-control-allow-origin: *
allow: GET, OPTIONS
server: nginx
x-timer: S1623602602.244885,VS0,VE1
etag: W/"ef12c40872ccb39fa3908e4213a63064"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 2, 1

GET
H2 404 postscript-sdk.js
cdn.shopify.com/s/files/1/2181/4481/t/9/assets/ 0
0 99ms
97ms Script
text/html 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shopify.com/s/files/1/2181/4481/t/9/assets/postscript-sdk.js?v=1592236871&shopId=3581&shop=tbate.myshopify.com
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 A19H8vTS9KoU0V2U-uthxg.js Show response
cdn-loyalty.yotpo.com/loader/ 76 KB
10 KB 45ms
7ms Script
text/javascript 2a02:26f0:1700:188::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-loyalty.yotpo.com/loader/A19H8vTS9KoU0V2U-uthxg.js?shop=tbate.myshopify.com

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:188::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4a9669e643e95b206640b99db7b10adbac879a64358bbdcbcc8651b9d72431ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ratelimit-reset: 1
content-encoding: gzip
x-content-type-options: nosniff
x-ratelimit-limit-second: 10000
x-kong-proxy-latency: 7
x-ratelimit-remaining-second: 9999
x-kong-upstream-latency: 151
l5d-success-class: 1.0
ratelimit-remaining: 9999
ratelimit-limit: 10000
vary: Accept-Encoding
content-length: 9557
x-xss-protection: 1; mode=block
x-request-id: 7dc4f732-3ee3-410c-8504-c33acc492ffd
x-runtime: 0.143768
server: nginx
x-frame-options: ALLOWALL
date: Sun, 13 Jun 2021 16:43:22 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=0
access-control-allow-credentials: false
etag: W/"f9117c8f6b76a5cd3a7b2620c6ad1ff4"
access-control-allow-headers: *

GET
H2 200 tracking_script Show response
bingshoppingtool-t2app-prod.trafficmanager.net/uet/ 0
203 B 624ms
198ms Script
application/x-javascript 168.61.66.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bingshoppingtool-t2app-prod.trafficmanager.net/uet/tracking_script?shop=tbate.myshopify.com

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.61.66.40 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Frame-Options	deny

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: deny
content-type: application/x-javascript
cache-control: private
date: Sun, 13 Jun 2021 16:43:21 GMT
content-length: 0

GET
H2

200

script-5b12bcca2d4f195a2c3d.js Show response
d2wa25pztvmofr.cloudfront.net/static/
Redirect Chain

https://d2wa25pztvmofr.cloudfront.net/script.js?shop=tbate.myshopify.com
https://d2wa25pztvmofr.cloudfront.net/static/script-5b12bcca2d4f195a2c3d.js

6 KB
3 KB

20ms
20ms

Script
application/javascript

2600:9000:211a:fa00:13:ebea:dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wa25pztvmofr.cloudfront.net/static/script-5b12bcca2d4f195a2c3d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:fa00:13:ebea:dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f36d6ddaa45a751840d916f44c206af6f4509a83bdf5983596fb8b306c86ac80

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:44:24 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 13:06:48 GMT
server: nginx
age: 3538
etag: W/"60bf6b68-1616"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: JH80pib_fIijWXe3VxU-1wLdfIIjnbXkT3KvQnhXQtmPCS0YNzUXAQ==
via: 1.1 vegur, 1.1 95c9d51ed7176777d7ac8ca8cb233697.cloudfront.net (CloudFront)

Redirect headers

date: Sun, 13 Jun 2021 14:24:38 GMT
via: 1.1 vegur, 1.1 95c9d51ed7176777d7ac8ca8cb233697.cloudfront.net (CloudFront)
server: nginx
age: 8324
x-cache: Hit from cloudfront
content-type: text/html
location: https://d2wa25pztvmofr.cloudfront.net/static/script-5b12bcca2d4f195a2c3d.js
x-amz-cf-pop: VIE50-C2
content-length: 138
x-amz-cf-id: Np7OHrPNmSpWdCWlyEf7oMmn21OV5a0YqIfFNQu0DFRyggWqWOduDw==

GET
H/1.1 200
OK online_store_script.js Show response
s3.amazonaws.com/customer-public-assets.saasler.com/impact/shopify/javascripts/ 2 KB
2 KB 575ms
158ms Script
application/javascript 52.217.49.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/customer-public-assets.saasler.com/impact/shopify/javascripts/online_store_script.js?shop=tbate.myshopify.com
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.49.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1a361fd21bbc36e9af159e5ba2526a1fdf3c9b77d819c4f7e496e70f5126bf43

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:23 GMT
Last-Modified: Sun, 11 Oct 2020 19:55:37 GMT
Server: AmazonS3
x-amz-request-id: GYTJ0BBBWXK4FJ35
ETag: "e0c5ef263a733b42380f4e937a987353"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1758
x-amz-id-2: UYArrC4qW33LTdNFXE6/oycaYPgYA7pAE2i5Fm34/8XQNISSY18LAKufRAlhqRn7xZViZWB5rJk=

GET
H2 200 10967_1615426759.js Show response
app.backinstock.org/widget/ 55 KB
16 KB 45ms
27ms Script
text/javascript 2606:4700:3036::6815:3c8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.backinstock.org/widget/10967_1615426759.js?v=5&shop=tbate.myshopify.com

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3c8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f4d9cfd2c28f45243e5d15be93ca8fcf20b3644c06fc82a0d78edc094d5a1a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1853664
p3p: CP="Not used"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa7dab8fd00002c26502cc000000001
x-request-id: 34343894-f0aa-4335-adca-62973efcfff8
x-runtime: 0.027937
last-modified: Thu, 11 Mar 2021 01:39:19 GMT
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"6fc0bcc07900c9bced4464ec57f1a24a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dHkbwEdOX8olR8up4rDMD9f1qiFG6opx4DwWAzpkE%2B3xsGhEo%2BTs67EaZRAVq6NG2KfzMU8CBPfhFVMo0pBcUZO599%2Btc6X9wGnRg%2BiMLXv7zN20A83gavJqcTKUbvPkxyhCe0aAlVJgPqiM4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
cf-ray: 65ecc707ffb72c26-FRA

GET
H2

200

/ Show response
geoip-db.com/jsonp/
Redirect Chain

https://geoip-db.com/jsonp?callback=callback&_=1623602600854
https://geoip-db.com/jsonp/?callback=callback&_=1623602600854

168 B
274 B

59ms
59ms

Script
text/html

167.99.135.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip-db.com/jsonp/?callback=callback&_=1623602600854
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.99.135.134 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b6380f221f13ab7512df49d9b71db0c9a2e76f293bd368ec0c07c737b5666c37

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
content-type: text/html; charset=UTF-8

Redirect headers

location: https://geoip-db.com/jsonp/?callback=callback&_=1623602600854
date: Sun, 13 Jun 2021 16:43:22 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 194
content-type: text/html

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 167ms
60ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

7ed6ea6b994f975e4ede747d96d2eb3f63ad55b3d5803615fdb115b487b461d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13984
x-xss-protection: 0
server: cafe
etag: 12421713846596914618
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 16:43:22 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
831 B 113ms
112ms Script
application/javascript 2a02:26f0:6c00:28c::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 503f17f1ead39e733bbf304e686d367d5c7051a5df079f15b7e251b479959b13

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "57947439b864e017feed0d94316d5a8c"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 15208b9a-2.16.186.204
accept-ranges: bytes
content-length: 583
access-control-expose-headers: X-CDN

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 17 KB
6 KB 157ms
50ms Script
application/javascript 199.232.137.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.137.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 44b72af014f383676fe6b8f48bb8b4b6c0d9bad9b479ec0b432e1819d124180d

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 01 Jun 2021 21:43:38 GMT
server: snooserv
etag: "c51e34a5b277e70d9c56b25264388b0d"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 6058

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 154ms
46ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 60226
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1623602602.394307,VS0,VE0
x-served-by: cache-fra19176-FRA

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 56ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:21 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref: Ref A: E02982148ABC49F99D3A409DEAFA7CAF Ref B: FRAEDGE1416 Ref C: 2021-06-13T16:43:22Z
etag: "0d2a696ff53d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9008

GET
H2 200 scevent.min.js Show response
sc-static.net/ 14 KB
6 KB 192ms
85ms Script
application/javascript 13.32.2.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-92.vie50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5720
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-amz-cf-id: 1rgySi4jIZAGycjBhx1aBKjoQMabMXEu8_Gsl0flirJOdlTRS8oh4w==

GET
H/1.1

200
OK

Cookie set iu3 Show response
s.amazon-adsystem.com/ Frame 2384
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D29750...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D29750...

582 B
1 KB

162ms
161ms

Document
text/html

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=953764205503279400&dcc=t
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 367e10af413a55ffb5cd664a4c588574b484c3f8d71bcfc44ee1578e732c6ead

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.herocosmetics.us/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=AzjO_tfsV05wg6wEzsDWqgY|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.herocosmetics.us/

Response headers

Server: Server
Date: Sun, 13 Jun 2021 16:43:22 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 450
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=AzjO_tfsV05wg6wEzsDWqgY; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 16:43:22 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 16:43:22 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Sun, 13 Jun 2021 16:43:22 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=953764205503279400&dcc=t
Set-Cookie: ad-id=AzjO_tfsV05wg6wEzsDWqgY|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 16:43:22 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=742210535&t=timing&_s=2&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2369&pdt=106&dns=17&rrt=0&srt=200&tcp=120&dit=1020&clt=1121&_gst=1685&_gbt=1976&_cst=872&_cbt=1616&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=544980191.1623602602&tid=UA-102753205-1&_gid=2144995835.1623602602&gtm=2yg690N73MWQN&z=29103205

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 13:37:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11138
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=742210535&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Play&el=FS%20DUO%20FINAL%203x2_1.mp4%20%7C%20https%3A%2F%2Fwww.herocosmetics.us%2F&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=544980191.1623602602&tid=UA-102753205-1&_gid=2144995835.1623602602&gtm=2yg690N73MWQN&z=1393440203

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 13:37:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11138
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
images.accentuate.io/ 54 KB
54 KB 30ms
30ms Image
image/png 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F1231903719466%2F1621370082884%2Fmpo_thumbnail-copy.png%3Fv%3D0&c_options=w_600,h_600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8ecd573b4fb59d68fa623f4c5c2130e470b82ae559e4f86e6a891fcc80e1362

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 345241
cf-ray: 65ecc70868051e47-FRA
server-timing: fastly;dur=1;cpu=0;start=2021-05-26T14:31:16.970Z;desc=hit,rtt;dur=86
vary: Accept-Encoding
content-length: 55232
cf-request-id: 0aa7dab93e00001e470331b000000001
last-modified: Tue, 18 May 2021 20:35:28 GMT
server: cloudflare
etag: "3f6b6e7c2f6532b84c85d0ff8134c83e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FZ8ingbU7dnAs1v7UXGRhagd728wxAZCBNLpVjQfXzhSL8jO5cTIw7K3BJ49YuPa%2BPj7pTBzLfIZBrNFxPAN18ThJ3j5qCejwlGgC2FNFfCnJDTd%2Bbigl%2FJZW8alBPFugwyoNFSUyriPebSTsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 26 KB
27 KB 34ms
34ms Image
image/png 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F4394508714026%2F1621370633216%2FHero_RB_Thumbnail_596x596.png%3Fv%3D0&c_options=w_600,h_600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff5fa34b7b4add78cedae128a55a17cadb6865f39c1788d9f9b6c315b06fb613

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 268724
cf-ray: 65ecc70868081e47-FRA
server-timing: fastly;dur=1;cpu=0;start=2021-05-27T09:16:03.514Z;desc=hit,rtt;dur=86
vary: Accept-Encoding
content-length: 26781
cf-request-id: 0aa7dab93e00001e4739ae5000000001
last-modified: Tue, 18 May 2021 20:44:26 GMT
server: cloudflare
etag: "5ab4f7d7a254bb7d0301c33775382b7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bJoBLeOEvEfnrkko8uVJMKTg9gg4ULYzYZiOGdSsvigZ%2FhpnIhg36p%2Flf5m37gu24JDlk4iIcA%2BAaXWZMDB5c1bHlCSkRFkb13X2JgeZeaETRepdrzMCfCedUt5oK2vsbjCDuo24kTaHSU00gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 18 KB
19 KB 27ms
26ms Image
image/png 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F4562059722794%2F1621368583143%2FHero_LW_Thumbnail_596x596.png%3Fv%3D0&c_options=w_600,h_600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e0be35925b9d3cefe45bdf5591dad6e893fcf238cc14cd0e8b61bfec2805322

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 250216
cf-ray: 65ecc708680a1e47-FRA
server-timing: fastly;dur=1;start=2021-05-27T15:17:37.134Z;desc=hit,rtt;dur=85
vary: Accept-Encoding
content-length: 18670
cf-request-id: 0aa7dab93f00001e4724355000000001
last-modified: Tue, 18 May 2021 20:10:04 GMT
server: cloudflare
etag: "1434d6f731cb5a7501996e7aaf11103a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Puks%2FnjOs13MagG7kYFl01pakxvd6lzq%2B7OvKtP4GIHZ4f9JqL6%2B0ez2gdeYKtIApXYWh0bqZB5AAzJN8lABlO9yTRv7vGYuiolDIIIbcZJrgOTbwEy%2FGCsopRuJ21JG9cUsDq3OAleYECSIMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 54 KB
55 KB 31ms
31ms Image
image/png 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F4347370569770%2F1621368792157%2Fmpb_thumbnail.png%3Fv%3D0&c_options=w_600,h_600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8e7a487dc5fd3c114e4ecb3473955d37e96eb3b320ad0615da1b05e77be9023

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 268722
cf-ray: 65ecc708680c1e47-FRA
server-timing: fastly;dur=1;cpu=0;start=2021-05-27T09:16:03.543Z;desc=hit,rtt;dur=88
vary: Accept-Encoding
content-length: 55603
cf-request-id: 0aa7dab94000001e471db8d000000001
last-modified: Tue, 18 May 2021 20:14:25 GMT
server: cloudflare
etag: "e56b873abb2b3abe625ebc7338ae66d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=g6e4lc3fy%2BFPM66iE%2Fgk8EU9EvzBl3QWyXiWfUUUyR0xusU6soxFkK2Wl%2BFdDNz5EtNmeNPQU93tW8jGZXpiafXOJzNljds%2BJcDQQ5y3LfULcV1fZL0RFTyvqm97r0ftevno3WEmjLSTNyN0YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 widget.css
staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/ 330 KB
37 KB 13ms
12ms Stylesheet
text/css 2a02:26f0:1700:188::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.css?widget_version=2019-04-15_11-38-12

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.js?shop=tbate.myshopify.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:188::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9d38fd5af2f1903f7c961c464a1d37b6440d3f1a6ef5aa05bae0c313cc770f6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=5
vary: Accept-Encoding
content-length: 36711
x-xss-protection: 1; mode=block
x-request-id: 7c39d639-ac4f-4e9e-a764-3d8efe9d0235
x-runtime: 0.279426
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"4c47987154f3c9148f8845e5ec4a2d6f"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1552
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 app.v1.0.353.js Show response
cdn-swell-assets.yotpo.com/ 1 MB
190 KB 241ms
57ms Script
text/plain 192.229.233.223
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-swell-assets.yotpo.com/app.v1.0.353.js
Requested by: Host: cdn-loyalty.yotpo.com
URL: https://cdn-loyalty.yotpo.com/loader/A19H8vTS9KoU0V2U-uthxg.js?shop=tbate.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.223 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D44) /
Resource Hash: 6bd54eff45e14f5b5530cf55d24af3e501f34462a99bb05661925618e15f52f6

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 13:17:12 GMT
server: ECS (lcy/1D44)
x-amz-meta-s3cmd-attrs: uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1614863831/atime:1614863831/md5:b947a3d8ddd2819f94b96e7cee5982dd/ctime:1614863831
age: 269506
etag: "b947a3d8ddd2819f94b96e7cee5982dd+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/plain
x-amz-request-id: G821V6CWYT44QJ3S
content-length: 193782
x-amz-version-id: U5vI6bxOdPxTx0KQDmAsP2YHX.EjP6lh
x-amz-id-2: 6tyYxvqY2P8QVfyphYKVA8Ur8GR9vl4nITSSnadbG6O/x8X1tsAu8POQzJU703OR60jiI1bHoLc=

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 192ms
47ms Image
image/gif 52.29.150.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&se_va=WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax&cx=eyJwdl91dWlkIjoyMjE3Mjk4MDN9&dtm=1623602602348&tid=405222&vp=1600x1200&ds=1600x3873&vid=1&duid=90a3954ee9dcfd82&p=web&tv=js-0.13.2&fp=1072425006&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.herocosmetics.us%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.150.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-150-149.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:22 GMT
Cache-Control: max-age=86400, private
Expires: Mon, 14 Jun 2021 16:43:22 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

POST
H2 200 my-wisepop Show response
popup.wisepops.com/ 21 B
658 B 226ms
196ms XHR
application/json 2606:4700:20::681a:b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://popup.wisepops.com/my-wisepop
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38b904a1cf83df048360fb2480571b749fd98d57e11f1afdffb5a74a78166fea

Request headers

Accept: application/json
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, POST, GET
cf-request-id: 0aa7dab99e0000060155213000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Zv07iCc%2FtX2d%2Fcb%2FcKG6Z6Z8TiyzmWNoUd0Xp%2BDznpmKTSxaSuNXaLvaGfXetFMzVWi%2FB6NcBIdDBiiaGXedoBxMpYnQPfHP6X2MrHCtyoaHXo6TzC3Lgpc%2BV1BDm6NgHg3%2B0Z0G1P2r3zE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 8bd92493407ec629451b82a4b9d31e96
cache-control: private
cf-ray: 65ecc708fe2b0601-FRA
access-control-allow-headers: *

GET
H2 204 25084313.js Show response
bat.bing.com/p/action/ 0
126 B 125ms
125ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25084313.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Jun 2021 16:43:21 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 19689CD2E25B403189E524044780C886 Ref B: FRAEDGE1416 Ref C: 2021-06-13T16:43:22Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
149 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25084313&tm=gtm001&Ver=2&mid=05a016ff-9b1f-4c8c-850c-bae45ecb2d76&sid=7738aec0cc6611eb952fbf900c71e966&vid=7738f740cc6611ebbcdd5b21c5c0bd9e&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&p=https%3A%2F%2Fwww.herocosmetics.us%2F&r=&lt=2378&evt=pageLoad&msclkid=N&sv=1&rn=281656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 13 Jun 2021 16:43:21 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 49C3DC72EDB64E07828BEA5A37C6390D Ref B: FRAEDGE1416 Ref C: 2021-06-13T16:43:22Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 4781 0
40 B 148ms
148ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d34b6c58f00de160ecb08c2883bdf18087996a611623602600
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Jun 2021 16:43:22 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 main.c6ca189a.js Show response
s.pinimg.com/ct/lib/ 50 KB
17 KB 123ms
123ms Script
application/javascript 2a02:26f0:6c00:28c::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.c6ca189a.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e68c7f596671913cde21ea0a5c4367b743a79422d87b0659e22f00673c5aeb8

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "6ed3b8d9c0f104e8bf55431013d34078"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 15208cff-2.16.186.204
accept-ranges: bytes
content-length: 17534
access-control-expose-headers: X-CDN

GET
H2 200 css
fonts.googleapis.com/ 2 KB
642 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.css?widget_version=2019-04-15_11-38-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://staticw2.yotpo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Jun 2021 15:21:18 GMT
server: ESF
date: Sun, 13 Jun 2021 16:43:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Jun 2021 16:43:22 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 299ms
197ms Image
image/gif 199.232.137.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1623602602417&id=t2_3jqrn4g1&event=PageVisit&uuid=8dc17d9f-3318-40e1-a98d-c396697d1bd4&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_87c5745b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.137.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/775465074/ 2 KB
2 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/775465074/?random=1623602602446&cv=9&fst=1623602602446&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2yg690&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.herocosmetics.us%2F&tiba=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73fcfe82c48501d38d13d60a355d743c0e693e0f4b073cf64dcb71433c99256d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1050
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame F19F 0
40 B 147ms
147ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d30f6d09107276f5e0b10a1f766457f1923d6c071623602600
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Jun 2021 16:43:22 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
659 B 262ms
159ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o2h0n&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.herocosmetics.us%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Sun, 13 Jun 2021 16:43:22 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c895d85b4f478f07008876862103a39590aeed0028b6abf14c3cdf6ad028c667
x-transaction: e44813b4f071e717
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
454 B 254ms
160ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o2h0n&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.herocosmetics.us%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Sun, 13 Jun 2021 16:43:22 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c7439366097898325f769b63decae2bc11e510e1ee6e2b8ea7677640951676f2
x-transaction: b686231b07d9711e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
images.accentuate.io/ 9 KB
9 KB 37ms
37ms Image
image/png 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F31256943558698%2F1620322947072%2Fmpds_thumbnail-1.png%3Fv%3D0&c_options=w_200,h_200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b33ef959731ec968c50cae98f4555f91879d4b9bb2d519fb7c84a5d72251859

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 244340
cf-ray: 65ecc7097aac1e47-FRA
server-timing: fastly;dur=1;cpu=0;start=2021-05-27T09:48:29.803Z;desc=hit,rtt;dur=86
vary: Accept-Encoding
content-length: 9169
cf-request-id: 0aa7dab9ed00001e473e181000000001
last-modified: Thu, 06 May 2021 20:42:33 GMT
server: cloudflare
etag: "4fe199b9279587851707544454b14540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qI9iLfb81jE9%2Bw0mOV%2BG0%2FYbRWvf9h9Sx4jZ0vrt1dOZgKlrBeHVJDkjHuSFyyBCEKUzkO9EP%2FwWHfCIf59q%2BaktKCL6PcIQjlV4BoKs04VvkWjQm8q3MwkBPSO5Zd%2ButrZzbL8d6ERkPBvLMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2678400, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame E9B4 0
203 B 165ms
64ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=0470dae7-028b-4609-a07a-65a3ee776aed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=0470dae7-028b-4609-a07a-65a3ee776aed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.herocosmetics.us/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.herocosmetics.us/

Response headers

server: nginx/1.17.3
date: Sun, 13 Jun 2021 16:43:22 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/775465074/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/775465074/?random=1623602602446&cv=9&fst=1623600000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2yg690&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.herocosmetics.us%2F&tiba=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&async=1&fmt=3&is_vtc=1&random=3464667955&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/775465074/ 42 B
64 B 34ms
19ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/775465074/?random=1623602602446&cv=9&fst=1623600000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2yg690&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.herocosmetics.us%2F&tiba=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&async=1&fmt=3&is_vtc=1&random=3464667955&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
tr.snapchat.com/ Frame AFC6 0
207 B 156ms
73ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 231
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.herocosmetics.us
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.herocosmetics.us/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.herocosmetics.us
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.herocosmetics.us/

Response headers

server: nginx/1.17.3
date: Sun, 13 Jun 2021 16:43:22 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAA3CiQ0AIAgEsIlI4OQUx/EJUzC8NnXLWByQi6R47CHT/Mg9jQx1EqiyjtYVf+kD2x0GIDIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=173724809895244&ev=Microdata&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&rl=&if=false&ts=1623602602516&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All%22%2C%22meta%3Adescription%22%3A%22Everyone%20deserves%20to%20feel%20amazing%20in%20their%20skin.%20That%E2%80%99s%20why%20we%20make%20customizable%20acne%20toolkits%20to%20handle%20any%20pimple%20challenge.%20Seriously%20effective%20solutions%20with%20powerfully%20clean%20ingredients%20for%20all%20ages%20%26%20skin%20types%20%E2%80%94%20from%20our%20cult-fave%20hydrocolloid%20Mighty%20Patch%20to%20Rescue%20Balm%2C%20Micropoint%20for%20Dark%20Spots%2C%20and%20beyond!%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Hero%20Cosmetics%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.herocosmetics.us%2F%22%2C%22og%3Atitle%22%3A%22Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22Everyone%20deserves%20to%20feel%20amazing%20in%20their%20skin.%20That%E2%80%99s%20why%20we%20make%20customizable%20acne%20toolkits%20to%20handle%20any%20pimple%20challenge.%20Seriously%20effective%20solutions%20with%20powerfully%20clean%20ingredients%20for%20all%20ages%20%26%20skin%20types%20%E2%80%94%20from%20our%20cult-fave%20hydrocolloid%20Mighty%20Patch%20to%20Rescue%20Balm%2C%20Micropoint%20for%20Dark%20Spots%2C%20and%20beyond!%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.41&r=stable&ec=1&o=30&fbp=fb.1.1623602602003.1322824832&it=1623602601811&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 13 Jun 2021 16:43:22 GMT

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame F19F 0
40 B 148ms
147ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d30f6d09107276f5e0b10a1f766457f1923d6c071623602600
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Jun 2021 16:43:22 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK 37d643f5.mp4 Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2F640c1f46-e20e-46d3-ad67-8d1a48f5cd23%2F%2A~hmac=7879caa6c33c5cf3ab938639f2aa5850e8125f3bcd79a11b61a60d909b4cca19/640c1f46-e20e-46d3-ad67-8d1a48f5... Frame 4781 48 KB
49 KB 19ms
19ms XHR
video/mp4 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2F640c1f46-e20e-46d3-ad67-8d1a48f5cd23%2F%2A~hmac=7879caa6c33c5cf3ab938639f2aa5850e8125f3bcd79a11b61a60d909b4cca19/640c1f46-e20e-46d3-ad67-8d1a48f5cd23/parcel/audio/37d643f5.mp4?range=50440-100060
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: b4f0e57f9674005c1da44d94e9f5d80a9685f0c56f37fdbe69f3f77c2026512d

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:22 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:h
Origin-Retrieved-Hour: 1623261600
Connection: keep-alive
Content-Length: 49621
AK-REFERENCE-ID: 0.5ba1002.1623602602.9198577
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Wed, 09 Jun 2021 17:33:17 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=2251855
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Fri, 09 Jul 2021 18:14:17 GMT

GET
H/1.1 200
OK fd258781.mp4 Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2F640c1f46-e20e-46d3-ad67-8d1a48f5cd23%2F%2A~hmac=7879caa6c33c5cf3ab938639f2aa5850e8125f3bcd79a11b61a60d909b4cca19/640c1f46-e20e-46d3-ad67-8d1a48f5... Frame 4781 249 KB
249 KB 32ms
32ms XHR
video/mp4 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2F640c1f46-e20e-46d3-ad67-8d1a48f5cd23%2F%2A~hmac=7879caa6c33c5cf3ab938639f2aa5850e8125f3bcd79a11b61a60d909b4cca19/640c1f46-e20e-46d3-ad67-8d1a48f5cd23/parcel/video/fd258781.mp4?range=226163-480648
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 81d7d44416c0ed6edee378069c4796ace8035495fa34e1c436e5df9746620b4c

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:22 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,PE:h
Origin-Retrieved-Hour: 1623258000
Connection: keep-alive
Content-Length: 254486
AK-REFERENCE-ID: 0.5ba1002.1623602602.91987bc
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Wed, 09 Jun 2021 17:34:00 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=2249465
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Fri, 09 Jul 2021 17:34:27 GMT

GET
H/1.1 200
OK 37d643f5.mp4 Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2F640c1f46-e20e-46d3-ad67-8d1a48f5cd23%2F%2A~hmac=7879caa6c33c5cf3ab938639f2aa5850e8125f3bcd79a11b61a60d909b4cca19/640c1f46-e20e-46d3-ad67-8d1a48f5... Frame 4781 65 KB
66 KB 28ms
27ms XHR
video/mp4 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2F640c1f46-e20e-46d3-ad67-8d1a48f5cd23%2F%2A~hmac=7879caa6c33c5cf3ab938639f2aa5850e8125f3bcd79a11b61a60d909b4cca19/640c1f46-e20e-46d3-ad67-8d1a48f5cd23/parcel/audio/37d643f5.mp4?range=100061-166388
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 478ac3a2eb24177eaaa58563120446e2d5309f075332a4281a35a489b0ea53e9

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:22 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,PE:h
Origin-Retrieved-Hour: 1623304800
Connection: keep-alive
Content-Length: 66328
AK-REFERENCE-ID: 0.5ba1002.1623602602.9198817
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Wed, 09 Jun 2021 17:33:17 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=2296913
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Sat, 10 Jul 2021 06:45:15 GMT

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 4781 0
40 B 150ms
150ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d34b6c58f00de160ecb08c2883bdf18087996a611623602600
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Jun 2021 16:43:22 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK fd258781.mp4 Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2F640c1f46-e20e-46d3-ad67-8d1a48f5cd23%2F%2A~hmac=7879caa6c33c5cf3ab938639f2aa5850e8125f3bcd79a11b61a60d909b4cca19/640c1f46-e20e-46d3-ad67-8d1a48f5... Frame 4781 221 KB
222 KB 16ms
15ms XHR
video/mp4 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2F640c1f46-e20e-46d3-ad67-8d1a48f5cd23%2F%2A~hmac=7879caa6c33c5cf3ab938639f2aa5850e8125f3bcd79a11b61a60d909b4cca19/640c1f46-e20e-46d3-ad67-8d1a48f5cd23/parcel/video/fd258781.mp4?range=480649-706624
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: c895f5c6966e110f7eb6612a6b91f32ed7b52c630460101c6813daa97f7bc1bd

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:22 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:h
Origin-Retrieved-Hour: 1623283200
Connection: keep-alive
Content-Length: 225976
AK-REFERENCE-ID: 0.5ba1002.1623602602.9198847
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Wed, 09 Jun 2021 17:34:00 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=2274102
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Sat, 10 Jul 2021 00:25:04 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 2859 5 KB
2 KB 145ms
144ms Document
text/html 54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=953764205503279400&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 3cdc274c39b079e80e8c48a19ff3e627aeb487bc998dc3897a34acd6ceeea2a4

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=953764205503279400&dcc=t
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=AzjO_tfsV05wg6wEzsDWqgY; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=953764205503279400&dcc=t

Response headers

Server: Server
Date: Sun, 13 Jun 2021 16:43:22 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 1573
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

GET
H/1.1 200
OK ff2918db.mp4 Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb10... Frame F19F 72 KB
73 KB 27ms
26ms XHR
video/mp4 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb101943/parcel/audio/ff2918db.mp4?range=74381-147980
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: edc6e6abd1a41867b13278d0a2a2255e433aaa1a53367a4be9bacf00e6fdab08

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:22 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,PE:h
Origin-Retrieved-Hour: 1623258000
Connection: keep-alive
Content-Length: 73600
AK-REFERENCE-ID: 0.5ba1002.1623602602.9198855
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Wed, 09 Jun 2021 17:15:19 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=2248316
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Fri, 09 Jul 2021 17:15:18 GMT

GET
H/1.1 200
OK segment-2.m4s Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb10... Frame F19F 2 MB
2 MB 21ms
21ms XHR
video/mp4 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb101943/sep/video/4ac8f5a6/chop/segment-2.m4s
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d4ea79f3e9cdf4a807d89f456fb83b7282b006c219b25ea581564c5b8bbeec59

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:23 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:h
Using-Starlord: true
Origin-Retrieved-Hour: 1623258000
Connection: keep-alive
Content-Length: 1812435
AK-REFERENCE-ID: 0.5ba1002.1623602603.9198926
Akamai-Mon-Iucid-Del: 877678
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=2248437
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1621550208998%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=H8q91y9999OerLjQ

43 B
344 B

530ms
141ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=H8q91y9999OerLjQ
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:23 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=H8q91y9999OerLjQ
Date: Sun, 13 Jun 2021 16:43:23 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: bf27
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=164850903816000446069&ex=neustar.biz

43 B
344 B

146ms
145ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=164850903816000446069&ex=neustar.biz
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:23 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:23 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=164850903816000446069&ex=neustar.biz
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1556276447
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1556276447
https://sync.1rx.io/usersync/tradedesk/1fa01fc0-1992-4b83-a249-21a4a6641ff4
https://sync.targeting.unrulymedia.com/csync/RX-6a1ee1a4-4e2e-4ce4-9c75-fea60dc8604d-003?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-6a1ee1a4-4e2e-4ce4-9c75-fea60dc8604d-003%26ex%3Dr...
https://s.amazon-adsystem.com/ecm3?id=RX-6a1ee1a4-4e2e-4ce4-9c75-fea60dc8604d-003&ex=rhythmone.com

43 B
344 B

250ms
140ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=RX-6a1ee1a4-4e2e-4ce4-9c75-fea60dc8604d-003&ex=rhythmone.com
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:23 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=RX-6a1ee1a4-4e2e-4ce4-9c75-fea60dc8604d-003&ex=rhythmone.com
date: Sun, 13 Jun 2021 16:43:23 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX6a1ee1a44e2e4ce49c75fea60dc8604d003
content-type: text/html

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=29b2ff13a12c9e817b645be2c8aa569a

43 B
344 B

240ms
146ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=29b2ff13a12c9e817b645be2c8aa569a
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:23 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=29b2ff13a12c9e817b645be2c8aa569a
date: Sun, 13 Jun 2021 16:43:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=GxqzB99999OerLjQ

43 B
344 B

499ms
145ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=GxqzB99999OerLjQ
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:23 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=GxqzB99999OerLjQ
Date: Sun, 13 Jun 2021 16:43:23 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: f21f
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP77a9d031-cc66-11eb-a110-027f52746190
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP77a9d031-cc66-11eb-a110-027f52746190&verify=true
https://s.amazon-adsystem.com/ecm3?id=45eb3953cfefd33262fefae33815c8bc7d198f35&ex=aoldisplay.com

43 B
344 B

194ms
144ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=45eb3953cfefd33262fefae33815c8bc7d198f35&ex=aoldisplay.com
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?id=45eb3953cfefd33262fefae33815c8bc7d198f35&ex=aoldisplay.com
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=8a9a7163-0eff-4242-ad8f-b8577ff71a7f

43 B
344 B

399ms
140ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=8a9a7163-0eff-4242-ad8f-b8577ff71a7f
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:23 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=8a9a7163-0eff-4242-ad8f-b8577ff71a7f
Date: Sun, 13 Jun 2021 16:43:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame 2859 43 B
183 B 303ms
94ms Image
image/gif 2600:1f18:612b:4232:16e5:e760:b671:d648
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:16e5:e760:b671:d648 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:23 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 2859 0
0 214ms
68ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 /
spl.zeotap.com/ Frame 2859 731 B
731 B 76ms
44ms Image
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1353&env=mWeb&eventType=pageview&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%24_ZTP_UUID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:23 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 65ecc70cfa68074a-FRA
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 0aa7dabc1f0000074a28359000000001

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=52c4ddbb9568e069708ff84035bf6bf1&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

375ms
147ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=52c4ddbb9568e069708ff84035bf6bf1&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:23 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:23 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=52c4ddbb9568e069708ff84035bf6bf1&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1623602603094084-178
Expires: Sun, 13 Jun 2021 16:43:23 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
344 B

436ms
143ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:23 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 13 Jun 2021 16:43:23 GMT
via: 1.1 488e01d34d3fb7f21dfcaccec82f530f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-C1
content-security-policy-report-only: default-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com; script-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=KCYJMCFWZ8QRNBTC7W2Z:sn=www.imdb.com
x-cache: Miss from cloudfront
vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
content-length: 0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
server: Server
x-amz-rid: KCYJMCFWZ8QRNBTC7W2Z
strict-transport-security: max-age=47474747; includeSubDomains; preload
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
permissions-policy: interest-cohort=()
x-amz-cf-id: EHEoNHXs2ynpXs1jrvDxme8cmiAvVjwh8XIAdh0WBlM2D4LZmvGOCg==

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 2859 0
263 B 795ms
136ms Image
text/plain 18.207.76.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.76.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-76-245.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: nginx/1.16.1
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=daeca08e37c58fbc

43 B
344 B

257ms
140ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=daeca08e37c58fbc
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=daeca08e37c58fbc
date: Sun, 13 Jun 2021 16:43:23 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 93
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=UJwbt5BqS56pjFCSWiB-6w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=UJwbt5BqS56pjFCSWiB-6w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=35461841383223639850177211011731726531

43 B
344 B

245ms
140ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=35461841383223639850177211011731726531
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v008-075f07d61.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: iBeVwhXZTng=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=35461841383223639850177211011731726531
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=eZ54txc4QbqGAwNHg1OYew
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812368650086053379&gdpr=&gdpr_consent=

43 B
344 B

268ms
145ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812368650086053379&gdpr=&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:23 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812368650086053379&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame 2859 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4585898383299043405

43 B
344 B

313ms
147ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4585898383299043405
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:23 GMT
server: nginx
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4585898383299043405
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=783056ce-cc66-11eb-aab0-1e87ce780206
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=7830568f-cc66-11eb-aab0-1e87ce780206

43 B
344 B

292ms
140ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=7830568f-cc66-11eb-aab0-1e87ce780206
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: nginx
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=7830568f-cc66-11eb-aab0-1e87ce780206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 24
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22f0f32db1-e0ef-43a3-bb07-db8cca424a8b%22,%22Time%22:%2220210613T124324.093719%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f0f32db1-e0ef-43a3-bb07-db8cca424a8b

43 B
344 B

145ms
144ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f0f32db1-e0ef-43a3-bb07-db8cca424a8b
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:25 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f0f32db1-e0ef-43a3-bb07-db8cca424a8b
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESENHKsk_x0dTG-sW46YvW4gM&google_cver=1

43 B
344 B

283ms
146ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESENHKsk_x0dTG-sW46YvW4gM&google_cver=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESENHKsk_x0dTG-sW46YvW4gM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 2859
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=amzn
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

0
337 B

1217ms
65ms

Image
text/plain

54.228.36.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.36.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-36-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:25 GMT
cache-control: private, no-cache, no-store
x-request-time: D=42 t=1623602605
x-served-by: beacon-n017-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
date: Sun, 13 Jun 2021 16:43:24 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a002-ash-prod.krxd.net

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=36a08b0b04113227a0316041ed6db1dc

43 B
344 B

183ms
137ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=36a08b0b04113227a0316041ed6db1dc
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 13 Jun 2021 16:43:24 GMT
via: 1.1 488e01d34d3fb7f21dfcaccec82f530f.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=36a08b0b04113227a0316041ed6db1dc
content-length: 108
x-amz-cf-id: qdDnVWTZawc3FR_Wh8KjHfPZl22ATIkZYTGTSXladbV-a0_hlt87_A==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=2bec81a0-7fac-c9a1-2c7f-4da9ffcab980

43 B
344 B

204ms
143ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=2bec81a0-7fac-c9a1-2c7f-4da9ffcab980
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 13 Jun 2021 16:43:24 GMT
content-encoding: gzip
server: OXGW/16.208.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=2bec81a0-7fac-c9a1-2c7f-4da9ffcab980
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&C=1
https://s.amazon-adsystem.com/ecm3?ex=index&id=KZQCnToY14njEfChv2AGszc4dKU4ZgIC

43 B
344 B

143ms
143ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=index&id=KZQCnToY14njEfChv2AGszc4dKU4ZgIC
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:25 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KZQCnToY14njEfChv2AGszc4dKU4ZgIC
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 267
Expires: Sun, 13 Jun 2021 16:43:25 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=1E4B1FC8FE8C2A94

43 B
344 B

183ms
136ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=1E4B1FC8FE8C2A94
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:22 GMT
frontend-id: 1
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=1E4B1FC8FE8C2A94
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://s.amazon-adsystem.com/ecm3?id=5971342039064208068&ex=appnexus.com

43 B
344 B

198ms
143ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=5971342039064208068&ex=appnexus.com
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.7:80
AN-X-Request-Uuid: a7a5f011-a062-4673-838a-110e379bcdbd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?id=5971342039064208068&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=Qhh6iVRkyV1GhOCR79Qakg&ex=rubiconproject.com&status=ok

43 B
344 B

144ms
144ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=Qhh6iVRkyV1GhOCR79Qakg&ex=rubiconproject.com&status=ok
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=Qhh6iVRkyV1GhOCR79Qakg&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Nv-hc1FGRrmOQ4LwEquYGQ&
https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Nv-hc1FGRrmOQ4LwEquYGQ&google_tc=
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
344 B

241ms
136ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-f8b4a22e-5332-4e93-9c0a-a61442945a23&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-f8b4a22e-5332-4e93-9c0a-a61442945a23&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.co...
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-f8b4a22e-5332-4e93-9c0a-a61442945a23

43 B
344 B

136ms
136ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-f8b4a22e-5332-4e93-9c0a-a61442945a23
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:25 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 13 Jun 2021 16:43:25 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-f8b4a22e-5332-4e93-9c0a-a61442945a23
alt-svc: clear
content-length: 0

GET
H2 204 /
loadus.exelator.com/load/ Frame 2859 0
324 B 145ms
47ms Image
text/plain 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:43:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BEBC4F2DAD35C660D93CD33B02F5D16C

43 B
344 B

144ms
143ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BEBC4F2DAD35C660D93CD33B02F5D16C
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:25 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sun, 13 Jun 2021 16:43:25 GMT
Server: openresty/1.15.8.2
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BEBC4F2DAD35C660D93CD33B02F5D16C
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Content-Length: 151
Expires: Sun, 13 Jun 2021 16:43:24 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-32eiRWtE2uSfV.9L03idMo0uHDvx3_s-

43 B
344 B

143ms
143ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-32eiRWtE2uSfV.9L03idMo0uHDvx3_s-
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-32eiRWtE2uSfV.9L03idMo0uHDvx3_s-
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=abf64e6f36034f1d7010a556478836dbf295f5f12d369d94ad12721732fecb68

43 B
344 B

137ms
136ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=abf64e6f36034f1d7010a556478836dbf295f5f12d369d94ad12721732fecb68
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:24 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=abf64e6f36034f1d7010a556478836dbf295f5f12d369d94ad12721732fecb68
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=2DC191A9-71E1-4C4C-BCCE-A9760049A52A

43 B
344 B

144ms
144ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=2DC191A9-71E1-4C4C-BCCE-A9760049A52A
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:25 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=2DC191A9-71E1-4C4C-BCCE-A9760049A52A
date: Sun, 13 Jun 2021 16:43:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=9a92c0b9-a333-42c0-884b-0e2bc0fd7b31-tuct7bfbb2d

43 B
344 B

144ms
144ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=9a92c0b9-a333-42c0-884b-0e2bc0fd7b31-tuct7bfbb2d
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Nv-hc1FGRrmOQ4LwEquYGQ&ep=R7fXyM39Ql35aW4hsRxMy0tgZ_plYoHpZ3OygdRNhGlTzknpDeJwfr1sZuf0gFEzk7UtbiiGF4Dscp5yUTBdZYJx8Okok04Z5eTzVdYEJ1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:43:25 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=9a92c0b9-a333-42c0-884b-0e2bc0fd7b31-tuct7bfbb2d
tbl-x-upstream: 10.41.14.127:10213
date: Sun, 13 Jun 2021 16:43:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21346

GET
H/1.1 200
OK ff2918db.mp4 Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb10... Frame F19F 95 KB
96 KB 71ms
70ms XHR
video/mp4 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb101943/parcel/audio/ff2918db.mp4?range=147981-245595
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 68ce65c3d5bbf78d8d5740646a7d70a0a9e87250b92b06b0e3fc4e22b39ec795

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:23 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,PE:h
Origin-Retrieved-Hour: 1623258000
Connection: keep-alive
Content-Length: 97615
AK-REFERENCE-ID: 0.5ba1002.1623602603.9198948
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Wed, 09 Jun 2021 17:15:19 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=2248347
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Fri, 09 Jul 2021 17:15:50 GMT

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 16ms
15ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-D939QWJC76&cv=1&v=3&t=t&pid=483472659&rv=690&es=1&e=gtm.timer&eid=20&u=C&ut=C&tc=13&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:23 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK segment-3.m4s Show response
180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb10... Frame F19F 1 MB
1 MB 23ms
23ms XHR
video/mp4 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://180vod-adaptive.akamaized.net/exp=1623606500~acl=%2Fefc8563d-b544-4c36-8606-8562eb101943%2F%2A~hmac=b811c20a6514e5668c6839d212188700bba59acb5109c1a52f85babbb0146ce1/efc8563d-b544-4c36-8606-8562eb101943/sep/video/4ac8f5a6/chop/segment-3.m4s
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.35.0/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 352b69ddeb33f923b14c6aa1a68a28690eea37d7fc669c12207dd6f69583bd8b

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:23 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,PE:h
Using-Starlord: true
Origin-Retrieved-Hour: 1623258000
Connection: keep-alive
Content-Length: 1508374
AK-REFERENCE-ID: 0.5ba1002.1623602603.919899d
Akamai-Mon-Iucid-Del: 877678
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=2248255
Akamai-Edge-IP: 2a02:26f0:6c00::210:ba09
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

POST
H2 200 produce
monorail-edge.shopifysvc.com/v1/ 0
478 B 207ms
206ms Ping
text/plain 34.121.8.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.121.8.176 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Jun 2021 16:43:23 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 53ea5d4c-d689-41a7-bd85-a6686b9ce287

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 14ms
14ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-D939QWJC76&cv=1&v=3&t=t&pid=483472659&rv=690&es=1&e=gtm.timer&eid=21&u=C&ut=C&tc=13&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:24 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=742210535&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=10%25&el=FS%20DUO%20FINAL%206x7_2%20%7C%20https%3A%2F%2Fwww.herocosmetics.us%2F&_u=aEjAAEABAAAAAC~&jid=1750085141&gjid=142487357&cid=544980191.1623602602&tid=UA-102753205-1&_gid=1919503536.1623602604&_r=1&gtm=2yg690N73MWQN&z=1101607142

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herocosmetics.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-102753205-1&cid=544980191.1623602602&jid=1750085141&gjid=142487357&_gid=1919503536.1623602604&_u=aEjAAEABAAAAAC~&z=1337094239

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 13 Jun 2021 16:43:24 GMT
content-type: text/plain
access-control-allow-origin: https://www.herocosmetics.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-102753205-1&cid=544980191.1623602602&jid=1750085141&_u=aEjAAEABAAAAAC~&z=1840303188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-102753205-1&cid=544980191.1623602602&jid=1750085141&_u=aEjAAEABAAAAAC~&z=1840303188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=742210535&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=10%25&el=FS%20DUO%20FINAL%203x2_1.mp4%20%7C%20https%3A%2F%2Fwww.herocosmetics.us%2F&_u=aEjAAEABAAAAAC~&jid=&gjid=&cid=544980191.1623602602&tid=UA-102753205-1&_gid=1919503536.1623602604&gtm=2yg690N73MWQN&z=499990099

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 13:37:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11140
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
ping.taplytics.com/public_api/v1/ 15 B
220 B 201ms
200ms XHR
application/json 34.199.206.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ping.taplytics.com/public_api/v1/events?r_v=0&public_token=5dae9c5346204c8f803d17532ebc5776
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.206.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-206-100.compute-1.amazonaws.com
Software: /
Resource Hash: 1e3464ced4271304904cc9ae288fe212ebc63d728cea00ad815b2844e2676425

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 13 Jun 2021 16:43:25 GMT
access-control-allow-headers: X-Requested-With, Content-Type, Accept
content-length: 15
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8

OPTIONS
H2 204 events
ping.taplytics.com/public_api/v1/ Frame 0
0 649ms
133ms Preflight 34.199.206.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ping.taplytics.com/public_api/v1/events?r_v=0&public_token=5dae9c5346204c8f803d17532ebc5776
Protocol: H2
Server: 34.199.206.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-206-100.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.herocosmetics.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 13 Jun 2021 16:43:25 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 204 a
www.googletagmanager.com/ 0
128 B 14ms
14ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-D939QWJC76&cv=1&v=3&t=t&pid=483472659&rv=690&es=1&e=gtm.timer&eid=26&u=C&ut=C&tc=13&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:25 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 14ms
14ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-D939QWJC76&cv=1&v=3&t=t&pid=483472659&rv=690&es=1&e=gtm.timer&eid=27&u=C&ut=C&tc=13&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:26 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 14ms
13ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-D939QWJC76&cv=1&v=3&t=t&pid=483472659&rv=690&es=1&e=gtm.timer&eid=28&u=C&ut=C&tc=13&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:27 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=742210535&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=25%25&el=FS%20DUO%20FINAL%206x7_2%20%7C%20https%3A%2F%2Fwww.herocosmetics.us%2F&_u=aEjAAEABAAAAAC~&jid=&gjid=&cid=544980191.1623602602&tid=UA-102753205-1&_gid=1919503536.1623602604&gtm=2yg690N73MWQN&z=2100305851

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 13:37:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11143
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=742210535&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=25%25&el=FS%20DUO%20FINAL%203x2_1.mp4%20%7C%20https%3A%2F%2Fwww.herocosmetics.us%2F&_u=aEjAAEABAAAAAC~&jid=&gjid=&cid=544980191.1623602602&tid=UA-102753205-1&_gid=1919503536.1623602604&gtm=2yg690N73MWQN&z=463789536

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 13:37:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11143
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 14ms
14ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-D939QWJC76&cv=1&v=3&t=t&pid=483472659&rv=690&es=1&e=*&eid=29&u=C&ut=C&tc=13&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:27 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 14ms
14ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-D939QWJC76&cv=1&v=3&t=t&pid=483472659&rv=690&es=1&e=gtm.timer&eid=34&u=C&ut=C&tc=13&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:29 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 14ms
14ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-D939QWJC76&cv=1&v=3&t=t&pid=483472659&rv=690&es=1&e=gtm.timer&eid=35&u=C&ut=C&tc=13&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:30 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 15ms
15ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-D939QWJC76&cv=1&v=3&t=t&pid=483472659&rv=690&es=1&e=gtm.timer&eid=36&u=C&ut=C&tc=13&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:31 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 15ms
14ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-D939QWJC76&cv=1&v=3&t=t&pid=483472659&rv=690&es=1&e=gtm.timer&eid=37&u=C&ut=C&tc=13&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:43:32 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=742210535&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=50%25&el=FS%20DUO%20FINAL%206x7_2%20%7C%20https%3A%2F%2Fwww.herocosmetics.us%2F&_u=aEjAAEABAAAAAC~&jid=&gjid=&cid=544980191.1623602602&tid=UA-102753205-1&_gid=1919503536.1623602604&gtm=2yg690N73MWQN&z=1944254348

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 13:37:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11148
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=742210535&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=50%25&el=FS%20DUO%20FINAL%203x2_1.mp4%20%7C%20https%3A%2F%2Fwww.herocosmetics.us%2F&_u=aEjAAEABAAAAAC~&jid=&gjid=&cid=544980191.1623602602&tid=UA-102753205-1&_gid=1919503536.1623602604&gtm=2yg690N73MWQN&z=196869759

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 13:37:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11148
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.herocosmetics.us/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.herocosmetics.us/	1970-01-20 03:45:38	Name: _pin_unauth Value: dWlkPU1UY3hZelpqWldRdFpUYzBaUzAwTXpWa0xXSXpZek10T1RRNFptSTBPV1ZqTlRJeg
.vimeo.com/	1970-01-20 12:31:14	Name: vuid Value: pl1177360878.480675233
.herocosmetics.us/	1970-01-20 03:45:38	Name: mp_96dd5e317dbb929c96626f744cffd5ec_mixpanel Value: %7B%22distinct_id%22%3A%20%2217a06419fdb785-0e65ca6b0af5ee-5771e33-1d4c00-17a06419fdc699%22%2C%22%24device_id%22%3A%20%2217a06419fdb785-0e65ca6b0af5ee-5771e33-1d4c00-17a06419fdc699%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%22%24os%22%3A%20%22Windows%22%2C%22%24browser%22%3A%20%22Chrome%22%2C%22%24browser_version%22%3A%2089%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.herocosmetics.us/	1970-01-20 12:31:14	Name: _ga_D939QWJC76 Value: GS1.1.1623602601.1.0.1623602601.0
.herocosmetics.us/	1970-01-19 19:00:04	Name: _hjFirstSeen Value: 1
.herocosmetics.us/	1970-01-20 03:45:38	Name: _hjid Value: 24d25d85-9ede-45e3-ab29-b2d16e32876d
.herocosmetics.us/	1970-01-19 19:00:04	Name: tl_sopts_a56b8faf-6d7f-48df-8b40-03ec9e1752ba_p_p_l_h Value: aHR0cHMlM0ElMkYlMkZ3d3cuaGVyb2Nvc21ldGljcy51cyUyRg==
.herocosmetics.us/	1970-01-19 19:00:04	Name: _tl_sid Value: 60c635a9735efc0039fb5004
.herocosmetics.us/	1970-01-19 19:00:04	Name: _s Value: d66b6aac-c8dc-43f3-a00a-6e9911439665
.herocosmetics.us/	1970-01-19 19:00:04	Name: _tl_auid Value: 60c635a86ebc6b002c7a0e35
.herocosmetics.us/	1970-01-19 19:00:04	Name: _shopify_sa_p Value:
.herocosmetics.us/	1970-01-19 21:09:38	Name: _gcl_au Value: 1.1.401821085.1623602602
.herocosmetics.us/	1970-01-19 21:09:38	Name: _fbp Value: fb.1.1623602602003.1322824832
.herocosmetics.us/	1970-01-19 19:00:04	Name: _shopify_s Value: d66b6aac-c8dc-43f3-a00a-6e9911439665
.herocosmetics.us/	1970-01-19 19:00:04	Name: tl_sopts_a56b8faf-6d7f-48df-8b40-03ec9e1752ba_p_p_l Value: JTdCJTIyaHJlZiUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3Lmhlcm9jb3NtZXRpY3MudXMlMkYlMjIlMkMlMjJoYXNoJTIyJTNBJTIyJTIyJTJDJTIyc2VhcmNoJTIyJTNBJTIyJTIyJTJDJTIyaG9zdCUyMiUzQSUyMnd3dy5oZXJvY29zbWV0aWNzLnVzJTIyJTJDJTIycHJvdG9jb2wlMjIlM0ElMjJodHRwcyUzQSUyMiUyQyUyMnBhdGhuYW1lJTIyJTNBJTIyJTJGJTIyJTJDJTIydGl0bGUlMjIlM0ElMjIlMjIlN0Q=
.herocosmetics.us/	1970-01-19 19:20:12	Name: _orig_referrer Value:
.herocosmetics.us/	1970-01-19 19:00:04	Name: _shopify_sa_t Value: 2021-06-13T16%3A43%3A21.339Z
.herocosmetics.us/	1970-01-19 19:00:04	Name: tl_sopts_a56b8faf-6d7f-48df-8b40-03ec9e1752ba_p_p_v_d Value: MjAyMS0wNi0xM1QxNiUzQTQzJTNBMjAuNzE4Wg==
.herocosmetics.us/	1969-12-31 23:59:59	Name: _tl_config Value: JTdCJTIyZXhwVmFyc05hbWVzJTIyJTNBJTdCJTdEJTJDJTIyZXhwVmFyc0lkcyUyMiUzQSU3QiU3RCUyQyUyMmR5bmFtaWNWYXJzJTIyJTNBJTdCJTIyRXhwYW5kZWQlMjBEZXRhaWxzJTIyJTNBJTdCJTIybmFtZSUyMiUzQSUyMkV4cGFuZGVkJTIwRGV0YWlscyUyMiUyQyUyMnZhcmlhYmxlVHlwZSUyMiUzQSUyMkNvZGUlMjBCbG9jayUyMiUyQyUyMnZhbHVlJTIyJTNBZmFsc2UlN0QlMkMlMjJDb2xsYXBzZWQlMjBEZXRhaWxzJTIyJTNBJTdCJTIybmFtZSUyMiUzQSUyMkNvbGxhcHNlZCUyMERldGFpbHMlMjIlMkMlMjJ2YXJpYWJsZVR5cGUlMjIlM0ElMjJDb2RlJTIwQmxvY2slMjIlMkMlMjJ2YWx1ZSUyMiUzQWZhbHNlJTdEJTJDJTIyVGVzdF9UcmFja19Db252ZXJzaW9uJTIyJTNBJTdCJTIybmFtZSUyMiUzQSUyMlRlc3RfVHJhY2tfQ29udmVyc2lvbiUyMiUyQyUyMnZhcmlhYmxlVHlwZSUyMiUzQSUyMkNvZGUlMjBCbG9jayUyMiUyQyUyMnZhbHVlJTIyJTNBZmFsc2UlN0QlMkMlMjJUcmFja19Db252ZXJzaW9uJTIyJTNBJTdCJTIybmFtZSUyMiUzQSUyMlRyYWNrX0NvbnZlcnNpb24lMjIlMkMlMjJ2YXJpYWJsZVR5cGUlMjIlM0ElMjJDb2RlJTIwQmxvY2slMjIlMkMlMjJ2YWx1ZSUyMiUzQWZhbHNlJTdEJTJDJTIyUERQJTIwQWRkJTIwVG8lMjBDYXJ0JTIwLSUyMENvbnRpbnVlJTIwU2hvcHBpbmclMjIlM0ElN0IlMjJuYW1lJTIyJTNBJTIyUERQJTIwQWRkJTIwVG8lMjBDYXJ0JTIwLSUyMENvbnRpbnVlJTIwU2hvcHBpbmclMjIlMkMlMjJ2YXJpYWJsZVR5cGUlMjIlM0ElMjJDb2RlJTIwQmxvY2slMjIlMkMlMjJ2YWx1ZSUyMiUzQWZhbHNlJTdEJTJDJTIyUERQJTIwQWRkJTIwVG8lMjBDYXJ0JTIwLSUyMFByZXZpZXclMjBNb2RhbCUyMiUzQSU3QiUyMm5hbWUlMjIlM0ElMjJQRFAlMjBBZGQlMjBUbyUyMENhcnQlMjAtJTIwUHJldmlldyUyME1vZGFsJTIyJTJDJTIydmFyaWFibGVUeXBlJTIyJTNBJTIyQ29kZSUyMEJsb2NrJTIyJTJDJTIydmFsdWUlMjIlM0FmYWxzZSU3RCUyQyUyMk1vYmlsZSUyMEFkZCUyMFRvJTIwQ2FydCUyMC0lMjBDb250aW51ZSUyMFNob3BwaW5nJTIyJTNBJTdCJTIybmFtZSUyMiUzQSUyMk1vYmlsZSUyMEFkZCUyMFRvJTIwQ2FydCUyMC0lMjBDb250aW51ZSUyMFNob3BwaW5nJTIyJTJDJTIydmFyaWFibGVUeXBlJTIyJTNBJTIyQ29kZSUyMEJsb2NrJTIyJTJDJTIydmFsdWUlMjIlM0FmYWxzZSU3RCUyQyUyMk1vYmlsZSUyMEFkZCUyMFRvJTIwQ2FydCUyMC0lMjBQcmV2aWV3JTIwTW9kYWwlMjIlM0ElN0IlMjJuYW1lJTIyJTNBJTIyTW9iaWxlJTIwQWRkJTIwVG8lMjBDYXJ0JTIwLSUyMFByZXZpZXclMjBNb2RhbCUyMiUyQyUyMnZhcmlhYmxlVHlwZSUyMiUzQSUyMkNvZGUlMjBCbG9jayUyMiUyQyUyMnZhbHVlJTIyJTNBZmFsc2UlN0QlMkMlMjJQcm9kdWN0JTIwR3JpZCUyMC0lMjBTY3JvbGxhYmxlJTIyJTNBJTdCJTIybmFtZSUyMiUzQSUyMlByb2R1Y3QlMjBHcmlkJTIwLSUyMFNjcm9sbGFibGUlMjIlMkMlMjJ2YXJpYWJsZVR5cGUlMjIlM0ElMjJDb2RlJTIwQmxvY2slMjIlMkMlMjJ2YWx1ZSUyMiUzQWZhbHNlJTdEJTdEJTdE
.herocosmetics.us/	1970-01-20 03:45:38	Name: _shopify_y Value: 116cf14a-a102-4b39-b8db-84ff18332463
.herocosmetics.us/	1970-01-20 03:45:38	Name: _y Value: 116cf14a-a102-4b39-b8db-84ff18332463
.herocosmetics.us/	1970-01-19 19:00:04	Name: _tl_csid Value: a56b8faf-6d7f-48df-8b40-03ec9e1752ba
.herocosmetics.us/	1970-01-19 19:20:12	Name: _landing_page Value: %2F
.herocosmetics.us/	1970-01-19 19:00:02	Name: _gat_UA-102753205-1 Value: 1
.herocosmetics.us/	1970-01-19 19:01:29	Name: _gid Value: GA1.2.2144995835.1623602602
.herocosmetics.us/	1970-01-20 12:31:14	Name: _ga Value: GA1.2.544980191.1623602602
www.herocosmetics.us/	1970-01-19 19:00:06	Name: shopify_pay_redirect Value: pending
www.herocosmetics.us/	1970-01-19 19:20:12	Name: cart_currency Value: USD
www.herocosmetics.us/	1970-01-20 12:31:14	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2MjM2MDI2MDEsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3Lmhlcm9jb3NtZXRpY3MudXMvIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNjIzNjAyNjAxLCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL3d3dy5oZXJvY29zbWV0aWNzLnVzLyJ9fQ==
.herocosmetics.us/	1970-01-25 20:31:23	Name: _tl_duuid Value: 5be0027a-5304-4610-955c-e78bab1fb30a
www.herocosmetics.us/	1970-01-19 19:00:04	Name: _shopify_country Value: Poland
www.herocosmetics.us/	1970-01-20 03:45:38	Name: secure_customer_sig Value:

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js(Line 1) Message: [bugsnag] Loaded!
console-api	warning	URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q&shop=tbate.myshopify.com(Line 5) Message: Cannot load klaviyo.js multiple times for the same site. Skipping account "LGmb7q". Active account is "LGmb7q"
console-api	log	URL: https://d2wa25pztvmofr.cloudfront.net/script.js?shop=tbate.myshopify.com(Line 1) Message: BB No bundle in cart
console-api	warning	URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js(Line 1) Message: [bugsnag] Ignoring cross-domain or eval script error. See docs: https://tinyurl.com/yy3rn63z

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

180vod-adaptive.akamaized.net
aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
alb.reddit.com
amazon.partners.tremorhub.com
analytics.tiktok.com
analytics.twitter.com
api-js.mixpanel.com
api.taplytics.com
app.backinstock.org
app.swellrewards.com
bat.bing.com
beacon.krxd.net
bingshoppingtool-t2app-prod.trafficmanager.net
bs.serving-sys.com
c1.adform.net
cdn-loyalty.yotpo.com
cdn-swell-assets.yotpo.com
cdn.attn.tv
cdn.shopify.com
cdn4.mxpnl.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
ct.pinterest.com
d2wa25pztvmofr.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
dpm.demdex.net
f.vimeocdn.com
fast.a.klaviyo.com
fonts.googleapis.com
fresnel.vimeocdn.com
geoip-db.com
googleads.g.doubleclick.net
i.vimeocdn.com
ib.adnxs.com
image6.pubmatic.com
images.accentuate.io
js.taplytics.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loader.wisepops.com
loadus.exelator.com
match.adsrvr.org
monorail-edge.shopifysvc.com
o120794.ingest.sentry.io
odr.mookie1.com
p.typekit.net
p.yotpo.com
pi.ispot.tv
ping.taplytics.com
pixel.advertising.com
pixel.placed.com
pixel.tapad.com
player-telemetry.vimeo.com
player.vimeo.com
popup.wisepops.com
px.surveywall-api.survata.com
s.amazon-adsystem.com
s.pinimg.com
s3.amazonaws.com
sb.scorecardresearch.com
sc-static.net
script.hotjar.com
sessions.bugsnag.com
shop.app
shopify-gtm-suite.getelevar.com
spl.zeotap.com
ssapi.herocosmetics.us
ssum-sec.casalemedia.com
static-forms.klaviyo.com
static.ads-twitter.com
static.hotjar.com
static.klaviyo.com
staticw2.yotpo.com
stats.g.doubleclick.net
sync.1rx.io
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.co
t.myvisualiq.net
tags.bluekai.com
telemetrics.klaviyo.com
token.rubiconproject.com
tr.snapchat.com
uipglob.semasio.net
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
usermatch.krxd.net
usersync.samplicio.us
vars.hotjar.com
vimeo.com
widgets.quadpay.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.herocosmetics.us
www.imdb.com
www.redditstatic.com
x.bidswitch.net
px.surveywall-api.survata.com
104.16.254.71
104.18.6.60
104.244.42.197
104.244.42.3
104.75.88.209
13.32.2.16
13.32.2.38
13.32.2.92
130.211.34.183
141.226.228.48
142.250.185.194
142.250.185.66
151.101.114.109
151.101.114.133
151.101.12.157
151.101.12.217
151.101.128.217
151.101.14.132
167.99.135.134
168.61.66.40
18.158.209.84
18.198.126.47
18.207.76.245
185.33.221.53
185.64.190.78
185.94.180.125
192.229.233.223
199.232.137.140
2.16.186.224
2.18.234.21
2.18.234.233
2001:4860:4802:32::15
212.82.100.182
213.19.147.44
23.227.38.74
23.45.99.241
2600:1901:0:7a0b::
2600:1f18:612b:4232:16e5:e760:b671:d648
2600:9000:206e:8000:f:8ce2:fb80:93a1
2600:9000:211a:fa00:13:ebea:dc0:21
2600:9000:2156:6600:1c:9484:cec0:93a1
2606:4700:10::6816:1857
2606:4700:20::681a:44f
2606:4700:20::681a:b13
2606:4700:20::ac43:4adc
2606:4700:3036::6815:3c8f
2606:4700::6810:125e
2606:4700::6810:7daf
2606:4700::6811:152c
2620:1ec:c11::200
2a00:1450:4001:809::2003
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2004
2a00:1450:400c:c04::9b
2a02:26f0:1700:188::1d72
2a02:26f0:6c00:28c::1931
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba09
2a02:26f0:6c00::210:ba0a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::268
3.11.29.5
3.126.158.103
3.126.56.137
3.216.128.157
3.222.129.39
34.120.202.204
34.120.58.162
34.121.8.176
34.198.244.47
34.199.206.100
34.98.64.218
34.98.67.61
35.156.153.71
35.186.226.184
35.186.235.23
35.188.42.15
35.227.248.159
37.157.6.241
45.79.188.190
52.2.224.141
52.217.49.110
52.29.150.149
54.205.87.49
54.228.36.200
54.228.49.17
54.239.17.112
65.9.66.70
69.173.144.165
76.223.111.131
77.243.60.138
82.199.68.72
99.86.239.11
99.86.241.13
99.86.241.20
99.86.241.30
99.86.245.69
00a99175a0eddb47e639c805b34621e0a9e4abade37d212fadf58d214372d20f
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780
0560eade6d8b6096f5313d589464069f72aa2b7eb92ae5c017d479959cba21c7
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0fd4b77e23ccb3041cd03377aaa0738dd2824c6cf05d2a3784f7b410b9a9c40d
1058c844c99e190859f5a1185f5e8ae3ba60a41700b2e17ba5cbeff443749598
107dad5add93781ddf6c4562cc6da3dbe5b406bab97930e43df6d6c17a99af26
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
167579ea740d12d9ee3211651c7cdf359b5c4fbc99031fba50eee133aa48878c
181333c317e3622dfa81daf7d41a9efbd2057098229987ee7f842bbb467ff011
1a361fd21bbc36e9af159e5ba2526a1fdf3c9b77d819c4f7e496e70f5126bf43
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e3464ced4271304904cc9ae288fe212ebc63d728cea00ad815b2844e2676425
22ed99ec8e4851160f11f8dcf462c43a1ff343793d2521be5256958bdeb19ced
282046cc6cc153b29e51825afc6801ada4258cebc3741875f68386a133fbc747
29613c11dae0153326476fbcbb8801692bf38bef21aad3e2f5247711b39c910c
2b48bf931c510d8ee26e65fe1f112b2a42b2d48f228871f13fe9d9e7dc49e3e3
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2fbd65b2a6e539d2082c8d0780eb1d5461fd9f9156fa9cc144bb245c1b53e56c
300807a8632339de01c7fada5c4bc8a458fcf2bba7861d74ca889ee8446e5ad4
322bb184560e44b31c3bf0ad13c88a7b79484ebf14d6f54191fba93a4017c4ce
352b69ddeb33f923b14c6aa1a68a28690eea37d7fc669c12207dd6f69583bd8b
367e10af413a55ffb5cd664a4c588574b484c3f8d71bcfc44ee1578e732c6ead
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38b904a1cf83df048360fb2480571b749fd98d57e11f1afdffb5a74a78166fea
38ea8af607c6f3dd8c07fa1d027010c4382d8037a026d0492817648e1a4ce8f1
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
3cdc274c39b079e80e8c48a19ff3e627aeb487bc998dc3897a34acd6ceeea2a4
3fa4fd1e31aabb8a3ff5f8bbaae61c86fcb33566abfc08a3b9ff473eaff624d2
410e3f6326f75b4e8f6181af570b9569ce5bc27714a98a297dfc7d3a3cd58efd
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
44b72af014f383676fe6b8f48bb8b4b6c0d9bad9b479ec0b432e1819d124180d
44e547374427e4eba37a23b8ee1681c92e989278a6e185a20751f4baf9d61d3d
478ac3a2eb24177eaaa58563120446e2d5309f075332a4281a35a489b0ea53e9
4a4486833f30199f2aac4f8191450e38568b47eb834a818a489ed90fe7a0e62c
4a630ce79186c69f2f0d1406f523cf4a4f5406677ea7a3ce0a87e007251ef178
4a9669e643e95b206640b99db7b10adbac879a64358bbdcbcc8651b9d72431ff
4b42c70c2b6b253fc35648597747742c5e9f1dd8f7c5dd234a229af651b66763
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4c718e6c04604e704e210624d400222cd989eb140a8b7ff479ced4f7c116e96e
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
503f17f1ead39e733bbf304e686d367d5c7051a5df079f15b7e251b479959b13
5120eec0790764797922dfb870c937b7cb342b682e2cd529804872be96ea895b
52b2329d1e5888abc91802b0e23ae1cdb4f42ee45419f1b105cadfb5427d8a36
56cbbea804457ac4fb51feed9a257425f80de37b59c9e11999e535ad71b5b93b
570c18a72f8c237ee28c78cc10ac99cece43c0b4a95aa2afd497dd70716dc5fc
59699aa2932f509b4113721118ac0afbc333ecd8d10b3a876807f5cb094fe90c
5e0be35925b9d3cefe45bdf5591dad6e893fcf238cc14cd0e8b61bfec2805322
5f4d9cfd2c28f45243e5d15be93ca8fcf20b3644c06fc82a0d78edc094d5a1a3
5f69169f5e6d4cbc91f140c53b2a18e2731847e36b3c0da15b51a14c748355d5
5fc989ccff2af15a5d8202ad64a62e15411c78915b4005e26ba3984d0f9d4770
61d81fd71b21e28132253faaa368604bc04d58a1df833118b1b2b47487b085e5
68ce65c3d5bbf78d8d5740646a7d70a0a9e87250b92b06b0e3fc4e22b39ec795
698cd52ffea9f9987d9c389e5aa8fdeeba2073f72a5addbbfa7893f4bb5125ef
6a3dbb230b9c333a39405f7dc4115a91bb3dcae67f68c76ac5c81451dc2f4ac2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b269d85bdcedb32dcf64454edbe8ba165ae1246ac09b9c10fb4724281357057
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd54eff45e14f5b5530cf55d24af3e501f34462a99bb05661925618e15f52f6
6cc4b32de9ef6161a9bc1ed62866cdd378336356887adccd57858eb4f939f9bf
6d2afc659e6ff07b116339285477ffabecf32dac527395f88075804144e8ba34
6e68c7f596671913cde21ea0a5c4367b743a79422d87b0659e22f00673c5aeb8
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1
73fcfe82c48501d38d13d60a355d743c0e693e0f4b073cf64dcb71433c99256d
745e280a74e1ad3eaff7092934051d32882b92b3cc4921ff714068e7b73fab24
77e300ad2ffb8b9fe32be977a08b078f5c00ce499daf9cb1361b8a615c020236
783784d4772fa92b03cedd30dc415ffafcc77e2b2b10d5d7cf0226629904abda
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7a5fd787f27556a9d61edfb597cd5b2f61366893726208c5fd719c14047853c7
7b3a311e463360814d373ee4ebd1f7ed7f2168953f50b409c5f0115d9bfe89e5
7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65
7c8eb3fac2da085b9b9162f25b769e760c25fbbfbe5edd7a354def8ee0bebe6b
7d344c4345e9df8767626e58448d1286eb41a0fdbc9f1e6e6c4e2be7a74ca52d
7dd020d86f193c29bdb549f2032bb94fd6a4198953091ad1b5f0ee7f972ea32d
7ea208827e3e7bd45aa4791bc24e24829e43ce868ae98aae1b64716385fc715a
7eb87661521cbb7369647c7802e6c6337fc80cb6b5b60fd0367be34840385a6b
7ed6ea6b994f975e4ede747d96d2eb3f63ad55b3d5803615fdb115b487b461d1
80605dd6653d1705776c10448f6fc7453bcf6de08ae0551f8b79b2c3b986729f
80933075fc79f4b871aa69faaa5053944a47984b61e57ffc19009ba3fc62b031
81d7d44416c0ed6edee378069c4796ace8035495fa34e1c436e5df9746620b4c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bcb240059d02bd10ea054d2bd07d4f6ab712f6513bdb13a01f37347c376edd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
89a5f38aec15e6dd7c5ba9e603b39373595e53181a725cabf150fd38c1043e25
8fc31808afdf7c785b86537a7fae0299a655d183ecc0bbe507395a25cee39dbb
902a824ee9f45f74553e9ddad0fe0351f314ecaa27dfd1bb2b0f6fe45cf53874
9102e7d07194ef0d231630e5acb69d75f2e44f6c48610aa0f8330fbb6fa2794b
91cf772cd44e8756f72bdd23c66cbc3d90c9f4a413630174cdc9e062849335aa
99c125f0881ef3bcc179f9b6424b78a2b2af67185056dc0fae650ef660769798
9b33ef959731ec968c50cae98f4555f91879d4b9bb2d519fb7c84a5d72251859
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9d38fd5af2f1903f7c961c464a1d37b6440d3f1a6ef5aa05bae0c313cc770f6b
9fc173973d99f7ac5f24258d865fa126515bf1894286d17d181d5db0e6ce2e01
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3dca392f666cddf8352f8a10199e9ae93d2afc53117e013fae88327489d28
a12984a120f9db14993505ca505fad401dad56d4bba43b5a671f2b4222925816
a1a4e6b45c894bfe857fa7018facf81aa4316fcfeeb768bdbf3a4eb5cf69e6e4
a387670fdd0f1b27de3fef6dba6dffcb7ec1a828d50457b9cd01189c6fb77e49
a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524
a6af30707ccaee17998fe603cd9f56a88c9c579f7d84915ce5303dbb77f3f118
a78b92b5fc3064fa6354d8ec0b9e32ed922476429358e832ba78f18b7d27a4a9
aacf10ef41186272da655129c129356eda276a22babbc5c4034db907140097c0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad0c7ec3be4d30795b55ce912aaebdd25c757d94581ea914c8d44c0c53577e23
b4f0e57f9674005c1da44d94e9f5d80a9685f0c56f37fdbe69f3f77c2026512d
b547be2f9bef4e3251eefeae0b039f9a20a9a452f05595e76be4e1b22eda7cc9
b58612a9e424382b76864a2a73a8ae9c4425ada6a2a1b0d93126b3e03cc020b5
b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8
b6380f221f13ab7512df49d9b71db0c9a2e76f293bd368ec0c07c737b5666c37
b79adf570b66bcd072b6f3ea35e760f7433030c083c686a08b6ba740f532098a
b841b5b447408664e16172289e68e3b3af3bd554a7b85fb1886e01b63fa97569
b8e6ad9cd6b3425f7fde8ec7eba7517381c9224b73328fe698a9832bdb4607d6
ba59956084c9b7b830d30885f6975abc6c2a22638ca04930fec13808947eeeb3
bad553fcc71e4b5d3b1a4c415e71a7de21a655c0e7bc2192b17d5b77dcf66ae8
bb816046f2eeabf435bf4702316a76a4705514a0a67154d293148fb9f6d97a57
bd43ab48e1c9e45a02cf6d15ee14e786d6d53fcab16cc68ebbb55528464b981e
be064f7da15fe90f8a498b6afbd935c6178974a4cdfddfd0927436be99694fce
bf2cf0e0d7d2b13d1df01e0cd91a9d319acf0ccb9d8eabda3c3b0aa85b2bb0e1
bfbbd0772eda291e13d714b63c76011a05b1a830ee633732e379b487cb076dd8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c62195b74b679afaf7051f3996694e08e337c2abfeeaa12961afff3a337b9500
c895f5c6966e110f7eb6612a6b91f32ed7b52c630460101c6813daa97f7bc1bd
cb574cb787673f8b80f0efb6796206b02cea7837e9ca92a7374ab670679f9f97
ce1b5051064a612fd3eb2324f0e0cc8bd2e769e17a864a8b5c4361cfa17577ce
ce3949c6a175e5cc3545de5dccf97191e406479f34866e74b63ad5453fc01335
cf760c8e8873e89f3a0420b0ef4f92a2b1f091373940ce80546c3ae7aea177d6
d04c01926dc18bb1aa1b0b07f12bb45c930a8c868f0b65e4c9961eaafa614c21
d1b82ff5864af3542fb9605958c4705216c0a48b884ec473ccd55b33f09417ad
d3ed6cb466bd654fe36c57faacb1c88ad4e2793087431d6ffc5366961a4c978f
d45d13d33ab367f9e838af93e21373dce68b4812aae430d6f6beecd6e59a7cb3
d4ea79f3e9cdf4a807d89f456fb83b7282b006c219b25ea581564c5b8bbeec59
d5a1f0e119152966e25d1495fa074266b4e113d610752c6e66fff9abd1539dab
d61b4b5ada5dbe2f615107e37ee9ee56f963846d57a73d0a187fd34066cd89b7
d6997e98801e62b3ebd16d24aa07ff2a61b32cf68418d9982ebcad93ae6bc122
d6ee2a4d36c2d690b45d391edbc231d50aa0f653e5c8fc701bacb38ceea75235
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4
d8e7a487dc5fd3c114e4ecb3473955d37e96eb3b320ad0615da1b05e77be9023
d8ecd573b4fb59d68fa623f4c5c2130e470b82ae559e4f86e6a891fcc80e1362
d903a35a90276fed8d286f4de9f6ab44db076826cdb14a82d2e418aeb79b92ac
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4
dbe74252035fd1cda8b03e76098b49b0530e2e9470b004549f628b1e840e6694
dc131657068707ac57506e3053ea092a346e7364ec91bc922b4f78921e73a9e4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deac7e66c014fc3fb33614f3878d9ca2c2fbfce2ffd80ad6a2355875a0f4ba96
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfe83bd7c16bf942110e8738c45005e773272ee751ac0022c1e87a35585fb1d3
e143fe2aec7d553ad779af2aaec8243746dcbbf147321f9d69b86b78bc4b5b2f
e1f7252e0b3549e24635aa6bb6a220658d14c66a7686e9ccba9fbac2bd2284fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80a47825c8066d1b1be6d53baf316f0b9e0d1132dbd72566803fb44b9fbfcb7
e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f
eb23842e002864729d3e39cf25f636f55d6fce297c0154dd6b54d1f5b815d671
edc6e6abd1a41867b13278d0a2a2255e433aaa1a53367a4be9bacf00e6fdab08
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6515b33069e8a1be6e8527cd2e28d6b98098e77c6fcabc674f1d418c517db0
ef7b2df67c1a6c45c227e6ddabd306fb3bc4d533287f2273d1492787dcd5e848
f0e903b798852128fb3cf7a53e34a5113976f298e257bfcc712eb568ac03888c
f36d6ddaa45a751840d916f44c206af6f4509a83bdf5983596fb8b306c86ac80
f3f07c81406bbdb752fd973049bf14123fd43d804b745e5448a535280f535909
f9acc13b0c5d36c2b2132cb7f0b90f943c0800fd05a0ad079e7fcd933b378fdf
fbb88c4e7516dea47a990790a72a2cd6cf848ce3cc5a586d22e8d01b6aa6c861
fe7ec77584ca08b2e86b4a7a7061236a59fe704eb72c94b723d4e49f8dd829ea
ff5fa34b7b4add78cedae128a55a17cadb6865f39c1788d9f9b6c315b06fb613

www.herocosmetics.us Open in urlscan Pro 23.227.38.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

280 Requests

100 %HTTPS

30 %IPv6

86 Domains

109 Subdomains

71 IPs

8 Countries

10891 kBTransfer

16239 kBSize

33 Cookies

14 Outgoing links

Redirected requests

280 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.herocosmetics.us Open in urlscan Pro
23.227.38.74 Public Scan

Screenshot
Live screenshot

Full Image

280
Requests

100 %
HTTPS

30 %
IPv6

86
Domains

109
Subdomains

71
IPs

8
Countries

10891 kB
Transfer

16239 kB
Size

33
Cookies

280 HTTP transactions
0 data transactions