www.herocosmetics.us Open in urlscan Pro
23.227.38.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://herocosmetics.us/
Effective URL:
https://www.herocosmetics.us/
Submission Tags: tranco_l324
Submission: On November 23 via api (November 23rd 2021, 4:36:10 am UTC) from DE — Scanned from US

Summary HTTP 220 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 59 IPs in 5 countries across 76 domains to perform 220 HTTP transactions. The main IP is 23.227.38.74, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is www.herocosmetics.us.
TLS certificate: Issued by R3 on November 2nd 2021. Valid for: 3 months.

This is the only time www.herocosmetics.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.227.38.32 23.227.38.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	2a04:4e42:e00... 2a04:4e42:e00::268	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:210... 2600:9000:210b:1c00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
4	2600:9000:21d... 2600:9000:21da:4400:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.120.58.162 34.120.58.162	15169 (GOOGLE) (GOOGLE)
1	23.227.38.33 23.227.38.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2606:4700:20:... 2606:4700:20::681a:54f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	34.138.230.116 34.138.230.116	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1	35.168.96.170 35.168.96.170	14618 (AMAZON-AES) (AMAZON-AES)
4	34.237.89.32 34.237.89.32	14618 (AMAZON-AES) (AMAZON-AES)
1	18.205.33.239 18.205.33.239	14618 (AMAZON-AES) (AMAZON-AES)
4	2a04:4e42:60::84 2a04:4e42:60::84	54113 (FASTLY) (FASTLY)
5	23.49.248.8 23.49.248.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
6	2600:9000:21d... 2600:9000:21da:bc00:a:78b:4e00:93a1	16509 (AMAZON-02) (AMAZON-02)
5	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
3	2600:141b:13:... 2600:141b:13:1085::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	168.61.66.40 168.61.66.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:202... 2600:9000:202c:ea00:1e:e4a:5840:21	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:20:... 2606:4700:20::681a:c9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:d2f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	46.101.254.131 46.101.254.131	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	35.186.235.23 35.186.235.23	15169 (GOOGLE) (GOOGLE)
1	13.225.63.15 13.225.63.15	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3036::6815:b99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
1	151.101.208.157 151.101.208.157	54113 (FASTLY) (FASTLY)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.225.63.61 13.225.63.61	16509 (AMAZON-02) (AMAZON-02)
1 36	209.54.176.128 209.54.176.128	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
2	192.229.163.223 192.229.163.223	15133 (EDGECAST) (EDGECAST)
1	34.192.21.137 34.192.21.137	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:402... 2607:f8b0:4023:1404::9b	15169 (GOOGLE) (GOOGLE)
1	54.230.162.77 54.230.162.77	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:806::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2 5	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1	13.225.210.108 13.225.210.108	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:b... 2600:1901:0:be84::	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2600:9000:202... 2600:9000:202c:5400:1a:609a:6780:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 1	23.209.184.224 23.209.184.224	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	54.175.87.114 54.175.87.114	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.45.76.65 52.45.76.65	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.222.167.3 3.222.167.3	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:612... 2600:1f18:612b:4216:7de5:38a9:e1be:23d8	14618 (AMAZON-AES) (AMAZON-AES)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	63.251.28.218 63.251.28.218	26558 (FREEWHEEL) (FREEWHEEL)
1 1	143.204.149.52 143.204.149.52	16509 (AMAZON-02) (AMAZON-02)
1	34.237.173.244 34.237.173.244	14618 (AMAZON-AES) (AMAZON-AES)
1	54.81.7.92 54.81.7.92	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.192.56.19 34.192.56.19	14618 (AMAZON-AES) (AMAZON-AES)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	34.210.53.141 34.210.53.141	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
1 1	34.206.33.80 34.206.33.80	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
2 2	192.35.249.127 192.35.249.127	11742 (SPOTX-IAD) (SPOTX-IAD)
1 1	52.6.91.228 52.6.91.228	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.206.102.118 18.206.102.118	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
1 1	52.70.197.1 52.70.197.1	14618 (AMAZON-AES) (AMAZON-AES)
2 2	13.226.37.38 13.226.37.38	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	184.29.129.7 184.29.129.7	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
2 2	68.67.178.10 68.67.178.10	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
1 1	45.79.164.223 45.79.164.223	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
2 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1	52.50.124.16 52.50.124.16	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.25.25 35.190.25.25	() ()
220	59

1 23.227.38.32 (Canada) 1 redirects

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com

herocosmetics.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)

www.herocosmetics.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a04:4e42:e00::268 (United States)

ASN54113 (FASTLY, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

ssapi.herocosmetics.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:210b:1c00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21da:4400:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.58.162 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 162.58.120.34.bc.googleusercontent.com

shopify-gtm-suite.getelevar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.33 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: checkout.shopify.com

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:20::681a:54f (United States)

ASN13335 (CLOUDFLARENET, US)

cld.accentuate.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.accentuate.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.138.230.116 (North Charleston, United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 116.230.138.34.bc.googleusercontent.com

monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.96.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-96-170.compute-1.amazonaws.com

app.swellrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.237.89.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-89-32.compute-1.amazonaws.com

hero.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.205.33.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-33-239.compute-1.amazonaws.com

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:60::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.49.248.8 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-248-8.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:21da:bc00:a:78b:4e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

creatives.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:13:1085::1d72 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-loyalty.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.61.66.40 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bingshoppingtool-t2app-prod.trafficmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:202c:ea00:1e:e4a:5840:21 (United States)

ASN16509 (AMAZON-02, US)

d24pi58tm9sxgh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:c9e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

live.bb.eight-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:d2f8 (United States)

ASN13335 (CLOUDFLARENET, US)

app.backinstock.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.101.254.131 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

geoip-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.235.23 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 23.235.186.35.bc.googleusercontent.com

cdn4.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-15.ewr53.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:b99 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.streetmetrics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.208.157 (Newark, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.63.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-61.ewr53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 209.54.176.128 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.163.223 (United States)

ASN15133 (EDGECAST, US)

cdn-swell-assets.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.21.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-21-137.compute-1.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1404::9b (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.162.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-77.ewr53.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.226.184 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.210.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-210-108.ewr50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:be84:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:202c:5400:1a:609a:6780:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.209.184.224 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-184-224.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.175.87.114 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.76.65 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-76-65.compute-1.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.222.167.3 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-167-3.compute-1.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:7de5:38a9:e1be:23d8 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.218 (United States) 1 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.149.52 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-149-52.ewr52.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.173.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-173-244.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.7.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-7-92.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.56.19 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-56-19.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.210.53.141 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-53-141.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.33.80 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-33-80.compute-1.amazonaws.com

px.surveywall-api.survata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.35.249.127 (Ashburn, United States) 2 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.6.91.228 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-91-228.compute-1.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.206.102.118 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-102-118.compute-1.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.32.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.197.1 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-197-1.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.37.38 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-37-38.ewr53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.29.129.7 (Edison, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-129-7.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 2 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.178.10 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.229.3.43 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.164.223 (Cedar Knolls, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-12.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.124.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-124-16.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.25.25 (None, )

ASN- ()

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	shopify.com cdn.shopify.com	2 MB
36	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	26 KB
21	accentuate.io cld.accentuate.io images.accentuate.io	692 KB
14	attn.tv cdn.attn.tv hero.attn.tv creatives.attn.tv	2 MB
7	google-analytics.com www.google-analytics.com	20 KB
6	snapchat.com 2 redirects tr.snapchat.com tr6.snapchat.com	2 KB
6	yotpo.com staticw2.yotpo.com cdn-loyalty.yotpo.com cdn-swell-assets.yotpo.com p.yotpo.com	366 KB
6	shopifysvc.com monorail-edge.shopifysvc.com	3 KB
6	klaviyo.com static.klaviyo.com	25 KB
6	herocosmetics.us 1 redirects herocosmetics.us www.herocosmetics.us ssapi.herocosmetics.us	141 KB
5	yahoo.com 5 redirects ups.analytics.yahoo.com cms.analytics.yahoo.com	2 KB
5	pinterest.com ct.pinterest.com www.pinterest.com	6 KB
5	googleapis.com fonts.googleapis.com	4 KB
5	tiktok.com analytics.tiktok.com	70 KB
4	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	3 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	64 KB
4	pinimg.com s.pinimg.com	39 KB
3	gstatic.com fonts.gstatic.com	86 KB
3	bing.com bat.bing.com	11 KB
2	tapad.com 2 redirects pixel.tapad.com	885 B
2	google.com www.google.com	655 B
2	pubmatic.com 2 redirects image6.pubmatic.com	528 B
2	exelator.com 2 redirects loadus.exelator.com	2 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	semasio.net 2 redirects uipglob.semasio.net	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	openx.net 2 redirects us-u.openx.net	403 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com	741 B
2	serving-sys.com 2 redirects bs.serving-sys.com lm.serving-sys.com	777 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	adform.net 2 redirects c1.adform.net	997 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com token.rubiconproject.com	2 KB
2	krxd.net 1 redirects beacon.krxd.net usermatch.krxd.net	496 B
2	myvisualiq.net 2 redirects t.myvisualiq.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	659 B
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	facebook.com www.facebook.com	498 B
2	sc-static.net sc-static.net	14 KB
2	facebook.net connect.facebook.net	113 KB
2	geoip-db.com 1 redirects geoip-db.com	400 B
2	eight-cdn.com 1 redirects live.bb.eight-cdn.com	3 KB
2	cloudflare.com cdnjs.cloudflare.com	24 KB
1	mixpanel.com api-js.mixpanel.com	374 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	taboola.com 1 redirects sync.taboola.com	300 B
1	ispot.tv 1 redirects pi.ispot.tv	344 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com	612 B
1	survata.com 1 redirects px.surveywall-api.survata.com	749 B
1	mookie1.com 1 redirects odr.mookie1.com	601 B
1	samba.tv 1 redirects ads.samba.tv	292 B
1	samplicio.us usersync.samplicio.us	263 B
1	imdb.com 1 redirects www.imdb.com	902 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com	690 B
1	zeotap.com spl.zeotap.com	404 B
1	tremorhub.com 1 redirects amazon.partners.tremorhub.com	396 B
1	bluekai.com 1 redirects tags.bluekai.com	672 B
1	agkn.com 1 redirects aa.agkn.com	640 B
1	t.co t.co	470 B
1	twitter.com analytics.twitter.com	673 B
1	reddit.com alb.reddit.com	125 B
1	ads-twitter.com static.ads-twitter.com	6 KB
1	redditstatic.com www.redditstatic.com	8 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	streetmetrics.io pixel.streetmetrics.io	44 B
1	mxpnl.com cdn4.mxpnl.com	25 KB
1	googletagmanager.com www.googletagmanager.com	61 KB
1	backinstock.org app.backinstock.org	17 KB
1	cloudfront.net d24pi58tm9sxgh.cloudfront.net	2 KB
1	trafficmanager.net bingshoppingtool-t2app-prod.trafficmanager.net	786 B
1	attentivemobile.com events.attentivemobile.com	308 B
1	swellrewards.com app.swellrewards.com	1 KB
1	shop.app shop.app	1 KB
1	getelevar.com shopify-gtm-suite.getelevar.com	34 KB
1	dwin1.com www.dwin1.com	8 KB
1	unpkg.com unpkg.com	39 KB
220	76

	Domain	Requested by
47	cdn.shopify.com	www.herocosmetics.us cdn.shopify.com
36	s.amazon-adsystem.com	1 redirects www.herocosmetics.us s.amazon-adsystem.com
11	images.accentuate.io	www.herocosmetics.us
10	cld.accentuate.io	www.herocosmetics.us
7	www.google-analytics.com	ssapi.herocosmetics.us cdn.shopify.com www.googletagmanager.com
6	creatives.attn.tv	hero.attn.tv www.herocosmetics.us
6	monorail-edge.shopifysvc.com	cdn.shopify.com
6	static.klaviyo.com	www.herocosmetics.us static.klaviyo.com
5	tr.snapchat.com	2 redirects cdn.shopify.com
5	fonts.googleapis.com	hero.attn.tv creatives.attn.tv staticw2.yotpo.com cdn-swell-assets.yotpo.com
5	analytics.tiktok.com	cdn.shopify.com analytics.tiktok.com
4	ups.analytics.yahoo.com	4 redirects
4	ct.pinterest.com	cdn.shopify.com www.herocosmetics.us
4	s.pinimg.com	cdn.shopify.com s.pinimg.com ssapi.herocosmetics.us
4	hero.attn.tv	cdn.shopify.com cdn.attn.tv creatives.attn.tv
4	cdn.attn.tv	www.herocosmetics.us cdn.attn.tv ssapi.herocosmetics.us
4	www.herocosmetics.us	cdn.shopify.com
3	fonts.gstatic.com	fonts.googleapis.com
3	bat.bing.com	ssapi.herocosmetics.us bat.bing.com
2	pixel.tapad.com	2 redirects
2	www.google.com
2	image6.pubmatic.com	2 redirects
2	loadus.exelator.com	2 redirects
2	ib.adnxs.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	us-u.openx.net	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	t.myvisualiq.net	2 redirects
2	pixel.advertising.com	2 redirects
2	x.bidswitch.net	2 redirects
2	www.facebook.com
2	cdn-swell-assets.yotpo.com	cdn-loyalty.yotpo.com cdn-swell-assets.yotpo.com
2	sc-static.net	www.herocosmetics.us tr.snapchat.com
2	connect.facebook.net	www.herocosmetics.us connect.facebook.net
2	geoip-db.com	1 redirects
2	live.bb.eight-cdn.com	1 redirects
2	staticw2.yotpo.com	www.herocosmetics.us staticw2.yotpo.com
2	cdnjs.cloudflare.com	www.herocosmetics.us
1	api-js.mixpanel.com	cdn.shopify.com
1	maxcdn.bootstrapcdn.com	cdn-swell-assets.yotpo.com
1	in.hotjar.com	cdn.shopify.com
1	sync.taboola.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	token.rubiconproject.com	1 redirects
1	usermatch.krxd.net	1 redirects
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	px.surveywall-api.survata.com	1 redirects
1	odr.mookie1.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	beacon.krxd.net	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	spl.zeotap.com	s.amazon-adsystem.com
1	cms.analytics.yahoo.com	1 redirects
1	amazon.partners.tremorhub.com	1 redirects
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	tr6.snapchat.com
1	vars.hotjar.com	static.hotjar.com
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	alb.reddit.com
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	cdn.shopify.com
1	p.yotpo.com
1	static.ads-twitter.com	ssapi.herocosmetics.us
1	www.redditstatic.com	ssapi.herocosmetics.us
1	www.googleadservices.com	ssapi.herocosmetics.us
1	pixel.streetmetrics.io
1	static.hotjar.com	ssapi.herocosmetics.us
1	cdn4.mxpnl.com	www.herocosmetics.us
1	www.googletagmanager.com	ssapi.herocosmetics.us
1	www.pinterest.com	s.pinimg.com www.herocosmetics.us
1	app.backinstock.org	www.herocosmetics.us
1	d24pi58tm9sxgh.cloudfront.net	www.herocosmetics.us
1	bingshoppingtool-t2app-prod.trafficmanager.net	www.herocosmetics.us
1	cdn-loyalty.yotpo.com	www.herocosmetics.us
1	events.attentivemobile.com	cdn.attn.tv
1	app.swellrewards.com	cdn.shopify.com
1	shop.app	cdn.shopify.com
1	shopify-gtm-suite.getelevar.com	www.herocosmetics.us
1	www.dwin1.com	www.herocosmetics.us
1	unpkg.com	www.herocosmetics.us
1	ssapi.herocosmetics.us	www.herocosmetics.us
1	herocosmetics.us	1 redirects
220	95

This site contains links to these domains. Also see Links.

Domain
heroskinsquad.socialmedialink.com
support.herocosmetics.us
www.instagram.com
www.facebook.com
twitter.com
www.youtube.com
www.tiktok.com
herocosmetics.us

Subject Issuer	Validity	Valid
www.herocosmetics.us R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
cdn.shopify.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
ssapi.herocosmetics.us GTS CA 1D4	`2021-09-25` - `2021-12-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.dwin1.com Amazon	`2021-11-19` - `2022-12-17`	a year	crt.sh
static.klaviyo.com R3	`2021-09-25` - `2021-12-24`	3 months	crt.sh
*.attn.tv Amazon	`2021-03-08` - `2022-04-06`	a year	crt.sh
shopify-gtm-suite.getelevar.com GTS CA 1D4	`2021-10-18` - `2022-01-16`	3 months	crt.sh
shop.app R3	`2021-09-27` - `2021-12-26`	3 months	crt.sh
monorail-edge.shopifysvc.com R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.swellrewards.com Amazon	`2021-07-23` - `2022-08-21`	a year	crt.sh
*.attentivemobile.com Amazon	`2021-03-08` - `2022-04-06`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
*.tiktok.com RapidSSL RSA CA 2018	`2019-11-14` - `2022-01-12`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.yotpo.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-02`	a year	crt.sh
bingshoppingtool-t2app-prod.trafficmanager.net Microsoft RSA TLS CA 01	`2021-11-01` - `2022-11-01`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
backinstock.org Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-01` - `2021-11-30`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-15` - `2022-07-28`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-24` - `2022-03-23`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-18`	a year	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh
tr6.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-20` - `2022-01-23`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.samplicio.us Amazon	`2021-04-17` - `2022-05-16`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh

This page contains 10 frames:

Primary Page: https://www.herocosmetics.us/
Frame ID: A9C65FF08CD2CFE3DAD5E33811968C81
Requests: 156 HTTP requests in this frame

Frame: https://hero.attn.tv/creative?v=128d7342&r=&w=1600&h=1200&id=af24a77c1a444dbeaa15e1a8961f5aaf&l=https%3A%2F%2Fwww.herocosmetics.us%2F&ss_ref=ORGANIC&t=n&pv=1
Frame ID: 56945E137AD0E9FB2B074DB5C1488283
Requests: 14 HTTP requests in this frame

Frame: https://www.pinterest.com/ct.html
Frame ID: AA3157A54B24089703950AE3F8AFA443
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=979529678859526900&dcc=t
Frame ID: 1F35DA11281D89A46E82513DA106A946
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=sOvgez2BTOSuk_NDE1VPug&ex-pl-n-g-hmt=ocvrRnWMQ4iq1g5jWUMBWQ&ep=DvmjCSyxS0N2ecmRSatxTEATR76CCMHvps4nPaRKla8X7vj-QnMgPRRPQjVDAJRf4pKE_VIO639_bYnHDOJy6xmnrqAtQJEbzcHwMlnTpPOO7dMMGQiQSVA3xPzbPyjgIBciRDcLx7U7Q1r2WwLvS0zCudD2Q3dycBUrYPN46NCUi_TaKDjpsLA1JJPwd1hZqWV8htaX25QhGnEuXVG8cg
Frame ID: F43232E861F0F05490E6A02A56029FC7
Requests: 37 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=0470dae7-028b-4609-a07a-65a3ee776aed
Frame ID: FD5126BD8736A109E1CB08439184F1A7
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: 72283D17FBAC10EF874FCB1B59A5AD38
Requests: 1 HTTP requests in this frame

Frame: https://tr6.snapchat.com/ipv6?rid=0fa66f55-e562-4f0d-8e5e-6d5ce8830960
Frame ID: 75EEA219EE21308DCDB41ED35FC8369A
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1637507629238&pnid=140&pcid=3689c51b-3e27-44a5-b177-2a8ae9026c0e
Frame ID: B4F18615A13335D2312EE30B63217951
Requests: 1 HTTP requests in this frame

Frame: https://cdn-swell-assets.yotpo.com/bootstrap.min.css
Frame ID: 71D1E9764DF2C8BB13E5A32EF171C0EA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hero Cosmetics | Hero Cosmetics | Superpowered Skincare For All

Page URL History Show full URLs

http://herocosmetics.us/ HTTP 301
https://www.herocosmetics.us/ Page URL

Page Statistics

220
Requests

83 %
HTTPS

33 %
IPv6

76
Domains

95
Subdomains

59
IPs

5
Countries

5828 kB
Transfer

10043 kB
Size

107
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://heroskinsquad.socialmedialink.com/members/sign_in?utm_source=community&utm_medium=skinsquad&utm_campaign=invite#/
Title: Join Skin Squad

Search URL Search Domain Scan URL

URL: https://support.herocosmetics.us/hc/en-us
Title: FAQ

Search URL Search Domain Scan URL

URL: https://support.herocosmetics.us/hc/en-us/requests/new
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.instagram.com/herocosmetics/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/herocosmetics/

Search URL Search Domain Scan URL

URL: https://twitter.com/herocosmetics/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0wZCPILuEVZaTPCUutXPag

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@herocosmetics

Search URL Search Domain Scan URL

URL: https://www.instagram.com/colewhittington/

Search URL Search Domain Scan URL

URL: https://herocosmetics.us/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/anelletarke/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CO5_U_EMC1x/?utm_source=ig_web_copy_link

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CNlHtjujwjM/?utm_source=ig_web_copy_link

Search URL Search Domain Scan URL

URL: https://www.instagram.com/always.amberina/

Search URL Search Domain Scan URL

URL: https://support.herocosmetics.us/
Title: FAQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://herocosmetics.us/ HTTP 301
https://www.herocosmetics.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112

https://live.bb.eight-cdn.com/script.js?shop=tbate.myshopify.com HTTP 302
https://live.bb.eight-cdn.com/static/script-29cd8c3234213624fdaf.js

Request Chain 114

https://geoip-db.com/jsonp?callback=callback&_=1637642162777 HTTP 301
https://geoip-db.com/jsonp/?callback=callback&_=1637642162777

Request Chain 129

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=979529678859526900 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=979529678859526900&dcc=t

Request Chain 166

https://tr.snapchat.com/p HTTP 303
https://tr6.snapchat.com/ipv6?rid=0fa66f55-e562-4f0d-8e5e-6d5ce8830960

Request Chain 170

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=205150503979004284081&ex=neustar.biz

Request Chain 171

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=0204f32cd7f4c88134bf5ec9e6d2fe49

Request Chain 172

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 173

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=7XcVya9vR7KPIXVpS6pLWg HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=7XcVya9vR7KPIXVpS6pLWg&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=7XcVya9vR7KPIXVpS6pLWg

Request Chain 174

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1 HTTP 302
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UPdeb10ff9-4c16-11ec-90e3-0e5762b885b3 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=e41fcf70ab75b08244eb9a08a834bfd406f8805e&ex=aoldisplay.com

Request Chain 175

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=0a8ab98f-789a-4aed-ad9e-81f3cac2c078

Request Chain 176

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=d2c69fef7ea7481ca34aa08939dee9ac

Request Chain 177

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://s.amazon-adsystem.com/ecm3?id=y-IRv3SX9E2pE4AJbiKttxUl1N.ddCEJdXsOOV~A&status=NOT_FOUND&ex=gemini

Request Chain 179

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=b484b3a2c51329d7e74023d3d83bff67&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 180

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 183

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e7ffeb6418b12201

Request Chain 184

https://pixel.rubiconproject.com/tap.php?v=1053074&nid=2179&put=I82zfMoLR1WniIMZn221gg&next=https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id= HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT

Request Chain 185

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=uw282VU8TCmzw8fCwlGyQA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=uw282VU8TCmzw8fCwlGyQA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=58774573467902483333074860490631213082

Request Chain 186

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=6RLkfytVTJu0uUHq7day9A HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10610339985053103018&gdpr=&gdpr_consent=

Request Chain 187

https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=

Request Chain 188

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6609201023583653501

Request Chain 189

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=df0ff2cb-4c16-11ec-afd3-183ad5690503 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=df0ff246-4c16-11ec-afd3-183ad5690503

Request Chain 190

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22a171cc7a-51ba-4c37-8d66-31cf5beb807d%22,%22Time%22:%2220211122T233605.601765%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=a171cc7a-51ba-4c37-8d66-31cf5beb807d

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEAOjogNqxjR5a97BjYjd4So&google_cver=1

Request Chain 192

https://usermatch.krxd.net/um/v2?partner=amzn HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=krux.com&id=Of5DefR3

Request Chain 193

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=a88a3b150793521a1d290eab8dc1cab9

Request Chain 194

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=d38a04ad-66c6-c846-2e56-e4999ac130df

Request Chain 195

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KM5YhSwwnfKZ28-Wp7tdVzc4cls4ZgAC

Request Chain 196

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=830788563D1DD8BE

Request Chain 197

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=6554793325189761322&ex=appnexus.com

Request Chain 198

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=XLcvS7dfvq5QT8LnxZb2XsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=ocvrRnWMQ4iq1g5jWUMBWQ& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 200

https://loadus.exelator.com/load/?p=204&g=8888&j=0 HTTP 302
https://loadus.exelator.com/load/?p=204&g=8888&j=0&xl8blockcheck=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=a546cac9ee4a6c7adc98e4dab08a4fc2

Request Chain 201

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=DFA44F2DB66F9C61DF5BFBB2025D038A

Request Chain 202

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-Gy5pGPN1l2PlTvTfEdtr5xBu9rEf3dc-

Request Chain 203

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=3665fb51ea138b8aa713a4e7c61e31c2b7e15d5e85cf601b53bbb791f39f9164

Request Chain 204

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=E4881211-6043-48C3-920E-8DFC8F13A642

Request Chain 205

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=917340de-111a-48a0-b499-451cbb79df6a-tuct895f536

Request Chain 210

https://tr.snapchat.com/cm/s?pnid=140&cb=1637642165121 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1637507629238%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1637507629238%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1637507629238&pnid=140&pcid=3689c51b-3e27-44a5-b177-2a8ae9026c0e

220 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.herocosmetics.us/
Redirect Chain

http://herocosmetics.us/
https://www.herocosmetics.us/

161 KB
31 KB

463ms
362ms

Document
text/html

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29c9dfb6cf3a450236cae6de80aad6ed4d811c4de28ec94a03415644cc8e7c21

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

date: Tue, 23 Nov 2021 04:36:01 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 41
x-sorting-hat-shopid: 21814481
x-storefront-renderer-rendered: 1
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-shopify-request-trackable: true
x-alternate-cache-key: cacheable:da561b1c41bdcb7c1b10a8454ba21f89
x-cache: miss
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
strict-transport-security: max-age=7889238
x-shopid: 21814481
x-shardid: 41
vary: Accept
content-language: en
x-shopify-stage: production
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-request-id: c2e81eb9-b70c-4893-aeb8-5c54645cc500
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-download-options: noopen
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b27b1b65d0e09c6-MIA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Tue, 23 Nov 2021 04:36:01 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Sorting-Hat-PodId: 41
X-Sorting-Hat-ShopId: 21814481
X-Storefront-Renderer-Rendered: 1
Location: https://www.herocosmetics.us/
Content-Security-Policy: frame-ancestors *;
X-ShopId: 21814481
X-ShardId: 41
Vary: Accept
X-Shopify-Stage: production
X-Dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
X-Request-ID: 2ea76c3e-3129-405b-bb70-95088221e3e8
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6b27b1b53f5f12af-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 9 KB
3 KB 100ms
29ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11361-MIA /

Resource Hash

a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 2777
x-xss-protection: 1; mode=block
x-request-id: 7d39d9e6d6ebb3cdbd33c354f5132152
x-served-by: cache-lga21948-LGA, cache-mia11361-MIA
server: cache-mia11361-MIA
x-timer: S1637642163.534316,VS0,VE0
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js>; rel="canonical"
x-cache-hits: 3, 760525

GET
H2 200 storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/ 49 KB
17 KB 102ms
32ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js?v=20210208

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11361-MIA /

Resource Hash

b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 17353
x-xss-protection: 1; mode=block
x-request-id: f385e1ea40508a21c089c34d84c5ffab
x-served-by: cache-lga21977-LGA, cache-mia11361-MIA
server: cache-mia11361-MIA
x-timer: S1637642163.534398,VS0,VE0
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js>; rel="canonical"
x-cache-hits: 1, 475838

GET
H2 200 features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 37 KB
12 KB 36ms
26ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11361-MIA /

Resource Hash

87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 12298
x-xss-protection: 1; mode=block
x-request-id: e624e9bc29b60a2db5947e2486240d8a
x-served-by: cache-lga13624-LGA, cache-mia11361-MIA
server: cache-mia11361-MIA
x-timer: S1637642163.610211,VS0,VE0
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
x-cache-hits: 2, 735110

GET
H2 200 home.css
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 134 KB
18 KB 100ms
30ms Stylesheet
text/css 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css?v=13401318234696367973

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

b225a6c2aa4475b396186859cc56261197675631daeeaa7b7346906fcf2828dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 17521
x-xss-protection: 1; mode=block
x-request-id: 73b08abda5ae048d20c4eeeddd6f66e8
x-served-by: cache-lga21973-LGA, cache-mia11366-MIA
last-modified: Wed, 10 Nov 2021 21:32:50 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.534552,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Thu, 10 Nov 2022 22:21:54 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 icon-close.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 538 B
481 B 76ms
66ms Image
image/svg+xml 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-close.svg?v=8812735099044301167

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

dc131657068707ac57506e3053ea092a346e7364ec91bc922b4f78921e73a9e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 230
x-xss-protection: 1; mode=block
x-request-id: 42f00e6df5e06794ce882b9f37da1bf4
x-served-by: cache-lga21953-LGA, cache-mia11366-MIA
last-modified: Tue, 02 Feb 2021 23:35:57 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.621770,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Fri, 04 Nov 2022 05:40:18 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-close.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Blemish_Pastches.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 44 KB
44 KB 77ms
67ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Blemish_Pastches.jpg?v=1619114435

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

7eb87661521cbb7369647c7802e6c6337fc80cb6b5b60fd0367be34840385a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: header_generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 44658
x-xss-protection: 1; mode=block
x-request-id: b86e886817fd91567fc9bfbccace320e0bb4e9966314304d10d2635181ce006e
x-served-by: cache-lga21932-LGA, cache-mia11366-MIA
last-modified: Thu, 14 Oct 2021 07:00:30 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.621814,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 14 Oct 2022 07:00:30 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Blemish_Pastches.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Daily_Care_267c8d81-81cc-4a3a-91c6-41c197c3733e.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 47 KB
47 KB 126ms
116ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Daily_Care_267c8d81-81cc-4a3a-91c6-41c197c3733e.jpg?v=1619114435

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

5fc989ccff2af15a5d8202ad64a62e15411c78915b4005e26ba3984d0f9d4770

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: header_generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 47798
x-xss-protection: 1; mode=block
x-request-id: 8361b32fa99944106ff04d28bf108014
x-served-by: cache-lga21979-LGA, cache-mia11366-MIA
last-modified: Wed, 10 Nov 2021 09:43:35 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.621939,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 10 Nov 2022 09:43:35 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Daily_Care_267c8d81-81cc-4a3a-91c6-41c197c3733e.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Post_blemish.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 50 KB
50 KB 133ms
124ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Post_blemish.jpg?v=1619114435

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

745e280a74e1ad3eaff7092934051d32882b92b3cc4921ff714068e7b73fab24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: header_generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 51020
x-xss-protection: 1; mode=block
x-request-id: 43634c916f23091a1dcb63f1a565c94a
x-served-by: cache-lga21932-LGA, cache-mia11366-MIA
last-modified: Thu, 04 Nov 2021 07:11:06 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.631798,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 04 Nov 2022 07:11:06 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Post_blemish.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Shop_All_cf0a151a-ca4a-4d19-a48c-82a81074ae09.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 81 KB
82 KB 132ms
123ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Shop_All_cf0a151a-ca4a-4d19-a48c-82a81074ae09.jpg?v=1619114435

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

38ea8af607c6f3dd8c07fa1d027010c4382d8037a026d0492817648e1a4ce8f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: header_generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 83120
x-xss-protection: 1; mode=block
x-request-id: 0782a0cb1ce23aeac1fa84391fc1022b
x-served-by: cache-lga21924-LGA, cache-mia11366-MIA
last-modified: Wed, 10 Nov 2021 09:43:35 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.631896,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 10 Nov 2022 09:43:35 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Shop_All_cf0a151a-ca4a-4d19-a48c-82a81074ae09.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 icon-chev-right.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 408 B
481 B 132ms
120ms Image
image/svg+xml 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-chev-right.svg?v=2731603306874830471

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

dbe74252035fd1cda8b03e76098b49b0530e2e9470b004549f628b1e840e6694

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 221
x-xss-protection: 1; mode=block
x-request-id: 02e4e7d900b4ed46b7a61f30518af2bbdc0393df02b95933afdb4054e427e8cc
x-served-by: cache-lga21936-LGA, cache-mia11366-MIA
last-modified: Tue, 02 Feb 2021 23:35:56 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.631961,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Fri, 21 Oct 2022 04:41:11 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-chev-right.svg>; rel="canonical"
x-cache-hits: 2, 1

GET
H2 200 icon-chev-left.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 371 B
465 B 131ms
120ms Image
image/svg+xml 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-chev-left.svg?v=17693300543743243984

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

570c18a72f8c237ee28c78cc10ac99cece43c0b4a95aa2afd497dd70716dc5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 196
x-xss-protection: 1; mode=block
x-request-id: f820c83b2deb3c90f3e7a7eada184bc7
x-served-by: cache-lga21921-LGA, cache-mia11366-MIA
last-modified: Tue, 02 Feb 2021 23:35:56 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.632048,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Fri, 11 Nov 2022 13:00:26 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-chev-left.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 gtm.js Show response
ssapi.herocosmetics.us/ 322 KB
106 KB 979ms
460ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8de6474077a4de6a0c24e148148224ff9d6db70fe6106f68cfa5d1c5fb662e15

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 03:00:00 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-cloud-trace-context: c482672b676e63bad9c6da7c351a1ecc
cache-control: private, max-age=450
content-length: 108512
expires: Tue, 23 Nov 2021 04:39:51 GMT

GET
H2 200 Refinery29_166x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 2 KB
3 KB 130ms
119ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Refinery29_166x.png?v=1611676115

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

deac7e66c014fc3fb33614f3878d9ca2c2fbfce2ffd80ad6a2355875a0f4ba96

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 2376
x-xss-protection: 1; mode=block
x-request-id: 3a4fc733cb9e35f99bc7fcf7da8ea0c1
x-served-by: cache-lga21950-LGA, cache-mia11366-MIA
last-modified: Thu, 11 Nov 2021 04:16:40 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.632113,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 11 Nov 2022 04:16:40 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Refinery29_166x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Beauty-Insider_166x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 3 KB
3 KB 129ms
119ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Beauty-Insider_166x.png?v=1611676074

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

7ea208827e3e7bd45aa4791bc24e24829e43ce868ae98aae1b64716385fc715a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 3100
x-xss-protection: 1; mode=block
x-request-id: 1a42c27369a15ea24b51bc0d6c658a1151faf9d97bf2877bddd4968a27084f05
x-served-by: cache-lga21975-LGA, cache-mia11366-MIA
last-modified: Thu, 21 Oct 2021 06:07:51 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.632165,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 21 Oct 2022 06:07:51 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Beauty-Insider_166x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 hypebae_166x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 2 KB
2 KB 129ms
118ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/hypebae_166x.png?v=1611676165

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

6cc4b32de9ef6161a9bc1ed62866cdd378336356887adccd57858eb4f939f9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 2092
x-xss-protection: 1; mode=block
x-request-id: d9004ca922bf91d8a942b23189ff4417c4832acd24b4d9fa564e3d87d1922a59
x-served-by: cache-lga21920-LGA, cache-mia11366-MIA
last-modified: Thu, 14 Oct 2021 05:10:13 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.632217,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 14 Oct 2022 05:10:13 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/hypebae_166x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Ingredient-Spotlight--Witch-Hazel_405x225_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/articles/ 71 KB
72 KB 165ms
155ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/articles/Ingredient-Spotlight--Witch-Hazel_405x225_crop_center@2x.jpg?v=1637010821

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

c384290752dc11491ddc621b4a7cb2c3294e1254998d245abdd6b52fac36515a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: MISS, HIT
content-length: 72494
x-xss-protection: 1; mode=block
x-request-id: 751d06c46919e00c8fe5252c393b9f22
x-served-by: cache-lga21961-LGA, cache-mia11366-MIA
last-modified: Mon, 15 Nov 2021 21:16:59 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.632249,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 15 Nov 2022 21:16:59 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/articles/Ingredient-Spotlight--Witch-Hazel_405x225_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 0, 1

GET
H2 200 Your-post-pimple-morning-routine_405x225_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/articles/ 93 KB
94 KB 196ms
186ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/articles/Your-post-pimple-morning-routine_405x225_crop_center@2x.jpg?v=1637009300

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

11de231b8aa361f5f4e621a775eb7de2fde2f3db101aa6a0b370dc42f434746c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 95588
x-xss-protection: 1; mode=block
x-request-id: b122d8dcb206f6713318451e785b2fbf
x-served-by: cache-lga21920-LGA, cache-mia11366-MIA
last-modified: Mon, 15 Nov 2021 20:57:48 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.632313,VS0,VE3
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 15 Nov 2022 20:57:48 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/articles/Your-post-pimple-morning-routine_405x225_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 birthcontrol_acne-v2_76fe91a0-37ea-4f42-95a8-544bd8673335_405x225_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/articles/ 33 KB
33 KB 250ms
239ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/articles/birthcontrol_acne-v2_76fe91a0-37ea-4f42-95a8-544bd8673335_405x225_crop_center@2x.jpg?v=1584034736

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

749cff5b22f4044e201065772ae841de8ee26478f60e3715dc0347693fd9013f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: MISS, HIT
content-length: 33816
x-xss-protection: 1; mode=block
x-request-id: 66fd25eb600ef834dab7afd500d7dd66d110dada8de32bac3bf058faf0f0995d
x-served-by: cache-lga21976-LGA, cache-mia11366-MIA
last-modified: Thu, 28 Oct 2021 16:30:41 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.632362,VS0,VE153
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 28 Oct 2022 16:30:41 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/articles/birthcontrol_acne-v2_76fe91a0-37ea-4f42-95a8-544bd8673335_405x225_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 0, 1

GET
H2 200 1_405x225_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/articles/ 28 KB
29 KB 244ms
235ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/articles/1_405x225_crop_center@2x.jpg?v=1635187156

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

69ac9afe639ee5db48a2263cf73d914f962c02a9449a8ec52a9da109ec9bd4dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 28664
x-xss-protection: 1; mode=block
x-request-id: 4d604164b4348a5a9256ad93d5cc88fbfe007519086d7ec590625d94864bd3a3
x-served-by: cache-lga21970-LGA, cache-mia11366-MIA
last-modified: Mon, 25 Oct 2021 18:59:57 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.632413,VS0,VE79
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 25 Oct 2022 18:59:57 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/articles/1_405x225_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 unnamed_405x225_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/articles/ 18 KB
18 KB 243ms
234ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/articles/unnamed_405x225_crop_center@2x.jpg?v=1635171123

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

336274d698b29746f863da6ef86ac4d3aff9354a9a2b796731dd1a0db09bbb87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 18306
x-xss-protection: 1; mode=block
x-request-id: b5323db6d52cc4e4a23f45b01b1133bcfe6fd72ac31adeab743c4cd2bfb83e35
x-served-by: cache-lga21953-LGA, cache-mia11366-MIA
last-modified: Mon, 25 Oct 2021 14:21:49 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.632460,VS0,VE62
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 25 Oct 2022 14:21:49 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/articles/unnamed_405x225_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Screen_Shot_2021-06-01_at_11.57.45_AM_504x588_crop_center@2x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 193 KB
194 KB 188ms
179ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Screen_Shot_2021-06-01_at_11.57.45_AM_504x588_crop_center@2x.png?v=1622563309

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

91cf772cd44e8756f72bdd23c66cbc3d90c9f4a413630174cdc9e062849335aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 198008
x-xss-protection: 1; mode=block
x-request-id: d5c9d69611b0b988404d4ef5fca2c37a704c7abcc3e893db986b0e844c1728c9
x-served-by: cache-lga13624-LGA, cache-mia11366-MIA
last-modified: Thu, 28 Oct 2021 06:43:17 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.632860,VS0,VE2
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 28 Oct 2022 06:43:17 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Screen_Shot_2021-06-01_at_11.57.45_AM_504x588_crop_center@2x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 HERO2_504x588_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 498 KB
499 KB 216ms
208ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/HERO2_504x588_crop_center@2x.jpg?v=1622582577

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

5120eec0790764797922dfb870c937b7cb342b682e2cd529804872be96ea895b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 510294
x-xss-protection: 1; mode=block
x-request-id: 4b898706cfd3e38c14c3cbe748be1e6004a433b11ab756aa0dd02101ede18af4
x-served-by: cache-lga21922-LGA, cache-mia11366-MIA
last-modified: Thu, 28 Oct 2021 05:18:12 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.632898,VS0,VE3
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 28 Oct 2022 05:18:11 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/HERO2_504x588_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Screen_Shot_2021-06-01_at_11.57.02_AM_504x588_crop_center@2x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 193 KB
193 KB 170ms
162ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Screen_Shot_2021-06-01_at_11.57.02_AM_504x588_crop_center@2x.png?v=1622563160

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

7dd020d86f193c29bdb549f2032bb94fd6a4198953091ad1b5f0ee7f972ea32d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 197246
x-xss-protection: 1; mode=block
x-request-id: 28b7ce72bd662e0b127511cb66885d97e3c9933a655a70130e3a9afd2b180951
x-served-by: cache-lga21976-LGA, cache-mia11366-MIA
last-modified: Thu, 14 Oct 2021 06:10:00 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.632898,VS0,VE2
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 14 Oct 2022 06:10:00 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Screen_Shot_2021-06-01_at_11.57.02_AM_504x588_crop_center@2x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 RB-Mini-in-hand_504x588_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 81 KB
81 KB 178ms
170ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/RB-Mini-in-hand_504x588_crop_center@2x.jpg?v=1621448442

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

a0d3dca392f666cddf8352f8a10199e9ae93d2afc53117e013fae88327489d28

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 82848
x-xss-protection: 1; mode=block
x-request-id: cb7252a7921441197ca230c624255556e8a7a42240e7fb6a0123d6fe1e908a93
x-served-by: cache-lga21965-LGA, cache-mia11366-MIA
last-modified: Thu, 28 Oct 2021 06:37:24 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.633245,VS0,VE2
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 28 Oct 2022 06:37:24 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/RB-Mini-in-hand_504x588_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Frame_3_504x588_crop_center@2x.png
cdn.shopify.com/s/files/1/2181/4481/files/ 161 KB
162 KB 187ms
179ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/Frame_3_504x588_crop_center@2x.png?v=1621448417

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

dfe83bd7c16bf942110e8738c45005e773272ee751ac0022c1e87a35585fb1d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 165190
x-xss-protection: 1; mode=block
x-request-id: 49867ebda5ee3989177459f15f5e595b2372ad7363947c833867d75dc8ae5e5d
x-served-by: cache-lga21949-LGA, cache-mia11366-MIA
last-modified: Thu, 21 Oct 2021 07:32:17 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.633212,VS0,VE2
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 21 Oct 2022 07:32:16 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/Frame_3_504x588_crop_center@2x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 always.amberina_504x588_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 107 KB
107 KB 178ms
170ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/always.amberina_504x588_crop_center@2x.jpg?v=1622582667

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

52b2329d1e5888abc91802b0e23ae1cdb4f42ee45419f1b105cadfb5427d8a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 109154
x-xss-protection: 1; mode=block
x-request-id: cfdfdcb7830f08e793b1c9ecb39af01c
x-served-by: cache-lga21981-LGA, cache-mia11366-MIA
last-modified: Wed, 10 Nov 2021 09:50:04 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.633224,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 10 Nov 2022 09:50:04 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/always.amberina_504x588_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 icon-exclamation-error.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 783 B
633 B 160ms
153ms Image
image/svg+xml 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-exclamation-error.svg?v=12583636007603589187

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

6a3dbb230b9c333a39405f7dc4115a91bb3dcae67f68c76ac5c81451dc2f4ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 340
x-xss-protection: 1; mode=block
x-request-id: ac7eedc9f15de0591974bdb672c7a35c9e24870e844c717f5055216fd292ad3e
x-served-by: cache-lga21920-LGA, cache-mia11366-MIA
last-modified: Thu, 16 Sep 2021 15:58:02 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.633233,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Fri, 14 Oct 2022 04:38:21 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-exclamation-error.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 icon-arrow-right-black.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 489 B
561 B 160ms
153ms Image
image/svg+xml 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-arrow-right-black.svg?v=16859636164420027916

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

4c718e6c04604e704e210624d400222cd989eb140a8b7ff479ced4f7c116e96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 263
x-xss-protection: 1; mode=block
x-request-id: 2d39e50f5871a66f4b3fc35d362198f6e3c87c828d79e98a3171641d2fe4b0aa
x-served-by: cache-lga21940-LGA, cache-mia11366-MIA
last-modified: Wed, 19 May 2021 15:44:25 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.633268,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Fri, 28 Oct 2022 05:08:57 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-arrow-right-black.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 free-shipping.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 445 B
899 B 240ms
233ms Image
image/svg+xml 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/free-shipping.svg?v=5033123295007177537

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

7b3a311e463360814d373ee4ebd1f7ed7f2168953f50b409c5f0115d9bfe89e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, MISS
content-length: 252
x-xss-protection: 1; mode=block
x-request-id: 75778101ee4293fc26befdc277e589a2
x-served-by: cache-lga21946-LGA, cache-mia11366-MIA
last-modified: Tue, 02 Feb 2021 23:35:36 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.633571,VS0,VE30
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Fri, 18 Nov 2022 05:56:24 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/free-shipping.svg>; rel="canonical"
x-cache-hits: 2, 0

GET
H2 200 icon-coin-yellow-md.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 647 B
625 B 169ms
162ms Image
image/svg+xml 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-coin-yellow-md.svg?v=13281889291496749214

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

3fa4fd1e31aabb8a3ff5f8bbaae61c86fcb33566abfc08a3b9ff473eaff624d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 296
x-xss-protection: 1; mode=block
x-request-id: f342e15cd4ddfde075f72f1ac52a0f5498b741e0e7dc55bf2b9f6e9929c29d96
x-served-by: cache-lga21967-LGA, cache-mia11366-MIA
last-modified: Tue, 02 Feb 2021 23:35:59 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.633585,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Fri, 14 Oct 2022 05:53:16 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-coin-yellow-md.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 icon-exclamation-warning.svg
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 783 B
655 B 158ms
151ms Image
image/svg+xml 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-exclamation-warning.svg?v=3834381787647915649

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

9ebbd916b6c322597da4b1ac0ef4bbbf04d00339cfc619424a99f929b69e608e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 342
x-xss-protection: 1; mode=block
x-request-id: 600d0a15cbe0ecdbaffbe1938e4ff260c032fb2c14483695a2ea71b16055c3ec
x-served-by: cache-lga21939-LGA, cache-mia11366-MIA
last-modified: Thu, 16 Sep 2021 15:58:03 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.633590,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Fri, 21 Oct 2022 05:52:27 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/icon-exclamation-warning.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.0/ 61 KB
22 KB 106ms
41ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.6.0/gsap.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ed6cb466bd654fe36c57faacb1c88ad4e2793087431d6ffc5366961a4c978f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 39345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22265
timing-allow-origin: *
last-modified: Tue, 12 Jan 2021 06:17:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ffd3ef5-f398"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vw4rDJENQyga%2FdXos6Wli3jlD72GsA%2BfDgwB5pTnI9m9Lp2wfllC4tadfCOFdrS%2F2c5MuOk40M3bCAwFa2NPv0Wox1PVGVhBWA8xKI9GZYdxjK27mEeSKZ2O8ijvgpwCTvpQWHrjGgM4Fklru02AOS%2FO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b27b1bc9d2967db-MIA
expires: Sun, 13 Nov 2022 04:36:02 GMT

GET
H2 200 swiper-bundle.min.js Show response
unpkg.com/swiper@6.6.2/ 141 KB
39 KB 111ms
45ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@6.6.2/swiper-bundle.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb23842e002864729d3e39cf25f636f55d6fce297c0154dd6b54d1f5b815d671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:02 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14931115
fly-request-id: 01F78HV5607H8M304QGKYDDH60
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"233d7-mZelZ23GqQ/jYOpc8MQCKmqF0Cg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6b27b1bcac55228a-MIA

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/ 2 KB
1 KB 94ms
38ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5310217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 701
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-653"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACYoujKVX24v%2FhFVsY8AN3n%2FFP1Lj1TzT3cLEfUJzqxk3QAMIeS4vClgRt8PeECnqCEYOhq2tdjlQbbf3sF23DoTxvftVrqOfas5sMZtiD7GEskVHoSQTkK6tdZSLCCkA66o8F%2BHd%2BF3hwOhPGOuW62E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b27b1bc9d2b67db-MIA
expires: Sun, 13 Nov 2022 04:36:02 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 86 KB
30 KB 51ms
49ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/jquery-3.4.1.min.js?v=16073738998526399014

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 29767
x-xss-protection: 1; mode=block
x-request-id: a2e6c2abdd64a4081c38a9b0f10d006d7e1bd52021ba4aff6aedcc3cf8e01dbb
x-served-by: cache-lga21945-LGA, cache-mia11366-MIA
last-modified: Tue, 02 Feb 2021 23:36:27 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.621227,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 21 Oct 2022 06:14:55 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/jquery-3.4.1.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 api.jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/themes_support/ 6 KB
2 KB 50ms
45ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/api.jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 1583
x-xss-protection: 1; mode=block
x-request-id: baeb7181ce4a8e17c629a3aa03f59df3
x-served-by: cache-lga21934-LGA, cache-mia11366-MIA
server: cache-mia11366-MIA
x-timer: S1637642163.621383,VS0,VE0
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/api.jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f.js>; rel="canonical"
x-cache-hits: 1, 110622

GET
H2 200 modernizr-2.7.1.min.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 9 KB
4 KB 50ms
46ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/modernizr-2.7.1.min.js?v=9797936173225597507

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

107dad5add93781ddf6c4562cc6da3dbe5b406bab97930e43df6d6c17a99af26

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 3818
x-xss-protection: 1; mode=block
x-request-id: c8aecee5ed49c37fd92765fac2738070244473adec2d815f7e6d38918221b0a8
x-served-by: cache-lga21978-LGA, cache-mia11366-MIA
last-modified: Tue, 02 Feb 2021 23:36:35 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.621466,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 28 Oct 2022 04:42:50 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/modernizr-2.7.1.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 plugins.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 60 KB
18 KB 114ms
107ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/plugins.js?v=9930283815804661050

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

fd04d094b2397c4a5ae1238f524c2be317229d628c82efbc029fa02437b0842f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 18623
x-xss-protection: 1; mode=block
x-request-id: ca273edf8ae5c6d87782c8929997287f5ae6586c56a60dfb60f62e1137e72ae1
x-served-by: cache-lga21946-LGA, cache-mia11366-MIA
last-modified: Tue, 02 Feb 2021 23:36:42 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.621548,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 28 Oct 2022 07:05:56 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/plugins.js>; rel="canonical"
x-cache-hits: 2, 1

GET
H2 200 vendorCritical.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 21 KB
8 KB 78ms
71ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/vendorCritical.js?v=17569838870216213183

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

2410189e8cd9c74a2fa0f8585e6ea025638c6c872925fe6ee458271d6e0ea1b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 7574
x-xss-protection: 1; mode=block
x-request-id: 89fef8d924419ed61a4c8b23426ba676
x-served-by: cache-lga13628-LGA, cache-mia11366-MIA
last-modified: Thu, 04 Nov 2021 21:58:19 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.621597,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 04 Nov 2022 21:58:23 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/vendorCritical.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 mainCritical.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 69 KB
16 KB 79ms
71ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/mainCritical.js?v=12497417639846610881

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

074ecce33f51d5d8d1bb3de98722cbf043b1f765cb1a083488c1730f87ae41b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 15834
x-xss-protection: 1; mode=block
x-request-id: 2020ba26bdf080d57da27497ec59ed95
x-served-by: cache-lga21966-LGA, cache-mia11366-MIA
last-modified: Fri, 19 Nov 2021 18:40:14 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.621671,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 19 Nov 2022 18:40:15 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/mainCritical.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 main.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 4 KB
2 KB 168ms
161ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/main.js?v=13728896727707858121

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

03af4f97ca4a6f4345c7f1b190da652426cf027808b9b345bea4a75b8d477804

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 1390
x-xss-protection: 1; mode=block
x-request-id: d371847b6ffe2adbdbe13d75ef4c24c9
x-served-by: cache-lga13625-LGA, cache-mia11366-MIA
last-modified: Thu, 04 Nov 2021 21:58:04 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.633860,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 04 Nov 2022 21:58:05 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/main.js>; rel="canonical"
x-cache-hits: 1, 57

GET
H2 200 vendorVimeo.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 19 KB
5 KB 176ms
170ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/vendorVimeo.js?v=4481145487106927717

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

27e4c91570826b32846a174aaddeb37aec54f653638d5594994d2c9177a3149b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 5334
x-xss-protection: 1; mode=block
x-request-id: c0721f7f5488e9e7908267882ca60415
x-served-by: cache-lga21962-LGA, cache-mia11366-MIA
last-modified: Thu, 04 Nov 2021 21:58:20 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.633882,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 04 Nov 2022 21:58:23 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/vendorVimeo.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 home.js Show response
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 15 KB
5 KB 185ms
180ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.js?v=11262728956089293072

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

27b96237f095c28666e8da35ca868514c3470f4ba817904e3303cfb6315c80b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 3993
x-xss-protection: 1; mode=block
x-request-id: 18001c3df94c0b6986cb86a4c27c7052
x-served-by: cache-lga21955-LGA, cache-mia11366-MIA
last-modified: Fri, 19 Nov 2021 18:40:10 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.633910,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 19 Nov 2022 18:40:15 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 17095.js Show response
www.dwin1.com/ 30 KB
8 KB 240ms
71ms Script
application/javascript 2600:9000:210b:1c00:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/17095.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:1c00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c57925d1d9f3f0682b8dfb694988ca8f7caf0362da8999e5c5c1fd5dd038b842

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 8bSWRvw83S2gf5S55LEapvKmROdH9oId
content-encoding: gzip
etag: W/"4bb68e5524c1f9d2a9323e994985f228"
age: 88
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 12:38:47 GMT
server: AmazonS3
date: Tue, 23 Nov 2021 04:35:21 GMT
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 8726e9cde2774d888ce72f8ebf7f8d30.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=600
x-amz-cf-pop: EWR53-C3
x-amz-cf-id: dTTLJlnrmCHbAQnMXXv8-rmtUxB7g-QfjpNX0Vcx5_3A57kDnhI6yg==

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1 KB 103ms
30ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 63fe60e471d81ef9d5132591e3fe6dfe43245f66638abea2aed433d136f05578

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:02 GMT
content-encoding: gzip
age: 37690
x-cache: HIT, HIT
access-control-max-age: 86400
content-length: 850
x-served-by: cache-lga21965-LGA, cache-mia11344-MIA
access-control-allow-origin: *
allow: GET, OPTIONS
server: nginx
x-timer: S1637642163.685309,VS0,VE1
etag: W/"5ca30f478875f96ac05e21ef86fda85f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 1

GET
H2 200 dtag.js Show response
cdn.attn.tv/hero/ 6 KB
3 KB 243ms
73ms Script
text/javascript 2600:9000:21da:4400:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/hero/dtag.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:4400:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0db4312a4ade88dc59517b6c0b78c47a8f8dfb58f85dc8a59b3fb3f7f53854a5

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: wz1ieaE4FwtHn34P8whpsotT5V_uj1g9
content-encoding: gzip
last-modified: Mon, 02 Aug 2021 14:23:18 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
etag: W/"d7b297d770d455c60801cd6c1750cf74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 3496707421faf86f68ae341aa8b7d1b9.cloudfront.net (CloudFront)
cache-control: public, max-age=120
date: Tue, 23 Nov 2021 04:36:02 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-id: CWUNVYj6DzphRewc38zGdqmVtzy828I2Ooj_Pw3gLQLUivXSDMTdfw==

GET
H2 200 trekkie.storefront.75306309d086f5e1fa1611c602d3f899320a38b8.min.js Show response
cdn.shopify.com/s/ 78 KB
17 KB 167ms
163ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/trekkie.storefront.75306309d086f5e1fa1611c602d3f899320a38b8.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

cf09cf4fe3ac51fe7db563cbfbf53adb16d17d75d4288002358bc883012f5461

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 16398
x-xss-protection: 1; mode=block
x-request-id: ec467023fafb180a59e3a9f4d531513d
x-served-by: cache-lga21971-LGA, cache-mia11366-MIA
last-modified: Fri, 19 Nov 2021 20:24:45 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.633932,VS0,VE0
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 19 Nov 2022 20:24:52 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.75306309d086f5e1fa1611c602d3f899320a38b8.min.js>; rel="canonical"
x-cache-hits: 1, 260211

GET
H2 200 shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/ 8 KB
3 KB 157ms
152ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 2598
x-xss-protection: 1; mode=block
x-request-id: 948c2dd1dc19ad385edfd7296a9ee230
x-served-by: cache-lga21939-LGA, cache-mia11366-MIA
server: cache-mia11366-MIA
x-timer: S1637642163.633932,VS0,VE0
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js>; rel="canonical"
x-cache-hits: 6, 753033

GET
H2 200 FuturaPT-Book.woff2
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 40 KB
41 KB 30ms
30ms Font
font/woff2 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/FuturaPT-Book.woff2

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css?v=13401318234696367973

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11361-MIA /

Resource Hash

9102e7d07194ef0d231630e5acb69d75f2e44f6c48610aa0f8330fbb6fa2794b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css?v=13401318234696367973
Origin: https://www.herocosmetics.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 41248
x-xss-protection: 1; mode=block
x-request-id: 38d1eeba56c7b70a7a388d5592e5ee5aae61f903e424e7514a29291b7e35e960
x-served-by: cache-lga21977-LGA, cache-mia11361-MIA
last-modified: Tue, 02 Feb 2021 23:35:40 GMT
server: cache-mia11361-MIA
x-timer: S1637642163.628051,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/woff2
access-control-allow-origin: *
expires: Fri, 21 Oct 2022 05:52:26 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/FuturaPT-Book.woff2>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 FuturaPT-Heavy.woff2
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 46 KB
46 KB 61ms
61ms Font
font/woff2 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/FuturaPT-Heavy.woff2

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css?v=13401318234696367973

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11361-MIA /

Resource Hash

d903a35a90276fed8d286f4de9f6ab44db076826cdb14a82d2e418aeb79b92ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css?v=13401318234696367973
Origin: https://www.herocosmetics.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 46800
x-xss-protection: 1; mode=block
x-request-id: 79bb2622a00cd27a068a2e88605df393
x-served-by: cache-lga13627-LGA, cache-mia11361-MIA
last-modified: Tue, 02 Feb 2021 23:35:45 GMT
server: cache-mia11361-MIA
x-timer: S1637642163.628792,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/woff2
access-control-allow-origin: *
expires: Thu, 10 Nov 2022 09:45:13 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/FuturaPT-Heavy.woff2>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 FuturaPT-Demi.woff2
cdn.shopify.com/s/files/1/2181/4481/t/34/assets/ 43 KB
43 KB 40ms
40ms Font
font/woff2 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/FuturaPT-Demi.woff2

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css?v=13401318234696367973

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11361-MIA /

Resource Hash

b79adf570b66bcd072b6f3ea35e760f7433030c083c686a08b6ba740f532098a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/home.css?v=13401318234696367973
Origin: https://www.herocosmetics.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 43869
x-xss-protection: 1; mode=block
x-request-id: 435073bd6b8ff70053c56b27993f5ea7ba714dc7ea55d309b01a1be3ede026f4
x-served-by: cache-lga21933-LGA, cache-mia11361-MIA
last-modified: Tue, 02 Feb 2021 23:35:43 GMT
server: cache-mia11361-MIA
x-timer: S1637642163.668163,VS0,VE1
date: Tue, 23 Nov 2021 04:36:02 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/woff2
access-control-allow-origin: *
expires: Fri, 14 Oct 2022 07:10:00 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/34/assets/FuturaPT-Demi.woff2>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 gtm-suite.js Show response
shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/ 106 KB
34 KB 108ms
31ms Script
application/javascript 34.120.58.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/gtm-suite.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.58.162 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.58.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d04c01926dc18bb1aa1b0b07f12bb45c930a8c868f0b65e4c9961eaafa614c21

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 23:57:12 GMT
content-encoding: gzip
age: 794330
x-guploader-uploadid: ADPycdsvIiEZelJ255bJmQ9fEAglvRYMi9n61ysO2C4c4pl8Ot2gL3ccmcausE2LdAZaxpNyLNNRhZ-lE5GGxJvjH71h6d4fKQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 33980
last-modified: Mon, 12 Apr 2021 15:05:44 GMT
server: UploadServer
etag: "c1db629ef1bba51f21c4a66368436442"
x-goog-hash: crc32c=2KKXoA==, md5=wdtinvG7pR8hxKZjaENkQg==
x-goog-generation: 1618239944482764
cache-control: no-transform
x-goog-stored-content-length: 33980
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 13 Nov 2022 23:57:12 GMT

GET
H2 200 session Show response
shop.app/pay/ 18 B
1 KB 138ms
72ms Fetch
application/json 23.227.38.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js?v=20210208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.33 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

checkout.shopify.com

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,us-east1,gke
p3p: CP="Not used"
access-control-allow-methods: GET, OPTIONS
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c58afd51-0835-48d5-b432-a6bd46c9f808
x-runtime: 0.003763
x-robots-tag: noindex
server: cloudflare
x-frame-options: DENY
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.herocosmetics.us
vary: Accept-Encoding, Accept, Origin
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b27b1be1b4302f1-MIA
x-sorting-hat-podid: -1
access-control-expose-headers

GET
H2 200 klaviyo.js
static.klaviyo.com/onsite/js/ 2 KB
922 B 34ms
28ms Other
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 63fe60e471d81ef9d5132591e3fe6dfe43245f66638abea2aed433d136f05578

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:02 GMT
content-encoding: gzip
age: 37690
x-cache: HIT, HIT
access-control-max-age: 86400
content-length: 850
x-served-by: cache-lga21965-LGA, cache-mia11344-MIA
access-control-allow-origin: *
allow: GET, OPTIONS
server: nginx
x-timer: S1637642163.848446,VS0,VE0
etag: W/"5ca30f478875f96ac05e21ef86fda85f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 2

GET
H2 200 Thumbnail_Ultimate-Zit-Kit-MPP.png
cld.accentuate.io/6664295743530/1636126801462/ 49 KB
50 KB 263ms
180ms Image
image/png 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/6664295743530/1636126801462/Thumbnail_Ultimate-Zit-Kit-MPP.png?v=0&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1987730f22b5962851d069c53afbabfb14e1f7114aecbbeef0925615387a3e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121766
cf-ray: 6b27b1be5a2a02c6-MIA
server-timing: fastly;dur=1;start=2021-11-21T18:46:36.829Z;desc=hit,rtt;dur=24
vary: Accept-Encoding
content-length: 50385
x-request-id: 54fa1214b31f05bf34da8c7e9f7dcbb3
last-modified: Fri, 05 Nov 2021 16:32:17 GMT
server: cloudflare
etag: "c16a1176fa90bd21b96f2d26f38764b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJWIJWltZSvWJCBliLQsWcBG9srA8zAj9QGu1b8HgYvQ23NP9DC%2Fe7N8ksAS77LaDK51KW3J9IP%2F4oXOOBJOedz7fWa1s8L6Ee%2F2tmCP4j0ssUpOuu281NxdOrWNF%2FZvH0Lt%2BWd3%2FOiHvzuxPioK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Thumbnail_Ultimate-Zit-Kit-MPP---Rollover.jpg
cld.accentuate.io/6664295743530/1636126812158/ 33 KB
33 KB 207ms
128ms Image
image/jpeg 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/6664295743530/1636126812158/Thumbnail_Ultimate-Zit-Kit-MPP---Rollover.jpg?v=1636135881525&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcceb11f03c0aa3e1c68614f39982c056a202bf4d6d3f855c1482dc0034894d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 479740
cf-ray: 6b27b1be5a2e02c6-MIA
server-timing: fastly;dur=1;cpu=0;start=2021-11-17T15:20:22.110Z;desc=hit,rtt;dur=24
vary: Accept-Encoding
content-length: 33601
x-request-id: cf275dec54cabb38ca524dd343101c51
last-modified: Fri, 05 Nov 2021 16:32:16 GMT
server: cloudflare
etag: "5ed7e2ee67b1344a53d35d3fe5d992ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lT70q6TCobqLnvPhyr2Q5WQC96WhHYk4YRYELOgVQ%2B0s1fFG8v5MrJuZD21B2GbLsX5layhf%2FA4pkEMUi6YM1lIXsw6%2B%2FdnUI2YXepQf%2BcK39RvTtk%2FObp%2FTPy7nEstHecsF31Ap%2B1NTAZlWD7q"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Thumbnail_Got-You-Covered.png
cld.accentuate.io/6664295088170/1636125747799/ 63 KB
63 KB 244ms
165ms Image
image/png 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/6664295088170/1636125747799/Thumbnail_Got-You-Covered.png?v=0&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f2785438782b356c073e613402dde20e04e41d681182856c77567519189c5d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28954
cf-ray: 6b27b1be5a3102c6-MIA
server-timing: fastly;dur=1;start=2021-11-22T20:33:28.845Z;desc=hit,rtt;dur=24
vary: Accept-Encoding
content-length: 64003
x-request-id: 9512b98d4fec3ed657d2b773a9b9ba67
last-modified: Fri, 05 Nov 2021 16:27:27 GMT
server: cloudflare
etag: "06683610ad6c9c0325d201920b676973"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjQmaNR6p6w15CwpExQWycGTgDiV46ObTgakwBUPRgH1WMW1nMxXdXXBG6RH50h9O3ejibwdwUQoK0YEZrEVZIT%2FHnIOabaFS4iMI%2FwOQQ9KIWX5s%2BJTPPU0qtDJUgJAkUhmx6Sv4%2BN0BpHcm6jY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Thumbnail_Got-You-Covered-Kit-MPP---Rollover.jpg
cld.accentuate.io/6664295088170/1636123473251/ 44 KB
44 KB 253ms
174ms Image
image/jpeg 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/6664295088170/1636123473251/Thumbnail_Got-You-Covered-Kit-MPP---Rollover.jpg?v=1636135803179&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa2b6b4f17e0e354d76e730c49f67f67f5bce41c522a02909e9f64d0ea1ed385

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121766
cf-ray: 6b27b1be5a3302c6-MIA
server-timing: fastly;dur=1;cpu=0;start=2021-11-21T18:46:36.892Z;desc=hit,rtt;dur=26
vary: Accept-Encoding
content-length: 44978
x-request-id: 02bf39dc253971a5e70af317de0ac0ab
last-modified: Fri, 05 Nov 2021 18:12:56 GMT
server: cloudflare
etag: "f4b03b20895cb7c7834db5908f87e540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9XuPmW1BVROB4fjlb19B54XJCnBJ1AjUVXhdDSaheWTGmkTV%2BmDUpvQd0uPWoai0%2BQdsIu3z54%2F3ATacFGSuZsqMF2C6m017AkJ6PLZTyzEI6RffHvEQxkwx7KizW7PX%2FnQ%2FxQm89jwFIALtJ0w"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Thumbnail_On-the-Go-Kit-MPP.png
cld.accentuate.io/6664296300586/1636127445263/ 58 KB
58 KB 218ms
140ms Image
image/png 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/6664296300586/1636127445263/Thumbnail_On-the-Go-Kit-MPP.png?v=0&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b60cd22e43f8632e046c95bf6847774302efed5ac12b973b30f9a7902776de

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1169480
cf-ray: 6b27b1be5a3602c6-MIA
server-timing: fastly;dur=61;cpu=1;start=2021-11-09T15:44:42.671Z;desc=miss,rtt;dur=24,cloudinary;dur=58;start=2021-11-09T15:44:42.673Z
vary: Accept-Encoding
content-length: 58990
last-modified: Fri, 05 Nov 2021 17:35:09 GMT
server: cloudflare
etag: "98f43a0bbceb81247532943c87a18b3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEVxnHoRiTciuzGgyf%2BrQPSokCph2sset2QYEp4gzAvh7MzU1SszsLpU%2BMcR53P1AhgeZ3g%2FSLoy6uGm14unhQb2KvyUzoV1%2FgSxZla%2B6OlVKlEey9P1roginCJm8Y1MvKRY7VeyLK7sNLnm1H3B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Thumbnail_On-the-Go-Kit-MPP---Rollover-.jpg
cld.accentuate.io/6664296300586/1636127454121/ 40 KB
41 KB 128ms
49ms Image
image/jpeg 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/6664296300586/1636127454121/Thumbnail_On-the-Go-Kit-MPP---Rollover-.jpg?v=1636135635618&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e772ceda9acb431a79146102ff272c8d2860bd1148224316ec8d1163d4eda18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121766
cf-ray: 6b27b1be5a3802c6-MIA
server-timing: fastly;dur=2;cpu=1;start=2021-11-21T18:46:36.885Z;desc=hit,rtt;dur=26
vary: Accept-Encoding
content-length: 41371
x-request-id: 1508b9e230b819cb4597221db9cd35c0
last-modified: Fri, 05 Nov 2021 17:35:08 GMT
server: cloudflare
etag: "fffe863a13350c4f2de04a1bca481356"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yr1AeFVeP1az0LtsuvYkZ9xjhxUurV6ULXGe2W7cLfctnr6zZLCAw70E1ydMsAhy2ckTLXbnBuTTUGbyXPi428qiQvEtkGYOaI9QSYgX4KXFvhJ9WUtfgkK9zzB4qq8XpMSsBYRihyno%2FQNGPaI6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 RBGbundle_thumbnail_1000x1000.png
cld.accentuate.io/6655159631914/1633368292689/ 46 KB
46 KB 167ms
95ms Image
image/png 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/6655159631914/1633368292689/RBGbundle_thumbnail_1000x1000.png?v=0&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c95fbfb9ef3cb04946309ec9e6f7afa4a07c3ceb1cd4f9ce188f2fb312190bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 479735
cf-ray: 6b27b1be5a2602c6-MIA
server-timing: fastly;dur=1;cpu=0;start=2021-11-17T15:20:27.772Z;desc=hit,rtt;dur=25
vary: Accept-Encoding
content-length: 47042
last-modified: Mon, 04 Oct 2021 17:56:33 GMT
server: cloudflare
etag: "d2d4bce63df45ecfe051a3ea851e0fcd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwOrVtQHmViuYV773m4O3k30m1WDGYS5Sv9NnZK7zWdsx55M1byZUYRsUQSFxyU1vkVlEvRpivuviEVVfiqmsMiUULq0EqrE9BhQT34OBghY1Kz9B1snAa0WnXHAV53pgqNHk2spJFFtF1w9Ugel"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 RBGbundle_thumbnail_1000x1000_hover.jpg
cld.accentuate.io/6655159631914/1633368300619/ 33 KB
33 KB 226ms
155ms Image
image/jpeg 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/6655159631914/1633368300619/RBGbundle_thumbnail_1000x1000_hover.jpg?v=0&options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a807d8eea9a93fbb56d2a4e656a9b361b0854cd190f5a86fd453b6cea5958f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1432192
cf-ray: 6b27b1be5a2802c6-MIA
server-timing: fastly;dur=1;cpu=0;start=2021-11-06T14:46:10.367Z;desc=hit,rtt;dur=24
vary: Accept-Encoding
content-length: 33661
last-modified: Mon, 04 Oct 2021 17:56:33 GMT
server: cloudflare
etag: "33da31d2e21de8bf23a93b83a469b5da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMdQATjL%2FXWla3fGUl8xOjBINUCC3GqVgjK1Q%2Fy3ANDxXx6BCy14zwSYupWpIMcHQdVgibtUbpZBp7TQJURxwFfcLcvkcbvWKbm8f7YjO%2Ff89S50g9raabaaYMrPRXsoW2BiG5lBZtSCCtBW%2Bic3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fender_analytics.19a7bc8a77e5fd9d46cc.js Show response
static.klaviyo.com/onsite/js/ 20 KB
7 KB 31ms
29ms Script
application/x-javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/fender_analytics.19a7bc8a77e5fd9d46cc.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1863a9be3a4116016d3b5d5574f6183cde4c5dac51d085a563c969d939870241

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: Lu53p6iUOW1VlCKIn0UHXFC28MEBsHek
content-encoding: gzip
age: 37695
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 6806
x-amz-id-2: A5CSzFkLNC7CDU4Lx+V0d/Yv9AZf7XC7fYyXKzqkMasupP+Evw69TkQFtUaiiSv45IXx650yHrY=
x-served-by: cache-lga21943-LGA, cache-mia11344-MIA
last-modified: Mon, 22 Nov 2021 18:06:53 GMT
server: AmazonS3
etag: "34b62cdba27e0d4ffef22e6f5544ee2e"
vary: Accept-Encoding
x-amz-request-id: FGCPKP3ZPA8C87AY
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Tue, 23 Nov 2021 04:36:02 GMT
x-cache-hits: 1, 33075

GET
H2 200 sharedUtils.8640e1606247ed0a18ac.js Show response
static.klaviyo.com/onsite/js/ 35 KB
9 KB 36ms
35ms Script
application/x-javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.8640e1606247ed0a18ac.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a51c0b14ef346ad7fd3aaaf1274f151551a5e047352213622ebe9661e2a05cd

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: ccClzm4nsZ6tldWXqYAm.RaQpovAkaV3
content-encoding: gzip
age: 37697
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 9325
x-amz-id-2: Hs/Z+2rZMUCSxGBMHO/zffaPL8ntC6jWEq8h+Wo5CldXoMIfJBIP0PPKUG2ZA2Tg7LRdwBjGDHE=
x-served-by: cache-lga21973-LGA, cache-mia11344-MIA
last-modified: Mon, 08 Nov 2021 20:24:39 GMT
server: AmazonS3
etag: "65dbb555ed82fb4757a9051d2cad6786"
vary: Accept-Encoding
x-amz-request-id: RV4AJ521MBC0FT6M
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Tue, 23 Nov 2021 04:36:02 GMT
x-cache-hits: 1, 27600

GET
H2 200 static.c76b88aef5b3b1d1a053.js Show response
static.klaviyo.com/onsite/js/ 11 KB
5 KB 42ms
42ms Script
application/x-javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/static.c76b88aef5b3b1d1a053.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc255e9375acf8b38f5c4a0196069265d59935349e85d8986629746d08ef8411

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: EffNgWx6cL6D5y3XRZmWq85bGYOPAVKv
content-encoding: gzip
age: 37695
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4863
x-amz-id-2: r3Ml28yLLnRiB65+G4TKUBB3o/lTh6xlLqYHbiElbMgYYHnnSE0ZM+eV8OoVXY80FvAepLh5j9U=
x-served-by: cache-lga21957-LGA, cache-mia11344-MIA
last-modified: Mon, 22 Nov 2021 18:06:53 GMT
server: AmazonS3
etag: "16ebc81599e97b6804242244cce86e28"
vary: Accept-Encoding
x-amz-request-id: FGCS73B5D1Q46T96
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Tue, 23 Nov 2021 04:36:02 GMT
x-cache-hits: 1, 33063

GET
H2 200 attn.js Show response
cdn.attn.tv/ 193 KB
64 KB 78ms
78ms Script
application/javascript 2600:9000:21da:4400:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/attn.js?v=4.4.0_f3d25631
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/hero/dtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:4400:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41956dfbc3ce0c23c1595d1cafe097944392a9df1138920b2785576603ef387c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: eR.Hfh9Ys2rkTuS1K5gl.TwqCJ_frAy.
content-encoding: gzip
etag: "6ac2e30b1b45bc22fad097c1f60c24c1"
age: 254
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 65062
last-modified: Mon, 22 Nov 2021 20:58:38 GMT
server: AmazonS3
date: Tue, 23 Nov 2021 04:31:49 GMT
content-type: application/javascript
via: 1.1 3496707421faf86f68ae341aa8b7d1b9.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: EWR53-C1
accept-ranges: bytes
x-amz-cf-id: ozTNJ4o3wOudLIR_QZB9aLzW1UOiVr_gRiIuwaDShNPiLaTDauLi2Q==

GET
H2 200 tag.js Show response
cdn.attn.tv/tag/4.4.0/ 31 KB
11 KB 122ms
121ms Script
application/javascript 2600:9000:21da:4400:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4.4.0/tag.js?v=4.4.0_f3d25631
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/hero/dtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:4400:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b7a32f948ef3cca7d6525663ff1eeee3b2c133ed10a5a2c2183ac7d9d5b6803

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: wI9n_hQdcN1jS6J4NddA98QssvDjkwr4
content-encoding: gzip
last-modified: Fri, 27 Aug 2021 17:04:28 GMT
server: AmazonS3
age: 273
etag: W/"7d2bd507cc6b01e46401813a4ce2f874"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3496707421faf86f68ae341aa8b7d1b9.cloudfront.net (CloudFront)
cache-control: public, max-age=300
date: Tue, 23 Nov 2021 04:33:39 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: i1ocunEmCL8aewlTlZcOUWHB_8xxoeZqQvIp4zL0BzXOXgL868upCg==

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
477 B 186ms
54ms Ping
text/plain 34.138.230.116
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.75306309d086f5e1fa1611c602d3f899320a38b8.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.138.230.116 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

116.230.138.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
x-dc: gcp-us-east1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 9262ebb4-2943-42a6-bf94-ae3f313d74d8

GET
H2 200 consent-tracking-api.js Show response
cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/ 4 KB
2 KB 30ms
30ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11361-MIA /

Resource Hash

895a9abb219fd2af30ad07d7ed904c321249fa5d6a7cf966e69586443ff2ebca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 1475
x-xss-protection: 1; mode=block
x-request-id: ed093949c5b1d5cb4905cda7dbf5899d
x-served-by: cache-lga21922-LGA, cache-mia11361-MIA
server: cache-mia11361-MIA
x-timer: S1637642163.885047,VS0,VE0
date: Tue, 23 Nov 2021 04:36:02 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-cache-hits: 1674, 168

GET
H2 200 cart.js Show response
www.herocosmetics.us/ 283 B
886 B 86ms
86ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cart.js?v=1637642162883

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bccf89159d4632529e77ddcafa9a0b27cde760845f880e52b5f7537421de00b5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.herocosmetics.us/
X-Requested-With: XMLHttpRequest
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-shardid: 41
x-storefront-renderer-rendered: 1
server: cloudflare
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
x-shopid: 21814481
x-request-id: 6f01dec9-7e90-4f44-96d2-62a49cfdd2b9
vary: Accept-Encoding, Accept
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
cf-ray: 6b27b1be1bb309c6-MIA
x-sorting-hat-podid: 41
x-cartjs-updatedat: 0

GET
H2 200 redemption_options Show response
app.swellrewards.com/api/v2/ 2 KB
1 KB 327ms
91ms XHR
application/json 35.168.96.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.swellrewards.com/api/v2/redemption_options?guid=A19H8vTS9KoU0V2U-uthxg&api_key=4QPV4PDV540793TlWEIItQtt

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.168.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-168-96-170.compute-1.amazonaws.com

Software

nginx/1.19.1 /

Resource Hash

5992b9737d3929ffee7f86624cb7bc5d928cd7c0a82c5d7627921f720c6e19b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ratelimit-limit-second: 10000
vary: Accept-Encoding, Origin
ratelimit-reset: 1
x-ratelimit-remaining-second: 9999
x-kong-proxy-latency: 5
x-kong-upstream-latency: 30
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, DESTROY, PATCH
ratelimit-limit: 10000
referrer-policy: strict-origin
x-xss-protection: 1; mode=block
x-request-id: 2c5853e86111c90f0836c51f20f8125f
x-runtime: 0.025146
access-control-allow-origin: *
correlation-id: 47116e01-4a35-4c7d-8a02-e62a4e57938f
server: nginx/1.19.1
x-frame-options: ALLOWALL
etag: W/"5992b9737d3929ffee7f86624cb7bc5d"
x-download-options: noopen
access-control-max-age: 7200
strict-transport-security: max-age=63072000; includeSubDomains
content-type: application/json; charset=utf-8
via: kong/2.1.4
x-permitted-cross-domain-policies: none
cache-control: max-age=0, private, must-revalidate
ratelimit-remaining: 9999
access-control-expose-headers

GET
H/1.1 200
OK / Show response
hero.attn.tv/d/ 5 B
293 B 258ms
60ms Fetch
application/json 34.237.89.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hero.attn.tv/d/?attn_vid=af24a77c1a444dbeaa15e1a8961f5aaf
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.89.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-89-32.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Nov 2021 04:36:02 GMT
x-envoy-upstream-service-time: 4
server: istio-envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
transfer-encoding: chunked
content-type: application/json

GET
H/1.1 200
OK creative Show response
hero.attn.tv/ Frame 5694 10 KB
3 KB 273ms
85ms Document
text/html 34.237.89.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hero.attn.tv/creative?v=128d7342&r=&w=1600&h=1200&id=af24a77c1a444dbeaa15e1a8961f5aaf&l=https%3A%2F%2Fwww.herocosmetics.us%2F&ss_ref=ORGANIC&t=n&pv=1
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/attn.js?v=4.4.0_f3d25631
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.89.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-89-32.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 28b383fecb87510f90bba4d9f8a7613981945e61b9893293211b52b124e33687

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/

Response headers

cache-control: no-cache, no-store, must-revalidate
vary: accept-encoding
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 23 Nov 2021 04:36:03 GMT
x-envoy-upstream-service-time: 25
server: istio-envoy
transfer-encoding: chunked

POST
H/1.1 200
OK e
events.attentivemobile.com/ 0
308 B 239ms
60ms Ping
image/png 18.205.33.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.4.0_f190e13&pd=https%3A%2F%2Fwww.herocosmetics.us%2F&u=af24a77c1a444dbeaa15e1a8961f5aaf&ane=null&c=hero&ceid=_ou&lt=1637642163159&tag=modern&cs=3307848051&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1637642163162
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4.4.0/tag.js?v=4.4.0_f3d25631
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.33.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-33-239.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
server: istio-envoy
content-type: image/png
access-control-expose-headers: Set-Cookie, X-Count, X-Token
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 209ms
65ms Script
application/javascript 2a04:4e42:60::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.75306309d086f5e1fa1611c602d3f899320a38b8.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:60::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "95580b4fad0d5513b92f05a5be0d5a38"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 117 KB
35 KB 457ms
294ms Script
application/javascript 23.49.248.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2R434VBHJVP7P6R4110&lib=ttq
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.75306309d086f5e1fa1611c602d3f899320a38b8.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.8 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0b850991db54c2e0c6a6b7a3c818d88205ced62b9f93665cca47f9cb2802b208

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-akamai-request-id: 302cd3ce.31bfb76d
date: Tue, 23 Nov 2021 04:36:03 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-40-40-191.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-40-19-8.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 235,23.40.19.8
server-timing: cdn-cache; desc=MISS, edge; dur=228, origin; dur=7, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 202111230436030102452410020F43498D
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.40.40.191
x-tt-trace-host: 013f68526d4e1c8907c9dbfa49d44b86cf2c3de47f8c75fe6a83464f26a4cc01b40def9508a5131a6021757f8be3834c08f5fe4e689d5f0beda94178c8352ecb4f95a1f5966cf006e9f4981474e880efbeb60df9835849973c67459534e1b8b20583667ea320531ad1d77f33021a86e6f5
expires: Tue, 23 Nov 2021 04:36:03 GMT

GET
H2 200 shopify-boomerang-1.0.0.min.js Show response
cdn.shopify.com/shopifycloud/boomerang/ 58 KB
17 KB 34ms
34ms Script
application/javascript 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

886430890562cc216ae31a8047f07542f8df8c11f9465f9b08a8dd2da529ac9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 17388
x-xss-protection: 1; mode=block
x-request-id: b3ae10cedc8093f40a60dd92858b8e57
x-served-by: cache-lga21928-LGA, cache-mia11366-MIA
server: cache-mia11366-MIA
x-timer: S1637642163.237212,VS0,VE0
date: Tue, 23 Nov 2021 04:36:03 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-cache-hits: 8, 917452

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
475 B 55ms
54ms Ping
text/plain 34.138.230.116
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.75306309d086f5e1fa1611c602d3f899320a38b8.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.138.230.116 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

116.230.138.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
x-dc: gcp-us-east1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 16ae2329-3206-48d1-8c86-421ae987cee7

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
476 B 55ms
55ms Ping
text/plain 34.138.230.116
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.75306309d086f5e1fa1611c602d3f899320a38b8.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.138.230.116 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

116.230.138.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
x-dc: gcp-us-east1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: ebcd56cc-d85a-4904-ad0e-049de67c9d29

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
476 B 56ms
56ms Ping
text/plain 34.138.230.116
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.75306309d086f5e1fa1611c602d3f899320a38b8.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.138.230.116 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

116.230.138.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
x-dc: gcp-us-east1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 3508f68d-c714-4bf6-af8a-036332541343

GET
H2 200 General_Holiday_-desktop_1_1066x711_crop_center@2x.jpg
cdn.shopify.com/s/files/1/2181/4481/files/ 274 KB
275 KB 34ms
34ms Image
image/webp 2a04:4e42:e00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2181/4481/files/General_Holiday_-desktop_1_1066x711_crop_center@2x.jpg?v=1636734470

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mia11366-MIA /

Resource Hash

cc1e01a0cb1d9580a5a09c33f9ffbad6d5d664231253c43de6311ce453429c1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 281024
x-xss-protection: 1; mode=block
x-request-id: 60a34ba9856e13d767712a38d4fa2ffd
x-served-by: cache-lga21975-LGA, cache-mia11366-MIA
last-modified: Fri, 12 Nov 2021 19:19:35 GMT
server: cache-mia11366-MIA
x-timer: S1637642163.247378,VS0,VE3
date: Tue, 23 Nov 2021 04:36:03 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 12 Nov 2022 19:19:35 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/files/General_Holiday_-desktop_1_1066x711_crop_center@2x.jpg>; rel="canonical"
x-cache-hits: 1, 1

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
476 B 61ms
60ms Ping
text/plain 34.138.230.116
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.75306309d086f5e1fa1611c602d3f899320a38b8.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.138.230.116 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

116.230.138.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
x-dc: gcp-us-east1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: a390874f-5e8f-4539-9f73-d1e7b28a8a84

GET
H2 200 /
images.accentuate.io/ 7 KB
3 KB 101ms
85ms Image
image/svg+xml 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F1231903719466%2F1610646706858%2FFSA-badge.svg%3Fv%3D0&c_options=w_96,h_96

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300807a8632339de01c7fada5c4bc8a458fcf2bba7861d74ca889ee8446e5ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4374758
cf-ray: 6b27b1c1cf3402c6-MIA
content-disposition: attachment; filename="FSA-badge.svg"
server-timing: fastly;dur=1;cpu=0;start=2021-10-03T13:23:25.216Z;desc=hit,rtt;dur=24
vary: Accept-Encoding
content-length: 2465
x-request-id: e3c0d528ede0e4bf574a751af52ca8e9
last-modified: Sun, 03 Oct 2021 10:03:11 GMT
server: cloudflare
etag: W/"3ce52fcea30e91fbcedf6161bea20fd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTgXm3y36kALbuBxEvqNfLmrAef35zoPP5jmmSzewEp2fMuLVZmpRo4cNdTgPLIDuOm2QzKEyVL7yWGNToSvwvSMcpr3sDmMziF3hCTzVnx2DWNenXoayjTqw0OjQ52N8LTXbdEb4vPzfrOwolttjCZf"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 15 KB
6 KB 68ms
53ms Image
image/svg+xml 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F1231903719466%2F1611628572042%2FBestofBeauty_2020_RGB.svg%3Fv%3D0&c_options=w_96,h_96

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfbbd0772eda291e13d714b63c76011a05b1a830ee633732e379b487cb076dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4374758
cf-ray: 6b27b1c1cf3202c6-MIA
content-disposition: attachment; filename="BestofBeauty_2020_RGB.svg"
server-timing: fastly;dur=1;cpu=0;start=2021-10-03T13:23:25.215Z;desc=hit,rtt;dur=24
vary: Accept-Encoding
content-length: 5474
x-request-id: 99cb30134a9e0d6681c01c0a97301ee7
last-modified: Sun, 03 Oct 2021 10:03:12 GMT
server: cloudflare
etag: W/"2dcdc8cac3fe579880ae89981fe63eeb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5o6g3wkVrpjU3CTBR%2FyD0Wnfzp6Xq4gC77lhpzxC7vw3fTZHofXaY8A3NGmnG7VcEHoc7KMOExmOsmAtnnvlEuQhY76D5vxsg4FpVU5%2FWha63NSsbeG2rxhzE%2BalccfzlnM6lnVS1XF%2B6iYE37JFoFEV"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 26 KB
26 KB 70ms
55ms Image
image/jpeg 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F1231903719466%2F1610490568194%2Fmighty-patch-original-hover.jpg%3Fv%3D0&c_options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80605dd6653d1705776c10448f6fc7453bcf6de08ae0551f8b79b2c3b986729f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 400122
cf-ray: 6b27b1c1cf3302c6-MIA
server-timing: fastly;dur=1;cpu=0;start=2021-11-18T13:27:21.721Z;desc=hit,rtt;dur=26
vary: Accept-Encoding
content-length: 26525
last-modified: Sun, 03 Oct 2021 10:03:10 GMT
server: cloudflare
etag: "e8ee9b945e3d79e8ca48ae300db11e62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JJIheJv9Trn14zg8JsFhgXUD7TAnOsoA0Lvf0HsDHfQ87%2FB3hrIUtAFBvKgNMTnhcL8GJCCtdAF7%2FpCPilJGBJ8aqTuozg3Kiasjf1B3j5kl2lf7e3g6bwGeSKqrhPKdtkfwA8%2FUJk87EZ1rPau7BLB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 49 KB
49 KB 96ms
82ms Image
image/jpeg 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F4562059722794%2F1611612203387%2FPDP-2021-LW-Launch-Apply-3.jpg%3Fv%3D1628610831029&c_options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc342e0b812b60f9ca39e6215bdb9fbf1b09c24ec4f80cd70f8996ad17495be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1432179
cf-ray: 6b27b1c1cf2e02c6-MIA
server-timing: fastly;dur=1;start=2021-11-06T14:46:24.363Z;desc=hit,rtt;dur=24
vary: Accept-Encoding
content-length: 50062
last-modified: Sun, 03 Oct 2021 10:03:10 GMT
server: cloudflare
etag: "987abf81accd76c508f22f7224ba0a4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTSSmGCa7%2BLjb0A3xrTqN%2BmcAtE6eC2EY7DbG7ZyUPkJDFz8Hi7xcx28HKvfjRuiCBPkPxQ7INfRN6GC6cAp3fKDxO6YlHHWYGj0Fp4sY2p8X3eNRjBHJwO26GUmhAk57x%2BMJBG3PyX7ea3P7Bilo%2BrY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 2 KB
3 KB 68ms
54ms Image
image/png 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F4394508714026%2F1611629196164%2FELLE2020Beauty_Awards_LogoV1-96x96.png%3Fv%3D0&c_options=w_96,h_96

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe7ec77584ca08b2e86b4a7a7061236a59fe704eb72c94b723d4e49f8dd829ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4375569
cf-ray: 6b27b1c1cf3102c6-MIA
server-timing: fastly;dur=1;start=2021-10-03T13:09:54.955Z;desc=hit,rtt;dur=25
vary: Accept-Encoding
content-length: 2257
x-request-id: 4065da1ada744ceb275e89aa2e563e57
last-modified: Sun, 03 Oct 2021 10:00:23 GMT
server: cloudflare
etag: "e1ee5c553dc755f45236b9bd928a7a03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78%2Fw8DB8NLlbcHMPSd4G%2BuS4wg9bZyT47VDMxP%2BTUYDl7iWPFhVL3uwHFfRgKyZtqaRVcN%2FGE0k0EQUlbxdAAG1j5yY7lHxe847ekHJGE9B31%2BJSsn32HTDVyP86cWJ4l%2BDsaBsQlJoACsuktFqdcTZL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 54 KB
55 KB 99ms
86ms Image
image/jpeg 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F4394508714026%2F1611612063770%2FHero_RB_Thumbnail_hover_596x596.jpg%3Fv%3D0&c_options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c62195b74b679afaf7051f3996694e08e337c2abfeeaa12961afff3a337b9500

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521853
cf-ray: 6b27b1c1cf3002c6-MIA
server-timing: fastly;dur=2;cpu=1;start=2021-11-17T03:38:30.370Z;desc=hit,rtt;dur=24
vary: Accept-Encoding
content-length: 55152
last-modified: Sun, 03 Oct 2021 10:03:10 GMT
server: cloudflare
etag: "90d7a5bc8ed0c91651574d81621696f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WexzrPLwX8aZrSzubw5LvPm2BRFt3yle8xlDkPJM2o1f6Yz7kAtvOgVtOpZ4vN7kb7NGVlq14Mg72AQdaoGdQxq90tg549ydAeWAaaT8FcKu1E4lpkXKecLygXbmz7Fh%2F1dZJJQqAzNyWYdT6TeGwkX6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 7 KB
3 KB 64ms
58ms Image
image/svg+xml 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F6547895648298%2F1630420559322%2FFSA-badge.svg%3Fv%3D0&c_options=w_96,h_96

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300807a8632339de01c7fada5c4bc8a458fcf2bba7861d74ca889ee8446e5ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4367450
cf-ray: 6b27b1c22fe202c6-MIA
content-disposition: attachment; filename="FSA-badge.svg"
server-timing: fastly;dur=2;cpu=0;start=2021-10-03T15:25:13.969Z;desc=hit,rtt;dur=24
vary: Accept-Encoding
content-length: 2465
x-request-id: 3cd8d4bff91bb558f76ed051a0f0cc00
last-modified: Sun, 03 Oct 2021 10:03:11 GMT
server: cloudflare
etag: W/"3ce52fcea30e91fbcedf6161bea20fd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8REj4T8NUMh6k6Bmw2DDSd8afvNlLQqAc1%2B67c13J5HFriyqlwfznT3Hz4EuJi5C3FePKhoH8tNiXVS99XbStAh4FrLiV%2BwvJ40%2FA9MedDoYYRD3frF3QU4b959xsXffqqjEv0B7acDCUQsqgeHIPh1L"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 35 KB
35 KB 65ms
59ms Image
image/jpeg 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F6547895648298%2F1624070948141%2FFS_SPF_Marketing_1.jpg%3Fv%3D0&c_options=w_600,h_600

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b2ff694566a842da1f81277f2646b47e73443bb33f271e2620c3dfeda9a5a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28893
cf-ray: 6b27b1c22fe602c6-MIA
server-timing: fastly;dur=5;cpu=3;start=2021-11-22T20:34:30.092Z;desc=hit,rtt;dur=25
vary: Accept-Encoding
content-length: 35397
last-modified: Sun, 03 Oct 2021 10:03:10 GMT
server: cloudflare
etag: "9b5c889b533ba8ad8d09420332a0c567"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3nlZEEqkcH2%2FPGowcy9f5RMQCS0BEUey15iPZn%2FLeoYuIoWwvMkbfioWoICxdTJF4Vv%2B4zWPuHtF5kTe%2BZL3HcGe6JAymRYzq9omfDIHTJkgySOwDL3Qg1Dt%2FuSEhtWWE36cJO6iervrSvd2iOL7rCK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.6ae4a9fc.js Show response
s.pinimg.com/ct/lib/ 54 KB
18 KB 62ms
61ms Script
application/javascript 2a04:4e42:60::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:60::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "9850391ff02e4a98b00efa3acfbbbb10"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 18814
access-control-expose-headers: X-CDN

GET
H2 200 css
fonts.googleapis.com/ Frame 5694 2 KB
1 KB 221ms
80ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed&display=swap

Requested by

Host: hero.attn.tv
URL: https://hero.attn.tv/creative?v=128d7342&r=&w=1600&h=1200&id=af24a77c1a444dbeaa15e1a8961f5aaf&l=https%3A%2F%2Fwww.herocosmetics.us%2F&ss_ref=ORGANIC&t=n&pv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f473fefe40384ad90ca8a03212ad487e428a3cd5f403f5bd77a31a1a23414cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hero.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 04:06:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 04:36:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 04:36:03 GMT

GET
H2 200 vendors~main.6f4ead79.chunk.css
creatives.attn.tv/creatives-dynamic/multiPage/static/css/ Frame 5694 3 KB
2 KB 211ms
64ms Stylesheet
text/css 2600:9000:21da:bc00:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.attn.tv/creatives-dynamic/multiPage/static/css/vendors~main.6f4ead79.chunk.css
Requested by: Host: hero.attn.tv
URL: https://hero.attn.tv/creative?v=128d7342&r=&w=1600&h=1200&id=af24a77c1a444dbeaa15e1a8961f5aaf&l=https%3A%2F%2Fwww.herocosmetics.us%2F&ss_ref=ORGANIC&t=n&pv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:bc00:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a201b919964032a52a3d2c3365bd5cafdc2acf12ed71cd2f9905627ad105fc9

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hero.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 10:07:42 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 18:28:04 GMT
server: AmazonS3
age: 3349702
etag: W/"f2e89e15952289b66a3d98f0126da40a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: BxmMgZfR5cHetdGbLV5R8swr8prAYd8L
via: 1.1 92f8ba2eac28a12283a77bc938ff1729.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: EWR53-C1
content-type: text/css
x-amz-cf-id: VoK8zGRLAx7zQ7QHw7mJxnV7Zdlga0kVW3ScDen3Mnhfvfa-ubE7Yg==

GET
H2 200 main.4171e44e.css
creatives.attn.tv/creatives-dynamic/multiPage/static/css/ Frame 5694 588 B
997 B 212ms
65ms Stylesheet
text/css 2600:9000:21da:bc00:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.attn.tv/creatives-dynamic/multiPage/static/css/main.4171e44e.css
Requested by: Host: hero.attn.tv
URL: https://hero.attn.tv/creative?v=128d7342&r=&w=1600&h=1200&id=af24a77c1a444dbeaa15e1a8961f5aaf&l=https%3A%2F%2Fwww.herocosmetics.us%2F&ss_ref=ORGANIC&t=n&pv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:bc00:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23bf454835ec39b6ec911a13a02d06363dc54ff112743bc6270a3b03971b53ae

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hero.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 10:07:42 GMT
via: 1.1 92f8ba2eac28a12283a77bc938ff1729.cloudfront.net (CloudFront)
last-modified: Thu, 14 Oct 2021 18:28:04 GMT
server: AmazonS3
age: 3349702
etag: "3630f17d2f292ead3a2e341e61b64d62"
x-cache: Hit from cloudfront
x-amz-version-id: AR1wQnqIxzbEFc3YlDDqwQjapUiaywZO
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: EWR53-C1
accept-ranges: bytes
content-type: text/css
content-length: 588
x-amz-cf-id: maoGVrU2cUziVXqXU3a88lPnqXn0X1CnoyuE75OjaUGoOQUEQzWakg==

GET
H2 200 vendors~main.790e824c.chunk.js Show response
creatives.attn.tv/creatives-dynamic/multiPage/static/js/ Frame 5694 147 KB
49 KB 239ms
92ms Script
application/javascript 2600:9000:21da:bc00:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.attn.tv/creatives-dynamic/multiPage/static/js/vendors~main.790e824c.chunk.js
Requested by: Host: hero.attn.tv
URL: https://hero.attn.tv/creative?v=128d7342&r=&w=1600&h=1200&id=af24a77c1a444dbeaa15e1a8961f5aaf&l=https%3A%2F%2Fwww.herocosmetics.us%2F&ss_ref=ORGANIC&t=n&pv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:bc00:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b7e4352853fe7151dc05398399910a8a139e9c6d257737b8156ef1c579fd129

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hero.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 19:57:47 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 19:57:43 GMT
server: AmazonS3
age: 2191097
etag: W/"047ef19d1b9d0e35f012a4efdd2b3ded"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: h1foBBXtexjMywRfctiMkRti8M2EA60z
via: 1.1 92f8ba2eac28a12283a77bc938ff1729.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: EWR53-C1
content-type: application/javascript
x-amz-cf-id: suKkbLupTNQEoFX6ZlKhIfedg4TpolAYrzwoo2MqmSz_jFxWClApGA==

GET
H2 200 main.cf15c147.js Show response
creatives.attn.tv/creatives-dynamic/multiPage/static/js/ Frame 5694 208 KB
52 KB 272ms
126ms Script
application/javascript 2600:9000:21da:bc00:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.attn.tv/creatives-dynamic/multiPage/static/js/main.cf15c147.js
Requested by: Host: hero.attn.tv
URL: https://hero.attn.tv/creative?v=128d7342&r=&w=1600&h=1200&id=af24a77c1a444dbeaa15e1a8961f5aaf&l=https%3A%2F%2Fwww.herocosmetics.us%2F&ss_ref=ORGANIC&t=n&pv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:bc00:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec021e4ffcfc369c56ef330186d9ec1abaa9648bf86a2fb9bf397b19edd635be

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hero.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 20:14:53 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 20:14:51 GMT
server: AmazonS3
age: 548471
etag: W/"cde81202f1446f0d1b146cbfb734d847"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: NWaolB6VK.TMvRf_3SrLAjyX6wx96b7D
via: 1.1 92f8ba2eac28a12283a77bc938ff1729.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: EWR53-C1
content-type: application/javascript
x-amz-cf-id: i9v7QhaZIBunNyUECPcjz0niWaumO_VQe4TYFFhgIILa7kEfpv3xJA==

GET
H2 200 / Show response
ct.pinterest.com/user/ 508 B
751 B 128ms
56ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613867077094&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1637642163642
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 012bdfae93203b58ae5eda5fc842651f844f1a88cf437b16a70576c4646c9be1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:03 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.herocosmetics.us
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPU9UWmxZalU1TURndE5UUTBNaTAwWkRkbExXSmpObVF0TjJWaFkyUTBNemN6TmpjeA
x-pinterest-rid: 1459612937479234
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
content-length: 367
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
96 B 131ms
61ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613867077094&pd=%7B%22np%22%3A%22shopify%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.herocosmetics.us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226ae4a9fc%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1637642163644
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:03 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1310638762036252
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
330 B 139ms
69ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%7D&tid=2613867077094&pd=%7B%22np%22%3A%22shopify%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.herocosmetics.us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226ae4a9fc%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1637642163644
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:03 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 7
x-pinterest-rid: 8125080219405830
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 290ms
290ms Script
application/javascript 23.49.248.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2R434VBHJVP7P6R4110&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.8 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-akamai-request-id: 1b9c42b6.31bfb9fd
date: Tue, 23 Nov 2021 04:36:03 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-40-40-159.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-40-19-8.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 231,23.40.19.8
server-timing: cdn-cache; desc=MISS, edge; dur=227, origin; dur=4, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 20211123043603010245100084092DFE77
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 4,23.40.40.159
x-tt-trace-host: 013f68526d4e1c8907c9dbfa49d44b86cf2c3de47f8c75fe6a83464f26a4cc01b40d9ced43e7570e9a8102389ea48cbc47e8e1bfa2219d1d1c1da9bccfb7cf1fddca281c4da3aa299867ca929b77b97fd3664bcd65d8c9cc0677cce921089a0e7c9f6282887bd0434284d2c46b129736f6
expires: Tue, 23 Nov 2021 04:36:03 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 292ms
292ms Script
application/javascript 23.49.248.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C2R434VBHJVP7P6R4110&hostname=www.herocosmetics.us
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2R434VBHJVP7P6R4110&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.8 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a22cbf3800d778b03a80843c036086abe0d123b4972119595a7cf2e496436c0c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-akamai-request-id: db494bc.31bfba4e
date: Tue, 23 Nov 2021 04:36:03 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-40-40-148.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-40-19-8.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 233,23.40.19.8
server-timing: cdn-cache; desc=MISS, edge; dur=228, origin; dur=5, inner; dur=3
content-length: 1742
pragma: no-cache
server: nginx
x-tt-logid: 20211123043603010245241010122D7C3A
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.40.40.148
x-tt-trace-host: 013f68526d4e1c8907c9dbfa49d44b86cf2c3de47f8c75fe6a83464f26a4cc01b4f70b4e0ea7b5d0ed72fd4869c9916db187ca8bcb04c7303a9a45953f7a882318c4b47946a07308c8014b0d35b2b8ca2c064976d403c58ec689566db8982c579b28d9098defd2ed6e770c739064ceb690
expires: Tue, 23 Nov 2021 04:36:03 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
198 B 123ms
58ms XHR
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/md/
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:03 GMT
referrer-policy: origin
x-cdn: fastly
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1381199338791082
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
705 B 299ms
299ms Ping
application/octet-stream 23.49.248.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2R434VBHJVP7P6R4110&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.8 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1c65bccf.31bfbc51
date: Tue, 23 Nov 2021 04:36:04 GMT
x-cache-remote: TCP_MISS from a23-40-40-164.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-40-19-8.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 240,23.40.19.8
server-timing: cdn-cache; desc=MISS, edge; dur=227, origin; dur=13, inner; dur=7
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202111230436040102510110751753D99E
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.40.40.164
x-tt-trace-host: 013f68526d4e1c8907c9dbfa49d44b86cf2c3de47f8c75fe6a83464f26a4cc01b4a4ec1cd92c9b36d3887ef53199f6ffe1643bba72f6e1eef52a28f91fada3fb4da0af3cb6b238f2ce2502e65a52c8e62b08e3ac0f9ba61afd85cd94e0eee44a5d9037a9b32aa163256cbdd2f9ba683554
expires: Tue, 23 Nov 2021 04:36:04 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
706 B 304ms
304ms Ping
application/octet-stream 23.49.248.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2R434VBHJVP7P6R4110&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.8 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 23eb9ce8.31bfbc52
date: Tue, 23 Nov 2021 04:36:04 GMT
x-cache-remote: TCP_MISS from a23-40-40-165.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-40-19-8.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 243,23.40.19.8
server-timing: cdn-cache; desc=MISS, edge; dur=229, origin; dur=14, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20211123043604010245246036192E1CA2
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.40.40.165
x-tt-trace-host: 013f68526d4e1c8907c9dbfa49d44b86cf2c3de47f8c75fe6a83464f26a4cc01b422ef26c289053958170334d4f2efa10039759364c22c8929a3c12eb9a94adfd8744f4eef94059739170697b54c30df17f5a88bf5527e76fa1499c9f4518eeb17286a10d2774ba0b3cd3e10f9f7399e26
expires: Tue, 23 Nov 2021 04:36:04 GMT

GET
H2 200 Hero%20Logo_be5fb595.png
creatives.attn.tv/hero/ Frame 5694 2 KB
2 KB 109ms
109ms Image
image/png 2600:9000:21da:bc00:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.attn.tv/hero/Hero%20Logo_be5fb595.png
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:bc00:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9026401935a6468a2b2059c3a10aa1accacd71d7271ecf88783be350973434fb

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hero.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:05 GMT
via: 1.1 92f8ba2eac28a12283a77bc938ff1729.cloudfront.net (CloudFront)
last-modified: Fri, 05 Nov 2021 15:07:01 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
etag: "0c421d829c318bd9fb0c2710b0259374"
x-cache: Miss from cloudfront
x-amz-version-id: vspQOec.OCgLlGmuo8WJfDH9GXYa1JUa
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 2112
x-amz-cf-id: PutwWZ3OC46WQ0blxy28FiC3DbXUHL70JjOgH8gg9bvLza-eQXHqjg==

GET
H2 200 Desktop_%20Email%20Pop-up%20Desktop%20Half%20540%20x%20771_32e1b2ba.jpeg
creatives.attn.tv/hero/ Frame 5694 1 MB
1 MB 123ms
123ms Image
image/jpeg 2600:9000:21da:bc00:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.attn.tv/hero/Desktop_%20Email%20Pop-up%20Desktop%20Half%20540%20x%20771_32e1b2ba.jpeg
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:bc00:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59431844a46b6d5a59194d5f29a48c8e586405b593b7a36607a81532075cffba

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hero.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:05 GMT
via: 1.1 92f8ba2eac28a12283a77bc938ff1729.cloudfront.net (CloudFront)
last-modified: Fri, 05 Nov 2021 15:11:09 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
etag: "5aff14af37665e505ad18cc0134279cb"
x-cache: Miss from cloudfront
x-amz-version-id: r8nrSY106xkHNVl8GGxKaEmen68Yz7u.
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/jpeg
content-length: 1430578
x-amz-cf-id: NxC612tasRonTgoIcmGtQKZtXlq0MV9LLUIXzrKQHgzfUiGBWfnv5g==

GET
H3 200 css
fonts.googleapis.com/ Frame 5694 9 KB
826 B 149ms
78ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/static/js/main.cf15c147.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9906b2ed9453fed2b77840d0ea4d5b06daf480ded94f05e06552d3e2ae3c2a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hero.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 04:36:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 04:36:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 04:36:04 GMT

GET
H2 200 widget.js Show response
staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/ 402 KB
109 KB 219ms
69ms Script
text/javascript 2600:141b:13:1085::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.js?shop=tbate.myshopify.com

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13:1085::1d72 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

39d555012efe68836359acca381530a79c174705d504eca533ed4267a74b7295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
content-length: 111352
x-xss-protection: 1; mode=block
x-request-id: 1099ba065a157ac70270f139f4f5c5eb
x-runtime: 0.023172
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"097fa91a8c0d38dd9147d04d9373b0d1"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1357
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1 KB 32ms
29ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q&shop=tbate.myshopify.com
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 63fe60e471d81ef9d5132591e3fe6dfe43245f66638abea2aed433d136f05578

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
content-encoding: gzip
age: 37691
x-cache: HIT, HIT
access-control-max-age: 86400
content-length: 850
x-served-by: cache-lga21965-LGA, cache-mia11344-MIA
access-control-allow-origin: *
allow: GET, OPTIONS
server: nginx
x-timer: S1637642164.172021,VS0,VE0
etag: W/"5ca30f478875f96ac05e21ef86fda85f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 3

GET
H2 200 A19H8vTS9KoU0V2U-uthxg.js Show response
cdn-loyalty.yotpo.com/loader/ 99 KB
11 KB 234ms
71ms Script
text/javascript 2600:141b:13:1085::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-loyalty.yotpo.com/loader/A19H8vTS9KoU0V2U-uthxg.js?shop=tbate.myshopify.com

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13:1085::1d72 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2988e26679ec0e979b833a90942b9009d82335bc516d1e5b2e83dd52742af7f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ratelimit-reset: 1
content-encoding: gzip
x-content-type-options: nosniff
x-ratelimit-limit-second: 10000
x-kong-proxy-latency: 8
x-ratelimit-remaining-second: 9999
x-kong-upstream-latency: 85
l5d-success-class: 1.0
ratelimit-remaining: 9999
referrer-policy: strict-origin
ratelimit-limit: 10000
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
content-length: 10879
x-xss-protection: 1; mode=block
x-request-id: 142234e7-0543-4486-9b8d-49269dc06111
x-runtime: 0.045894
correlation-id: 76067545-75af-450c-bd0b-29b89b80ab50
server: nginx
x-frame-options: ALLOWALL
date: Tue, 23 Nov 2021 04:36:04 GMT
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-permitted-cross-domain-policies: none
cache-control: private, must-revalidate, max-age=0
access-control-allow-credentials: false
etag: W/"2988e26679ec0e979b833a90942b9009"
access-control-allow-headers: *

GET
H2 200 tracking_script Show response
bingshoppingtool-t2app-prod.trafficmanager.net/uet/ 639 B
786 B 324ms
95ms Script
application/x-javascript 168.61.66.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bingshoppingtool-t2app-prod.trafficmanager.net/uet/tracking_script?shop=tbate.myshopify.com

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.61.66.40 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c14c7d89d2f50cfddff9e5ab56ce377d0ca5ff385e2a6a22809235253f6e6dc5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Frame-Options	deny

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-frame-options: deny
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private
date: Tue, 23 Nov 2021 04:36:03 GMT
content-length: 543

GET
H2 200 online_store_script.js Show response
d24pi58tm9sxgh.cloudfront.net/impact/shopify/javascripts/ 2 KB
2 KB 209ms
63ms Script
application/javascript 2600:9000:202c:ea00:1e:e4a:5840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24pi58tm9sxgh.cloudfront.net/impact/shopify/javascripts/online_store_script.js?shop=tbate.myshopify.com
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:ea00:1e:e4a:5840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 167eefb7b10b3e9da487008300c272c1ac37dd9784b014a38638603f482488bc

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 11:10:01 GMT
via: 1.1 26302dbb69a1bcc1682e559282335ad9.cloudfront.net (CloudFront)
last-modified: Tue, 31 Aug 2021 17:06:34 GMT
server: AmazonS3
age: 62764
etag: "fa4e5d3a9ef1ce91ff49a82f0709d1c8"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
content-length: 1759
x-amz-cf-id: aBRdNetvb42g3tvOgwirZTHX4-VBQQhVP5moKoF7FvTIYyX6jzPccg==

GET
H3

200

script-29cd8c3234213624fdaf.js Show response
live.bb.eight-cdn.com/static/
Redirect Chain

https://live.bb.eight-cdn.com/script.js?shop=tbate.myshopify.com
https://live.bb.eight-cdn.com/static/script-29cd8c3234213624fdaf.js

5 KB
3 KB

78ms
43ms

Script
text/javascript

2606:4700:20::681a:c9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.bb.eight-cdn.com/static/script-29cd8c3234213624fdaf.js

Protocol

Server

2606:4700:20::681a:c9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be76c042dc8a900e73128ccbea6752f5a9ce88ed1eb37283f37f8eafb35af411

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
apigw-requestid: I859dgVrDoEEMmA=
referrer-policy: same-origin
last-modified: Wed, 17 Nov 2021 13:36:46 GMT
server: cloudflare
etag: W/"6195056e-1410"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8ZQ9zvGuVx%2BlqVIbiXYUbYjnj2T4ded0lm%2B3bAf%2Fc8IL47kXDG4DJiLB74oK5R5ucwOeDUZYCx3UCwj2DTvUSzZtWQOk7T8fpEK43krujJRDGY73fz5ckpStXs5DfWcLn0VFzTtCtldIklBFaJurKK%2FhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 6b27b1cbc9f02275-MIA

Redirect headers

date: Tue, 23 Nov 2021 04:36:05 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
apigw-requestid: JPZkTjGijoEEJFQ=
referrer-policy: same-origin
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mS0HXqsUBvSQqdlQPN%2BpkxNEcpUywT84mM7q4dI%2F4NND2QtLPT53zvYnz1qje7WLIhFf6%2Bh7OAbG8xnqrjTo8NxLaG71YX2RuufeLzDuoXwbYAMLX11d9lVtlw8nkXwf3oKvgSmQviCXPd4QhP5qY%2FWKjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /static/script-29cd8c3234213624fdaf.js
cache-control: public, max-age=3600
cf-ray: 6b27b1c80a98034d-MIA
expires: Tue, 23 Nov 2021 05:36:05 GMT

GET
H2 200 10967_1632518006.js Show response
app.backinstock.org/widget/ 53 KB
17 KB 128ms
51ms Script
text/javascript 2606:4700:3030::ac43:d2f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.backinstock.org/widget/10967_1632518006.js?v=5&shop=tbate.myshopify.com

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:d2f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b469cf425c528a8c897dfeced255c181b941de8bfba6c2d4b0cfd2189e464c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 2492498
p3p: CP="Not used"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNg6FdufRk1OyvY2HKFXaoIG1jpLZ6WV0EMrtxxCsmUIBngDFEuQ7osL9MQRgU4fPLgwd%2FoO7OoG%2Fnqxa8eLOHuB%2BZqqPWDR15%2FGdfOE2GoIAJq0yCNp%2FLJan2xyzjilmiYMy5FgESacU0N9q9QfTtR8"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: ebc02667-094a-4675-8523-1c182a6919a1
x-runtime: 0.037653
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Sep 2021 21:13:26 GMT
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"29b513c656898144cb5497562b9329e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2629746
cf-ray: 6b27b1c6889b09de-MIA

GET
H2

200

/ Show response
geoip-db.com/jsonp/
Redirect Chain

https://geoip-db.com/jsonp?callback=callback&_=1637642162777
https://geoip-db.com/jsonp/?callback=callback&_=1637642162777

175 B
281 B

158ms
158ms

Script
text/html

46.101.254.131
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip-db.com/jsonp/?callback=callback&_=1637642162777
Protocol: H2
Server: 46.101.254.131 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 325c17502b309a464c1b5775805a44cf1ce63e21a0f30852d878a54cd7e91d55

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Nov 2021 04:36:05 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
content-type: text/html; charset=UTF-8

Redirect headers

location: https://geoip-db.com/jsonp/?callback=callback&_=1637642162777
date: Tue, 23 Nov 2021 04:36:05 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 194
content-type: text/html

GET
H2 200 ct.html Show response
www.pinterest.com/ Frame AA31 413 B
4 KB 162ms
161ms Document
text/html 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5617130e0a10c0a161fb3dc76c3b538c3fd9868bf3143c3f581475d0a135663d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-77ef44b7c59a4e063faa3591edd07af3' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-com.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1586916350201238; frame-ancestors *
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-77ef44b7c59a4e063faa3591edd07af3' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-com.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1586916350201238; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-77ef44b7c59a4e063faa3591edd07af3' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
x-envoy-upstream-service-time: 103
content-encoding: gzip
referrer-policy: origin
x-pinterest-rid: 1586916350201238
date: Tue, 23 Nov 2021 04:36:04 GMT
vary: User-Agent, Accept-Encoding
x-cdn: fastly
pinterest-generated-by: coreapp-webapp-prod-0a011652
pinterest-version: 6eab8f3

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
61 KB 224ms
79ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D939QWJC76&l=dataLayer&cx=c

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9fd6767e0eb0c1a89951dcc353c5295a8f68b37e98c7f80046af7361e1065f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61643
x-xss-protection: 0
expires: Tue, 23 Nov 2021 04:36:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 206ms
63ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3788
date: Tue, 23 Nov 2021 03:32:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 23 Nov 2021 05:32:56 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 207ms
65ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: KcR1Fc91YkahFp7tcHnmd0tjkI1bHeJF7NKrXm+ABKXf8CyY/Ayn1NRA2qUkA5eHm15P+m0oiSNY5BSRtrrHsw==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 23 Nov 2021 04:36:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn4.mxpnl.com/libs/ 75 KB
25 KB 141ms
30ms Script
text/javascript 35.186.235.23
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.235.23 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 23.235.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d041681ad7b48ebd3e8eaf22937c7235b8c1ea0cf9069ec2fb88dcd42d3f9588

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:18:16 GMT
content-encoding: gzip
age: 37068
x-guploader-uploadid: ADPycdsf_Jz-ldjJVG_qGLSya5rHYl6zeQQfP9BktrVQKaP2byJDX001AYISogHj84pkCp93bzA-S5SIPTfohzfeJw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 25483
last-modified: Tue, 16 Nov 2021 18:27:30 GMT
server: UploadServer
etag: "77c5050453dd79be695c9d3979443265"
vary: Accept-Encoding
x-goog-hash: crc32c=Jbujhw==, md5=d8UFBFPdeb5pXJ05eUQyZQ==
x-goog-generation: 1637087250642836
access-control-allow-origin: *
cache-control: public,max-age=86400
x-goog-stored-content-length: 25483
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 23 Nov 2021 18:18:16 GMT

GET
H2 200 hotjar-1133465.js Show response
static.hotjar.com/c/ 4 KB
2 KB 183ms
61ms Script
application/javascript 13.225.63.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1133465.js?sv=7

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.63.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-63-15.ewr53.r.cloudfront.net

Software

Resource Hash

e6dce58813b6c31ac1b5580aeb3ae39901f769c180619034702969bdb12e8b97

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1896
access-control-allow-origin: *
cache-control: max-age=60
etag: W/967fe08e056a8acbd7ad366b3f2c4744
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront)
x-cache-hit: 1
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: fOtb6Xrs0Oa7WxfMAH3ApS6A9x3bwE1jbdELSjLd17W08OuRWXLmrw==

GET
H2 200 dtag.js Show response
cdn.attn.tv/hero/ 6 KB
3 KB 77ms
76ms Script
text/javascript 2600:9000:21da:4400:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/hero/dtag.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:4400:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0db4312a4ade88dc59517b6c0b78c47a8f8dfb58f85dc8a59b3fb3f7f53854a5

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: wz1ieaE4FwtHn34P8whpsotT5V_uj1g9
content-encoding: gzip
last-modified: Mon, 02 Aug 2021 14:23:18 GMT
server: AmazonS3
age: 7
etag: W/"d7b297d770d455c60801cd6c1750cf74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 3496707421faf86f68ae341aa8b7d1b9.cloudfront.net (CloudFront)
cache-control: public, max-age=120
date: Tue, 23 Nov 2021 04:35:58 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: HJbLi9_pSh4j78CV1DnmNUzNcwMyo63_k3lp8HHUX1PAyhXL9wTsmA==

GET
H2 200 8804d440-d9dd-11eb-b8bc-0242ac130003
pixel.streetmetrics.io/pixel/ 44 B
44 B 214ms
140ms Image
image/gif 2606:4700:3036::6815:b99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.streetmetrics.io/pixel/8804d440-d9dd-11eb-b8bc-0242ac130003?gtmcb=1507938553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:b99 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNoMBQ7RKfFJ23Pwa%2BxkC9u3hmyyIY9UPn8t30LHy6h1%2Fj9YHD36aLZCySAncNliSHo16XtLqLwBkJaxEE658X%2BWUr%2BqlUWCpKi8ToPZR4SNPWJwMubOjcdIARdo6gBouyWJ7fZHNhig6NhbFyRNJzhJ8Mjm"}],"group":"cf-nel","max_age":604800}
vary: Origin
content-length: 44
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: image/gif
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-ray: 6b27b1c808d02269-MIA

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 219ms
89ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

316bda79ebc11f2ec6c4654f6b0fe4ecdaea2382f1cdc27035972eb9e877b2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14383
x-xss-protection: 0
server: cafe
etag: 8922484703547193234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 04:36:04 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 62ms
62ms Script
application/javascript 2a04:4e42:60::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:60::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "95580b4fad0d5513b92f05a5be0d5a38"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 137ms
30ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 03 Nov 2021 15:08:58 GMT
server: snooserv
etag: "3fbf36d562f1d2a543a89683060265ed"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7632

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 216ms
66ms Script
application/javascript 151.101.208.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.208.157 Newark, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 23:38:59 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200127-IAD, cache-ewr18130-EWR

GET
H2 200 bat.js Show response
bat.bing.com/ 35 KB
11 KB 133ms
55ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 17:40:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0B1F75774E56469E8E9DC0AAEF668858 Ref B: MIAEDGE2706 Ref C: 2021-11-23T04:36:04Z
etag: "08933ecd9d0d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10202

GET
H2 200 scevent.min.js Show response
sc-static.net/ 18 KB
7 KB 229ms
87ms Script
application/javascript 13.225.63.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-61.ewr53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0cc2be64b24f8ae3f9951a81ce4964ea31e5663f5f739d7f34cf9dbaef8ae2c6

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: EWR53-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6816
via: 1.1 1ffe498380a643d1bb2efaa624b761a6.cloudfront.net (CloudFront)
x-amz-cf-id: vE39_yMOROUBIZYEqzKAHDZxie-kBVS8ydvK964YdxglXFIbEJ47gw==

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 1F35
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D29750...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D29750...

723 B
2 KB

77ms
77ms

Document
text/html

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=979529678859526900&dcc=t

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

373ba1eb77a24ce34df463dde241928669973e4c09a60cfefb3c8d061f9db09f

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/

Response headers

Server: Server
Date: Tue, 23 Nov 2021 04:36:04 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 723
Connection: keep-alive
x-amz-rid: 86EGV765WHRWKDSAHRQ7
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: Server
Date: Tue, 23 Nov 2021 04:36:04 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: 7F61AZNE67AGM7V6V8JQ
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=979529678859526900&dcc=t
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H2 200 mpo_thumbnail-copy.png
cld.accentuate.io/1231903719466/1621370082884/ 54 KB
54 KB 68ms
67ms Image
image/png 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/1231903719466/1621370082884/mpo_thumbnail-copy.png?v=1636520700011&options=w_600,h_600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8ecd573b4fb59d68fa623f4c5c2130e470b82ae559e4f86e6a891fcc80e1362

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28875
cf-ray: 6b27b1c6aed402c6-MIA
server-timing: fastly;dur=1;start=2021-11-22T20:34:49.803Z;desc=hit,rtt;dur=24
vary: Accept-Encoding
content-length: 55232
last-modified: Sun, 03 Oct 2021 10:03:11 GMT
server: cloudflare
etag: "3f6b6e7c2f6532b84c85d0ff8134c83e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfZUH%2FeZpx70gDoRVBEoRa8r6yGA%2FKOgEyCHPF0PZV6gvivxFOVieT51BpAHrC2ZpMXEURxMc9%2B7vEoznj4bQQ1wZFSxhZWzJ3sPcIW6uobqMOxTelW6hQ%2F3z2CTBszeGl9UO3R5dzJc4AhM0kUR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 2021-Hero-LW-PDP-Component.png
cld.accentuate.io/4562059722794/1621368583143/ 21 KB
22 KB 98ms
98ms Image
image/png 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cld.accentuate.io/4562059722794/1621368583143/2021-Hero-LW-PDP-Component.png?v=1633706472583&options=w_600,h_600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b780530f7153de0fb942eea156dc0e1acf9b3ccb694b44866892b2710d5404c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118547
cf-ray: 6b27b1c6aed602c6-MIA
server-timing: fastly;dur=2;cpu=1;start=2021-11-21T19:40:17.574Z;desc=hit,rtt;dur=26
vary: Accept-Encoding
content-length: 21608
last-modified: Fri, 08 Oct 2021 15:21:49 GMT
server: cloudflare
etag: "63e73d33f8445f9f0db0bf095ff0d18e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vH9EDmTexdnZ7v9nxbiSUWaL9Px7Fb6qg0KjFZb9Jjt2qzOkcqbb8gTTuBSo8A5w2ExLcRYfGxIfsX%2BY2WnDOaGn99bTMW6LP5viIsKlceTYgYZHQQAKg88YdOEdrrBaq1QD%2BlaSo2UlM6A%2FtbC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 26 KB
27 KB 50ms
49ms Image
image/png 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F4394508714026%2F1621370633216%2FHero_RB_Thumbnail_596x596.png%3Fv%3D0&c_options=w_600,h_600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff5fa34b7b4add78cedae128a55a17cadb6865f39c1788d9f9b6c315b06fb613

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28805
cf-ray: 6b27b1c829ab02c6-MIA
server-timing: fastly;dur=1;cpu=0;start=2021-11-22T20:35:59.023Z;desc=hit,rtt;dur=23
vary: Accept-Encoding
content-length: 26781
last-modified: Sun, 03 Oct 2021 10:03:10 GMT
server: cloudflare
etag: "5ab4f7d7a254bb7d0301c33775382b7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2U3DBj6EPLxCYWcEmX4OYJ0qMVVHG0aojgdFbhSQTFBSQbwmEsKeBi8210VgPdsARN8Puk3uh4UuXa7F7TWK%2B%2FoerGPjeMKw3ijB3Vxf%2FOsCv2Y3yfe4Hyg7gZhoYKo64lk%2BN1QO90TF5hCQ0liGPTg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
images.accentuate.io/ 33 KB
33 KB 50ms
50ms Image
image/png 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F6547895648298%2F1624071237902%2FHero_FS_SPF_Front_web.png%3Fv%3D1627325144366&c_options=w_600,h_600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66736e28f378e374f8392513aa1a031f47c787e2de3fa05abea269f31a14acbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521850
cf-ray: 6b27b1c87a2b02c6-MIA
server-timing: fastly;dur=2;cpu=0;start=2021-11-17T03:38:34.576Z;desc=hit,rtt;dur=24
vary: Accept-Encoding
content-length: 33381
last-modified: Sun, 03 Oct 2021 10:03:12 GMT
server: cloudflare
etag: "8c2f989157fddb1aac58b7668781baa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyZ9t2GK3G3mmQkZNXz0jdCsi8GQo9XZroLwQBIh4UhPwyKVOgf88jfVjHZIt5KJhM0RprkiephL%2FYoOgdJ%2BMNxotjMZGCF5ezuH7WKLWXIG4AblB81o2U0okWrBNuQ%2FLH44IWiOfsfyobKQf46FyCXT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v9/ Frame 5694 26 KB
26 KB 202ms
65ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v9/92zatBhPNqw73oTd4g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5f9fabf5def6c14f22f8bb87dbea8bab02c4a336f7c184ead31aaddca428197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hero.attn.tv
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:05:11 GMT
x-content-type-options: nosniff
age: 315053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26372
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:14:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:05:11 GMT

GET
H2 200 c4ml1n92AsfhuCq6tVsaioBd-Q.woff2
fonts.gstatic.com/s/kumbhsans/v6/ Frame 5694 30 KB
30 KB 247ms
110ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kumbhsans/v6/c4ml1n92AsfhuCq6tVsaioBd-Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0c74b13317c38c648227a79ea87b8506f9de531010094c47537fc117ec21fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hero.attn.tv
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:34:05 GMT
x-content-type-options: nosniff
age: 579719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30212
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 17:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 11:34:05 GMT

GET
H2 200 c4ml1n92AsfhuCq6tVsaioBd-Q.woff2
fonts.gstatic.com/s/kumbhsans/v6/ Frame 5694 30 KB
30 KB 277ms
141ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kumbhsans/v6/c4ml1n92AsfhuCq6tVsaioBd-Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0c74b13317c38c648227a79ea87b8506f9de531010094c47537fc117ec21fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hero.attn.tv
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:34:05 GMT
x-content-type-options: nosniff
age: 579719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30212
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 17:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 11:34:05 GMT

GET
H2 200 main.6ae4a9fc.js Show response
s.pinimg.com/ct/lib/ 54 KB
18 KB 62ms
60ms Script
application/javascript 2a04:4e42:60::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:60::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "9850391ff02e4a98b00efa3acfbbbb10"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 18814
access-control-expose-headers: X-CDN

PUT
H/1.1 204
No Content impression
hero.attn.tv/ Frame 5694 0
0 60ms
60ms Fetch 34.237.89.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hero.attn.tv/impression?id=af24a77c1a444dbeaa15e1a8961f5aaf&c=167531&pt=field_capture&prfa=45&prfb=667&prfc=504
Requested by: Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/static/js/main.cf15c147.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.89.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-89-32.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hero.attn.tv/creative?v=128d7342&r=&w=1600&h=1200&id=af24a77c1a444dbeaa15e1a8961f5aaf&l=https%3A%2F%2Fwww.herocosmetics.us%2F&ss_ref=ORGANIC&t=n&pv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy

POST
H/1.1 200
OK creative-interactions
hero.attn.tv/ Frame 5694 0
0 119ms
59ms Fetch 34.237.89.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hero.attn.tv/creative-interactions?crid=167531&coeid=_ou&vid=af24a77c1a444dbeaa15e1a8961f5aaf&crap=EMAIL&crat=VIEW&crpi=1&ts=1637642164
Requested by: Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/static/js/main.cf15c147.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.89.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-89-32.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hero.attn.tv/creative?v=128d7342&r=&w=1600&h=1200&id=af24a77c1a444dbeaa15e1a8961f5aaf&l=https%3A%2F%2Fwww.herocosmetics.us%2F&ss_ref=ORGANIC&t=n&pv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:03 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
content-length: 0

POST /
www.pinterest.com/_/_/csp_report/ Frame AA31 0
0

GET
H2 200 app.v1.0.358.js Show response
cdn-swell-assets.yotpo.com/ 1 MB
192 KB 124ms
30ms Script
text/plain 192.229.163.223
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-swell-assets.yotpo.com/app.v1.0.358.js
Requested by: Host: cdn-loyalty.yotpo.com
URL: https://cdn-loyalty.yotpo.com/loader/A19H8vTS9KoU0V2U-uthxg.js?shop=tbate.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.223 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9A9C) /
Resource Hash: 6e4218838e9584443232c143c67173b30af0cf69195977417476cf03c282dd74

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 08:52:31 GMT
server: ECS (mic/9A9C)
x-amz-meta-s3cmd-attrs: uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1637225550/atime:1637225550/md5:1d4143c7fa005439f9a1d5df09cd1c60/ctime:1637225550
age: 413542
etag: "1d4143c7fa005439f9a1d5df09cd1c60+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/plain
x-amz-request-id: W93AYFJWA9HHBQ4D
content-length: 195963
x-amz-version-id: 1rT9Z1B.GmbwVyjepzA4rASDsWCxgjez
x-amz-id-2: CBb5J07mpm8eA3+HVzu3XnB9XVLpd2gRMm7xxUCXYJCWlCqbGBgVJnIiMl8V7ZcJRFrhGw6pGRg=

GET
H3 200 173724809895244 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 135ms
67ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/173724809895244?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d83a7fcbef496d0ac909a41f946273275740e291089a985ec269e2ad6bad7dbb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88917
x-xss-protection: 0
pragma: public
x-fb-debug: 2G3aI7++Gr2StkEfFm3J/lz/0CUDnZOIF9t6mjnhE2ITqW2srBYTkR+A19WbQjsXzKAfrc8XufSGGpkh+zEXSQ==
x-frame-options: DENY
date: Tue, 23 Nov 2021 04:36:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 150ms
77ms XHR
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1753705210&t=pageview&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=687851642&gjid=772995036&cid=1622530996.1637642165&tid=UA-102753205-1&_gid=1968599536.1637642165&_r=1&gtm=2ygba1N73MWQN&z=1583189451

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herocosmetics.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.css
staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/ 330 KB
36 KB 74ms
74ms Stylesheet
text/css 2600:141b:13:1085::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.css?widget_version=2019-04-15_11-38-12

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.js?shop=tbate.myshopify.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13:1085::1d72 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

9d38fd5af2f1903f7c961c464a1d37b6440d3f1a6ef5aa05bae0c313cc770f6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
content-length: 36728
x-xss-protection: 1; mode=block
x-request-id: c918ea087d4bc1ec76c092982e0f376d
x-runtime: 0.100378
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"4c47987154f3c9148f8845e5ec4a2d6f"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=17762
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 86ms
63ms Image
image/gif 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1753705210&t=timing&_s=2&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2791&pdt=357&dns=32&rrt=173&srt=43&tcp=69&dit=1428&clt=1502&_gst=2834&_gbt=3145&_cst=1090&_cbt=2787&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1622530996.1637642165&tid=UA-102753205-1&_gid=1968599536.1637642165&gtm=2ygba1N73MWQN&z=834888547

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 20:55:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27637
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 250ms
59ms Image
image/gif 34.192.21.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&se_va=WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax&cx=eyJwdl91dWlkIjo1NTg4NTYyNTh9&dtm=1637642164576&tid=597041&vp=1600x1200&ds=1600x1200&vid=1&duid=8d23f3d07ffda0e2&p=web&tv=js-0.13.2&fp=3263723490&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.herocosmetics.us%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.21.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-21-137.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 04:36:04 GMT
Cache-Control: max-age=86400, private
Expires: Wed, 24 Nov 2021 04:36:04 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 75ms
75ms Ping
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-D939QWJC76&gtm=2oeba1&_p=1753705210&sr=1600x1200&ul=en-us&cid=1622530996.1637642165&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sid=1637642164&sct=1&seg=0&en=page_view&_fv=1&_ss=1&up.visitor_type=guest
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D939QWJC76&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herocosmetics.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 63ms
63ms Image
image/gif 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1753705210&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=global&ea=50%25%20scroll&el=https%3A%2F%2Fwww.herocosmetics.us%2F&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1622530996.1637642165&tid=UA-102753205-1&_gid=1968599536.1637642165&gtm=2ygba1N73MWQN&cm1=1&z=565299758

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 20:55:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27637
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 64ms
63ms Image
image/gif 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1753705210&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=user%20engagement&ea=90%25%20scroll&el=https%3A%2F%2Fwww.herocosmetics.us%2F&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1622530996.1637642165&tid=UA-102753205-1&_gid=1968599536.1637642165&gtm=2ygba1N73MWQN&cm2=1&z=33529816

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 20:55:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27637
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame F432 5 KB
6 KB 65ms
64ms Document
text/html 209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=sOvgez2BTOSuk_NDE1VPug&ex-pl-n-g-hmt=ocvrRnWMQ4iq1g5jWUMBWQ&ep=DvmjCSyxS0N2ecmRSatxTEATR76CCMHvps4nPaRKla8X7vj-QnMgPRRPQjVDAJRf4pKE_VIO639_bYnHDOJy6xmnrqAtQJEbzcHwMlnTpPOO7dMMGQiQSVA3xPzbPyjgIBciRDcLx7U7Q1r2WwLvS0zCudD2Q3dycBUrYPN46NCUi_TaKDjpsLA1JJPwd1hZqWV8htaX25QhGnEuXVG8cg

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=979529678859526900&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c2d9017d9d9d4b6de42f1ae0056ab997ca8acd04f0402aab2060f0afc16eb47c

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=979529678859526900&dcc=t

Response headers

Server: Server
Date: Tue, 23 Nov 2021 04:36:04 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 5215
Connection: keep-alive
x-amz-rid: GPEHXQS5K5W7M7SP3W0N
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
443 B 355ms
101ms XHR
text/plain 2607:f8b0:4023:1404::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-102753205-1&cid=1622530996.1637642165&jid=687851642&gjid=772995036&_gid=1968599536.1637642165&_u=YEBAAEAAAAAAAC~&z=376236577

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Nov 2021 04:36:04 GMT
content-type: text/plain
access-control-allow-origin: https://www.herocosmetics.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.1810afb089b838b62ed8.js Show response
script.hotjar.com/ 226 KB
60 KB 331ms
79ms Script
application/javascript 54.230.162.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.1810afb089b838b62ed8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1133465.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-77.ewr53.r.cloudfront.net

Software

Resource Hash

2147901a5a424ea92ad2fd2457976c46765880cf4d267aa711df70d026912ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 486658
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60615
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 13:25:01 GMT
etag: "1f23634605f98b007e0df34e60106bb8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6886c621d4716e156349149ba8d65b41.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: RizeYBuZwf1i2H_tAenby8CAamMF6744QjHO4tJK8sfMgSjR1YQwVQ==

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 302ms
65ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1637642164689&id=t2_3jqrn4g1&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=d0b47f5b-8220-4bfd-91d1-bc3276ef185e&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5b7866e3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H2 204 25097093.js Show response
bat.bing.com/p/action/ 0
111 B 116ms
116ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25097093.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Nov 2021 04:36:04 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BA17B3035D6348FDB1142F1A1D38261F Ref B: MIAEDGE2706 Ref C: 2021-11-23T04:36:04Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 74ms
74ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25097093&Ver=2&mid=a5528c27-0d0d-4faa-9d6c-0645639e5782&sid=de765ae04c1611ecb050b9f3a8d4f2e6&vid=de76ac104c1611ecb3c7dba1bc334a61&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&p=https%3A%2F%2Fwww.herocosmetics.us%2F&r=&lt=2801&evt=pageLoad&msclkid=N&sv=1&rn=27495
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A40E5B15FA3141358D73B5C45C69E059 Ref B: MIAEDGE2706 Ref C: 2021-11-23T04:36:04Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
images.accentuate.io/ 6 KB
7 KB 68ms
68ms Image
image/png 2606:4700:20::681a:54f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.accentuate.io/?image=https%3A%2F%2Fcdn.accentuate.io%2F39302519423018%2F1625592939154%2FHero_FS_SPF_Front-Updated.png%3Fv%3D0&c_options=w_200,h_200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47827f1ba5f754bdfd79a69017039ba2af2529e63bf6fcfb351473286caed2bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1079046
cf-ray: 6b27b1c97bab02c6-MIA
server-timing: fastly;dur=39;cpu=1;start=2021-11-10T16:51:58.533Z;desc=hit,rtt;dur=24
vary: Accept-Encoding
content-length: 6251
last-modified: Sun, 03 Oct 2021 10:03:16 GMT
server: cloudflare
etag: "596dbb3c305b70598b9b0aaab74e7a6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYVE5IY2hjkVbHoyNR8zoBwh%2FhPLA47z6HobTNoV1ro9evP%2BLpr2cNiFY7DrPXp8Gug%2F3V2k1CnpZ0X19rxJ6fZSKjjDb4wmAba0MjK8Pvpz0jyqprgHMnSm8QSk5GtH2Z6cTYz1fPnxiDqLLDERgpIX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600, no-transform, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 css
fonts.googleapis.com/ 3 KB
622 B 79ms
79ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.css?widget_version=2019-04-15_11-38-12

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://staticw2.yotpo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 04:04:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 04:36:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 04:36:04 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/775465074/ 2 KB
2 KB 298ms
80ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/775465074/?random=1637642164717&cv=9&fst=1637642164717&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2ygba1&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.herocosmetics.us%2F&tiba=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c93b0af5c7708f3e8c5dae65e13bee02380d5a9276152cbfd0cbd799e52dcbd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
673 B 286ms
78ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o2h0n&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=b529e92f-9b3d-4ad3-85b2-1c798786d661&tw_document_href=https%3A%2F%2Fwww.herocosmetics.us%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 11
pragma: no-cache
last-modified: Tue, 23 Nov 2021 04:36:04 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 14ceee8a3bb4781e9df2b34e1f8bfe5a824db3472c2256f7e0aafa57314c6ae3
x-transaction: 2abe8a4a49120d0a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
470 B 265ms
58ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o2h0n&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=b529e92f-9b3d-4ad3-85b2-1c798786d661&tw_document_href=https%3A%2F%2Fwww.herocosmetics.us%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_c /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 19
pragma: no-cache
last-modified: Tue, 23 Nov 2021 04:36:04 GMT
server: tsa_c
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f93b19e8965a7c8b329f41b051f833287c60bd11db0ade9aa54701ca3ef6e2e7
x-transaction: ae4093ebc535c3f3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 46 B
313 B 278ms
74ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=0470dae7-028b-4609-a07a-65a3ee776aed

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

a2aef314df12ae580d00c62eefebf69a2b75933357aa9acfd3a47d2d20660573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame FD51 672 B
880 B 242ms
74ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=0470dae7-028b-4609-a07a-65a3ee776aed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/

Response headers

server: nginx/1.17.3
date: Tue, 23 Nov 2021 04:36:04 GMT
content-type: text/html
content-length: 672
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 box-ad575b5823df97fc9725e14a57070642.html Show response
vars.hotjar.com/ Frame 7228 2 KB
1 KB 201ms
62ms Document
text/html 13.225.210.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1133465.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.210.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-210-108.ewr50.r.cloudfront.net
Software: /
Resource Hash: f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/

Response headers

content-type: text/html
content-length: 1050
date: Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified: Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-amz-cf-id: QZRyIToomI8hL30B9Mo-8CKhtGmhY9J5ZlMnpywppZXz92oo1Pnd3w==
age: 580799

GET
H2

200

ipv6 Show response
tr6.snapchat.com/ Frame 75EE
Redirect Chain

https://tr.snapchat.com/p
https://tr6.snapchat.com/ipv6?rid=0fa66f55-e562-4f0d-8e5e-6d5ce8830960

0
232 B

906ms
394ms

Document
text/plain

2600:1901:0:be84::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/ipv6?rid=0fa66f55-e562-4f0d-8e5e-6d5ce8830960

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:be84:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.herocosmetics.us
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/

Response headers

server: nginx/1.17.3
date: Tue, 23 Nov 2021 04:36:05 GMT
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

server: nginx/1.17.3
date: Tue, 23 Nov 2021 04:36:04 GMT
content-type: text/html
content-length: 68
access-control-allow-origin: *
cache-control: no-cache, no-transform
location: https://tr6.snapchat.com/ipv6?rid=0fa66f55-e562-4f0d-8e5e-6d5ce8830960
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 198ms
65ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=173724809895244&ev=PageView&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&rl=&if=false&ts=1637642164810&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637642164808.775957216&it=1637642164506&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 23 Nov 2021 04:36:04 GMT

GET
H3 200 cart.js Show response
www.herocosmetics.us/ 283 B
1 KB 95ms
94ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cart.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91fe4ad83167a86b3a2dd3b67b6399d674f58ca32aad07ef6d70b0a3c0ed5ba0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.herocosmetics.us/
X-Requested-With: XMLHttpRequest
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-shardid: 41
x-storefront-renderer-rendered: 1
server: cloudflare
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
x-shopid: 21814481
x-request-id: 9104d0b4-6925-482e-94b1-dc3a4fd90c38
vary: Accept-Encoding, Accept
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
cf-ray: 6b27b1ca9ef12293-MIA
x-sorting-hat-podid: 41
x-cartjs-updatedat: 0

POST
H2 200 produce
monorail-edge.shopifysvc.com/v1/ 0
476 B 65ms
64ms Ping
text/plain 34.138.230.116
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.138.230.116 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

116.230.138.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 04:36:04 GMT
x-dc: gcp-us-east1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 953df00d-b7d7-4d5d-bdcf-3e7f8b0071ef

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=205150503979004284081&ex=neustar.biz

43 B
556 B

131ms
61ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=205150503979004284081&ex=neustar.biz

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=sOvgez2BTOSuk_NDE1VPug&ex-pl-n-g-hmt=ocvrRnWMQ4iq1g5jWUMBWQ&ep=DvmjCSyxS0N2ecmRSatxTEATR76CCMHvps4nPaRKla8X7vj-QnMgPRRPQjVDAJRf4pKE_VIO639_bYnHDOJy6xmnrqAtQJEbzcHwMlnTpPOO7dMMGQiQSVA3xPzbPyjgIBciRDcLx7U7Q1r2WwLvS0zCudD2Q3dycBUrYPN46NCUi_TaKDjpsLA1JJPwd1hZqWV8htaX25QhGnEuXVG8cg

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XH9EAPVM88GQMQ4EC1QF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:05 GMT
via: 1.1 ede7b7df91a2d48009a8aae6c1aa9279.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR52-C2
location: https://s.amazon-adsystem.com/ecm3?id=205150503979004284081&ex=neustar.biz
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: 5VeKujvhBZHWnlb2ELAlHN7WkpFZ-oIhC30D8ICAuahGrVl2WWci2w==
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=0204f32cd7f4c88134bf5ec9e6d2fe49

43 B
556 B

130ms
61ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=0204f32cd7f4c88134bf5ec9e6d2fe49

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6A4MK76HHZ582DFMV19C
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=0204f32cd7f4c88134bf5ec9e6d2fe49
Date: Tue, 23 Nov 2021 04:36:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
556 B

162ms
61ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VFTJ05VBMNBT9P6KKBT4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
Date: Tue, 23 Nov 2021 04:36:05 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=7XcVya9vR7KPIXVpS6pLWg
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=7XcVya9vR7KPIXVpS6pLWg&verify=true
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=7XcVya9vR7KPIXVpS6pLWg

43 B
556 B

154ms
63ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=7XcVya9vR7KPIXVpS6pLWg

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 610K5PHZ1ZF3PQBNZ8BX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=7XcVya9vR7KPIXVpS6pLWg
date: Tue, 23 Nov 2021 04:36:05 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UPdeb10ff9-4c16-11ec-90e3-0e5762b885b3
https://s.amazon-adsystem.com/ecm3?id=e41fcf70ab75b08244eb9a08a834bfd406f8805e&ex=aoldisplay.com

43 B
556 B

159ms
63ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=e41fcf70ab75b08244eb9a08a834bfd406f8805e&ex=aoldisplay.com

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: F8C143JZTNTTHYKP5FFE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=e41fcf70ab75b08244eb9a08a834bfd406f8805e&ex=aoldisplay.com
date: Tue, 23 Nov 2021 04:36:05 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=0a8ab98f-789a-4aed-ad9e-81f3cac2c078

43 B
556 B

103ms
62ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=0a8ab98f-789a-4aed-ad9e-81f3cac2c078

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: AM72N6Z5GX2VXMDM08Y8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Date: Tue, 23 Nov 2021 04:36:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=0a8ab98f-789a-4aed-ad9e-81f3cac2c078

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=d2c69fef7ea7481ca34aa08939dee9ac

43 B
556 B

122ms
62ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=d2c69fef7ea7481ca34aa08939dee9ac

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5JPM41GHQ1Y0RDH04RK3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=d2c69fef7ea7481ca34aa08939dee9ac
date: Tue, 23 Nov 2021 04:36:05 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://s.amazon-adsystem.com/ecm3?id=y-IRv3SX9E2pE4AJbiKttxUl1N.ddCEJdXsOOV~A&status=NOT_FOUND&ex=gemini

43 B
556 B

62ms
61ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=y-IRv3SX9E2pE4AJbiKttxUl1N.ddCEJdXsOOV~A&status=NOT_FOUND&ex=gemini

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0NSY57D9Q401TW70TGV0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 23 Nov 2021 04:36:05 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?id=y-IRv3SX9E2pE4AJbiKttxUl1N.ddCEJdXsOOV~A&status=NOT_FOUND&ex=gemini
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2 200 /
spl.zeotap.com/ Frame F432 404 B
404 B 138ms
55ms Image
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1353&env=mWeb&eventType=pageview&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%24_ZTP_UUID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=sOvgez2BTOSuk_NDE1VPug&ex-pl-n-g-hmt=ocvrRnWMQ4iq1g5jWUMBWQ&ep=DvmjCSyxS0N2ecmRSatxTEATR76CCMHvps4nPaRKla8X7vj-QnMgPRRPQjVDAJRf4pKE_VIO639_bYnHDOJy6xmnrqAtQJEbzcHwMlnTpPOO7dMMGQiQSVA3xPzbPyjgIBciRDcLx7U7Q1r2WwLvS0zCudD2Q3dycBUrYPN46NCUi_TaKDjpsLA1JJPwd1hZqWV8htaX25QhGnEuXVG8cg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b27b1cb6f4e21d3-MIA
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=b484b3a2c51329d7e74023d3d83bff67&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

155ms
60ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=b484b3a2c51329d7e74023d3d83bff67&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3KYM5S7S441FN76PNKZY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:04 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=b484b3a2c51329d7e74023d3d83bff67&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1637642164746018-290

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
556 B

66ms
59ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: DDGAVCY48XGZVB3KEFGD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 23 Nov 2021 04:36:05 GMT
via: 1.1 71994794c0ae42f7776bc799e33a979b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: EWR52-C2
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=TJQ1MB1G76QG6EXS23YX:sn=www.imdb.com
x-cache: Miss from cloudfront
vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
content-length: 0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
server: Server
x-amz-rid: TJQ1MB1G76QG6EXS23YX
strict-transport-security: max-age=31536000; includeSubDomains
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
permissions-policy: interest-cohort=()
x-robots-tag: none
x-amz-cf-id: DBoiSIU0cmoUrhxHtp9elkazli-pyLlSss3Nz3rsw6eOW_HCq71xYA==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame F432 0
338 B 232ms
56ms Image
text/plain 34.237.173.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=sOvgez2BTOSuk_NDE1VPug&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=sOvgez2BTOSuk_NDE1VPug&ex-pl-n-g-hmt=ocvrRnWMQ4iq1g5jWUMBWQ&ep=DvmjCSyxS0N2ecmRSatxTEATR76CCMHvps4nPaRKla8X7vj-QnMgPRRPQjVDAJRf4pKE_VIO639_bYnHDOJy6xmnrqAtQJEbzcHwMlnTpPOO7dMMGQiQSVA3xPzbPyjgIBciRDcLx7U7Q1r2WwLvS0zCudD2Q3dycBUrYPN46NCUi_TaKDjpsLA1JJPwd1hZqWV8htaX25QhGnEuXVG8cg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.173.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-173-244.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:05 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1637642165
x-served-by: beacon-n007-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame F432 0
263 B 245ms
55ms Image
text/plain 54.81.7.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=sOvgez2BTOSuk_NDE1VPug&ex-pl-n-g-hmt=ocvrRnWMQ4iq1g5jWUMBWQ&ep=DvmjCSyxS0N2ecmRSatxTEATR76CCMHvps4nPaRKla8X7vj-QnMgPRRPQjVDAJRf4pKE_VIO639_bYnHDOJy6xmnrqAtQJEbzcHwMlnTpPOO7dMMGQiQSVA3xPzbPyjgIBciRDcLx7U7Q1r2WwLvS0zCudD2Q3dycBUrYPN46NCUi_TaKDjpsLA1JJPwd1hZqWV8htaX25QhGnEuXVG8cg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.7.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-7-92.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Server: nginx/1.16.1
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e7ffeb6418b12201

43 B
556 B

62ms
61ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e7ffeb6418b12201

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: DQV3G2FAJ8QDGSFG0QJ0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e7ffeb6418b12201
date: Tue, 23 Nov 2021 04:36:05 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 93
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=1053074&nid=2179&put=I82zfMoLR1WniIMZn221gg&next=https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT

43 B
556 B

63ms
63ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NQ1XGCW632329PWFV750
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: d3682eda7e5cb79782b1d5475f50e8fc
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=uw282VU8TCmzw8fCwlGyQA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=uw282VU8TCmzw8fCwlGyQA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=58774573467902483333074860490631213082

43 B
556 B

61ms
61ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=58774573467902483333074860490631213082

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Y1PNGB0MF23E2K636B7X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-usw2-2-v016-04fbc820c.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: IxNe0JALSHQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=58774573467902483333074860490631213082
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=6RLkfytVTJu0uUHq7day9A
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10610339985053103018&gdpr=&gdpr_consent=

43 B
556 B

62ms
61ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10610339985053103018&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N21B0PCFXTV2XVTHBNQF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:05 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10610339985053103018&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=

43 B
556 B

62ms
61ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XDST5DQ6HV2MCFA9JH34
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 23 Nov 2021 04:36:05 GMT
ETag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Server: nginx/1.19.2
X-Powered-By: Express
Content-Type: image/gif; charset=utf-8
Location: https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=
Referer: px.surveywall-api.survata.com, px.surveywall-api.survata.com, px.surveywall-api.survata.com
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6609201023583653501

43 B
556 B

64ms
64ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6609201023583653501

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZVAWXJHYP6ADPHD0V5JB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:05 GMT
server: nginx
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6609201023583653501
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=df0ff2cb-4c16-11ec-afd3-183ad5690503
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=df0ff246-4c16-11ec-afd3-183ad5690503

43 B
556 B

63ms
63ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=df0ff246-4c16-11ec-afd3-183ad5690503

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: W22YBR6P8A26B7CXA8MW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 23 Nov 2021 04:36:05 GMT
Server: nginx
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=df0ff246-4c16-11ec-afd3-183ad5690503
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 222
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22a171cc7a-51ba-4c37-8d66-31cf5beb807d%22,%22Time%22:%2220211122T233605.601765%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=a171cc7a-51ba-4c37-8d66-31cf5beb807d

43 B
556 B

62ms
62ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=a171cc7a-51ba-4c37-8d66-31cf5beb807d

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 751AH9DAQ4DKGS4K400F
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=a171cc7a-51ba-4c37-8d66-31cf5beb807d
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEAOjogNqxjR5a97BjYjd4So&google_cver=1

43 B
556 B

62ms
61ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEAOjogNqxjR5a97BjYjd4So&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FS2DF6P09ZCP32YATXTW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEAOjogNqxjR5a97BjYjd4So&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=amzn
https://s.amazon-adsystem.com/ecm3?ex=krux.com&id=Of5DefR3

43 B
556 B

61ms
61ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=krux.com&id=Of5DefR3

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: KC714NSGMPJ47YE9NBQ7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: //s.amazon-adsystem.com/ecm3?ex=krux.com&id=Of5DefR3
date: Tue, 23 Nov 2021 04:36:05 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a003-ash-prod.krxd.net

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=a88a3b150793521a1d290eab8dc1cab9

43 B
556 B

62ms
61ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=a88a3b150793521a1d290eab8dc1cab9

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CTZBMHEA3CBQTA74M60Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 23 Nov 2021 04:36:05 GMT
via: 1.1 4e3df844337032b56b8434990b0f76ca.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=a88a3b150793521a1d290eab8dc1cab9
content-length: 108
x-amz-cf-id: hk0_2jNg9wrYJO10_x2ZH26I5dV4fLK4OLVTVq9RedIXJ6Q_gBTQjg==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=d38a04ad-66c6-c846-2e56-e4999ac130df

43 B
556 B

64ms
63ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=d38a04ad-66c6-c846-2e56-e4999ac130df

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FDP3GT8X2Q3H7GB4HY74
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 23 Nov 2021 04:36:05 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=d38a04ad-66c6-c846-2e56-e4999ac130df
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1
https://s.amazon-adsystem.com/ecm3?ex=index&id=KM5YhSwwnfKZ28-Wp7tdVzc4cls4ZgAC

43 B
556 B

61ms
60ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KM5YhSwwnfKZ28-Wp7tdVzc4cls4ZgAC

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: DN7ERAWSEH6C4M605W38
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KM5YhSwwnfKZ28-Wp7tdVzc4cls4ZgAC
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 267
Expires: Tue, 23 Nov 2021 04:36:05 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=830788563D1DD8BE

43 B
556 B

64ms
63ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=830788563D1DD8BE

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: H0Z2J7X9G481ZF7RNYJV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:06 GMT
Frontend-ID: 8
Location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=830788563D1DD8BE
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin: *
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://s.amazon-adsystem.com/ecm3?id=6554793325189761322&ex=appnexus.com

43 B
556 B

62ms
62ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=6554793325189761322&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: RQJZ7BM2PAECY57EP3K9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
X-Proxy-Origin: 87.101.93.102; 87.101.93.102; 634.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: c8d82fa6-7b7a-43e0-986a-d12fc35bf744
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?id=6554793325189761322&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=XLcvS7dfvq5QT8LnxZb2XsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

43 B
556 B

62ms
62ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=XLcvS7dfvq5QT8LnxZb2XsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QKAPR3NPEM8AD5F4WAZ9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=XLcvS7dfvq5QT8LnxZb2XsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 2dd9fa24169fa04536d533da131679f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=ocvrRnWMQ4iq1g5jWUMBWQ&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
556 B

60ms
60ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NVDRGBVA5EPX368H0YJ9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://loadus.exelator.com/load/?p=204&g=8888&j=0
https://loadus.exelator.com/load/?p=204&g=8888&j=0&xl8blockcheck=1
https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=a546cac9ee4a6c7adc98e4dab08a4fc2

43 B
556 B

62ms
62ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=a546cac9ee4a6c7adc98e4dab08a4fc2

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9Z629X338B0N24M0GXX2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 23 Nov 2021 04:36:05 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=a546cac9ee4a6c7adc98e4dab08a4fc2
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=DFA44F2DB66F9C61DF5BFBB2025D038A

43 B
556 B

61ms
61ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=DFA44F2DB66F9C61DF5BFBB2025D038A

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YGRDDVBJQR77MX9AZM9F
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 23 Nov 2021 04:36:06 GMT
Server: openresty/1.15.8.2
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=DFA44F2DB66F9C61DF5BFBB2025D038A
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Content-Length: 151
Expires: Tue, 23 Nov 2021 04:36:05 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-Gy5pGPN1l2PlTvTfEdtr5xBu9rEf3dc-

43 B
556 B

64ms
63ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-Gy5pGPN1l2PlTvTfEdtr5xBu9rEf3dc-

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: X0Z03GRY1QTER6MA8TDS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-Gy5pGPN1l2PlTvTfEdtr5xBu9rEf3dc-
date: Tue, 23 Nov 2021 04:36:05 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=3665fb51ea138b8aa713a4e7c61e31c2b7e15d5e85cf601b53bbb791f39f9164

43 B
556 B

65ms
65ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=3665fb51ea138b8aa713a4e7c61e31c2b7e15d5e85cf601b53bbb791f39f9164

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9F97GQXGDPTPEWYW4M8E
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:05 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=3665fb51ea138b8aa713a4e7c61e31c2b7e15d5e85cf601b53bbb791f39f9164
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=E4881211-6043-48C3-920E-8DFC8F13A642

43 B
556 B

62ms
62ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=E4881211-6043-48C3-920E-8DFC8F13A642

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3SVJXSXJ5AZCAPQJSA50
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=E4881211-6043-48C3-920E-8DFC8F13A642
date: Tue, 23 Nov 2021 04:36:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F432
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=917340de-111a-48a0-b499-451cbb79df6a-tuct895f536

43 B
556 B

62ms
62ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=917340de-111a-48a0-b499-451cbb79df6a-tuct895f536

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 04:36:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SJ8FAJDVCA27TS6XKV81
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=917340de-111a-48a0-b499-451cbb79df6a-tuct895f536
date: Tue, 23 Nov 2021 04:36:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 36027

GET
H3 200 loggedincustomer Show response
www.herocosmetics.us/apps/ 2 B
1 KB 181ms
181ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/apps/loggedincustomer

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.herocosmetics.us/
X-Requested-With: XMLHttpRequest
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1,gcp-us-east1
vary: Accept-Encoding, Accept
x-shopify-request-trackable: false
x-shopify-stage: production
cf-ray: 6b27b1cb68952293-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-shardid: 41
x-storefront-renderer-rendered: 1
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
content-language: en
x-request-id: de7e68ad-7658-484b-b749-f5ba615af5d5
x-shopid: 21814481
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
content-type: application/json; charset=utf-8
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-sorting-hat-podid: 41

GET
H2 200 /
www.google.com/pagead/1p-user-list/775465074/ 42 B
154 B 222ms
82ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/775465074/?random=1637642164717&cv=9&fst=1637640000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2ygba1&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.herocosmetics.us%2F&tiba=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&async=1&fmt=3&is_vtc=1&random=3607977929&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame FD51 18 KB
7 KB 67ms
67ms Script
application/javascript 13.225.63.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=0470dae7-028b-4609-a07a-65a3ee776aed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-61.ewr53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0cc2be64b24f8ae3f9951a81ce4964ea31e5663f5f739d7f34cf9dbaef8ae2c6

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:24:02 GMT
content-encoding: gzip
server: CloudFront
age: 43923
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: EWR53-C1
access-control-allow-headers: Content-Type
content-length: 6816
via: 1.1 1ffe498380a643d1bb2efaa624b761a6.cloudfront.net (CloudFront)
x-amz-cf-id: Nre-NBCAGNAidAClwhDeItEdW-LMohLjeAXqSu1A9wPWFe7NU-Ba5Q==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 218ms
81ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102753205-1&cid=1622530996.1637642165&jid=687851642&_u=YEBAAEAAAAAAAC~&z=1477217984

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame B4F1
Redirect Chain

https://tr.snapchat.com/cm/s?pnid=140&cb=1637642165121
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1637507629238%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1637507629238%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1637507629238&pnid=140&pcid=3689c51b-3e27-44a5-b177-2a8ae9026c0e

0
15 B

80ms
80ms

Document
text/html

35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1637507629238&pnid=140&pcid=3689c51b-3e27-44a5-b177-2a8ae9026c0e

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/

Response headers

server: nginx/1.17.3
date: Tue, 23 Nov 2021 04:36:05 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

date: Tue, 23 Nov 2021 04:36:05 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://tr.snapchat.com/cm/p?rand=1637507629238&pnid=140&pcid=3689c51b-3e27-44a5-b177-2a8ae9026c0e
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1133465/ 146 B
323 B 483ms
149ms XHR
application/json 52.50.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1133465/visit-data?sv=7
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.124.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-124-16.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 23 Nov 2021 04:36:05 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 bootstrap.min.css
cdn-swell-assets.yotpo.com/ Frame 71D1 128 KB
17 KB 33ms
32ms Stylesheet
text/css 192.229.163.223
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-swell-assets.yotpo.com/bootstrap.min.css
Requested by: Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.358.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.223 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9B23) /
Resource Hash: d85fdb38867dbfd85d49d3711045f03ba72cccfc3217003f911b34d18a05d580

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:05 GMT
content-encoding: gzip
last-modified: Sat, 03 Nov 2018 07:07:15 GMT
server: ECS (mic/9B23)
age: 13151162
etag: "ac7e8e8ff20e7d843326d71a28ecb087+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=315360000
x-amz-request-id: W6KSKK4P2KR28PRF
content-length: 16944
x-amz-version-id: null
x-amz-id-2: 0Q/AwvuOUocaesxNsR2/g9KLqOle5TUQ7H1fRAfJShKg+VB8KkDhiS0FGCKZITQA/f1jKoigeAw=

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 71D1 30 KB
7 KB 107ms
40ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.358.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 625, 617, 617
age: 17321460
cdn-cachedat: 2021-05-06 13:01:37
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: fa6349add65319855e4af84132f886d5
cf-ray: 6b27b1cd1c0a67ed-MIA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3 200 css
fonts.googleapis.com/ 5 KB
660 B 78ms
77ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:400,bold,normal

Requested by

Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.358.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 03:38:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 04:36:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 04:36:05 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 132ms
65ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=173724809895244&ev=Microdata&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&rl=&if=false&ts=1637642165322&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All%22%2C%22meta%3Adescription%22%3A%22Everyone%20deserves%20to%20feel%20amazing%20in%20their%20skin.%20That%E2%80%99s%20why%20we%20make%20customizable%20acne%20toolkits%20to%20handle%20any%20pimple%20challenge.%20Seriously%20effective%20solutions%20with%20powerfully%20clean%20ingredients%20for%20all%20ages%20%26%20skin%20types%20%E2%80%94%20from%20our%20cult-fave%20hydrocolloid%20Mighty%20Patch%20to%20Rescue%20Balm%2C%20Micropoint%20for%20Dark%20Spots%2C%20and%20beyond!%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Hero%20Cosmetics%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.herocosmetics.us%2F%22%2C%22og%3Atitle%22%3A%22Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22Everyone%20deserves%20to%20feel%20amazing%20in%20their%20skin.%20That%E2%80%99s%20why%20we%20make%20customizable%20acne%20toolkits%20to%20handle%20any%20pimple%20challenge.%20Seriously%20effective%20solutions%20with%20powerfully%20clean%20ingredients%20for%20all%20ages%20%26%20skin%20types%20%E2%80%94%20from%20our%20cult-fave%20hydrocolloid%20Mighty%20Patch%20to%20Rescue%20Balm%2C%20Micropoint%20for%20Dark%20Spots%2C%20and%20beyond!%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637642164808.775957216&it=1637642164506&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:36:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 23 Nov 2021 04:36:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 71D1 5 KB
660 B 78ms
78ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:400,bold,normal

Requested by

Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.358.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 02:47:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 04:36:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 04:36:05 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
374 B 347ms
81ms XHR
application/json 35.190.25.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1637642169624

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Tue, 23 Nov 2021 04:36:09 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.herocosmetics.us
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
alt-svc: clear
content-length: 25

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 76ms
76ms Ping
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-D939QWJC76&gtm=2oeba1&_p=1753705210&sr=1600x1200&ul=en-us&cid=1622530996.1637642165&_s=2&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&dt=Hero%20Cosmetics%20%7C%20Hero%20Cosmetics%20%7C%20Superpowered%20Skincare%20For%20All&sid=1637642164&sct=1&seg=0&en=scroll&_et=56&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D939QWJC76&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 04:36:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herocosmetics.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.pinterest.com
URL: https://www.pinterest.com/_/_/csp_report/?rid=1586916350201238

Domain: www.pinterest.com
URL: https://www.pinterest.com/_/_/csp_report/?reportonly

Domain: www.pinterest.com
URL: https://www.pinterest.com/_/_/csp_report/?reportonly

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

107 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-19 22:55:28	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
www.herocosmetics.us/	1970-01-20 07:39:38	Name: secure_customer_sig Value:
www.herocosmetics.us/	1970-01-19 22:54:03	Name: _shopify_country Value: United+States
www.herocosmetics.us/	1970-01-19 23:14:11	Name: cart_currency Value: USD
.herocosmetics.us/	1970-01-19 23:14:11	Name: _orig_referrer Value:
.herocosmetics.us/	1970-01-19 23:14:11	Name: _landing_page Value: %2F
.herocosmetics.us/	1970-01-20 07:39:38	Name: _y Value: 53e79d67-98d4-4c32-aa7c-715ed827a7da
.herocosmetics.us/	1970-01-19 22:54:03	Name: _s Value: ebe5e546-76c5-4501-90f9-b38a9aaec206
.herocosmetics.us/	1970-01-20 07:39:38	Name: _shopify_y Value: 53e79d67-98d4-4c32-aa7c-715ed827a7da
.herocosmetics.us/	1970-01-19 22:54:03	Name: _shopify_s Value: ebe5e546-76c5-4501-90f9-b38a9aaec206
www.herocosmetics.us/	1970-01-19 23:14:11	Name: localization Value:
www.herocosmetics.us/	1970-01-20 16:25:14	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2Mzc2NDIxNjMsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3Lmhlcm9jb3NtZXRpY3MudXMvIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNjM3NjQyMTYzLCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL3d3dy5oZXJvY29zbWV0aWNzLnVzLyJ9fQ==
www.herocosmetics.us/	1970-01-19 22:54:05	Name: shopify_pay_redirect Value: pending
www.herocosmetics.us/	1970-02-10 20:30:02	Name: __attentive_id Value: af24a77c1a444dbeaa15e1a8961f5aaf
www.herocosmetics.us/	1970-02-10 20:30:02	Name: __attentive_cco Value: 1637642163078
www.herocosmetics.us/	1970-01-19 22:55:50	Name: __attentive_pv Value: 1
www.herocosmetics.us/	1970-01-19 22:55:50	Name: __attentive_ss_referrer Value: "ORGANIC"
www.herocosmetics.us/	1970-01-23 14:30:02	Name: _attn_ Value: eyJ1Ijoie1wiY29cIjoxNjM3NjQyMTYzMTYxLFwidW9cIjoxNjM3NjQyMTYzMTYxLFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcImFmMjRhNzdjMWE0NDRkYmVhYTE1ZTFhODk2MWY1YWFmXCJ9In0=
.herocosmetics.us/	1970-01-19 22:54:03	Name: _shopify_sa_t Value: 2021-11-23T04%3A36%3A03.182Z
.herocosmetics.us/	1970-01-19 22:54:03	Name: _shopify_sa_p Value:
www.herocosmetics.us/	1970-01-19 22:55:28	Name: __attentive_dv Value: 1
.ct.pinterest.com/	1970-01-20 07:39:38	Name: _pinterest_ct_ua Value: "TWc9PSYrVFE2SXZIOW1vWlZBTnZyWndMdEhQb1pySkxKY3FteHhFUlFVNDZ1OVY3Nkk1ZW9VbWxFTjdKbnVRL09IcHA2VC9vTnpoRTJNSTdvcWdwOVpjODBleXJ5Y0UyNHhLZUJlOTZIRTlmL0tsRT0meHV5alN4cjZvczF4eGtQVWVVWjByOUJTbFAwPQ=="
.herocosmetics.us/	1970-01-20 07:39:38	Name: _pin_unauth Value: dWlkPU9UWmxZalU1TURndE5UUTBNaTAwWkRkbExXSmpObVF0TjJWaFkyUTBNemN6TmpjeA
.herocosmetics.us/	1970-01-20 01:03:38	Name: _gcl_au Value: 1.1.1686772660.1637642164
.pinterest.com/	1970-01-20 07:32:26	Name: _pinterest_sess Value: TWc9PSY3OW1CamF3MkVNTldQRDV6VGZZYzRRUXF5M1Z2dzJjVVRpdTNvNi9OTFl6Nk5PTy9Oak53Ykp1UXVGL3JIajh4SWZKUUtMNDdaa2RoZ1JCeWVjUUw4aGRMbHlvUmQwdHFvcUtidXNCR0dBWHU1TmNXN2g1VVVpK0haQldPSXZzbyZvRVJNYndzbm14VHpudTZpZE9oTzVBdDNHQUE9
.amazon-adsystem.com/	1970-01-20 04:10:50	Name: ad-id Value: A_xyvo147kv6nBNWRCWGVR8
.amazon-adsystem.com/	1970-01-21 19:39:38	Name: ad-privacy Value: 0
.herocosmetics.us/	1970-01-19 22:55:28	Name: _gid Value: GA1.2.1968599536.1637642165
.herocosmetics.us/	1970-01-19 22:54:02	Name: _gat_UA-102753205-1 Value: 1
www.herocosmetics.us/	1970-01-20 16:25:14	Name: _sp_id.4add Value: 8d23f3d07ffda0e2.1637642165.1.1637642165.1637642165
www.herocosmetics.us/	1970-01-19 22:54:03	Name: _sp_ses.4add Value: *
.bing.com/	1970-01-20 08:15:38	Name: MUID Value: 3B55BE890F01617C1018AE710EBF6078
.bat.bing.com/	1970-01-19 23:04:06	Name: MR Value: 0
.herocosmetics.us/	1970-01-20 16:25:14	Name: _ga_D939QWJC76 Value: GS1.1.1637642164.1.0.1637642164.0
.herocosmetics.us/	1970-01-20 07:39:38	Name: mp_96dd5e317dbb929c96626f744cffd5ec_mixpanel Value: %7B%22distinct_id%22%3A%20%2217d4b14599317-010b8b7099c05a-978183a-1d4c00-17d4b145994ef1%22%2C%22%24device_id%22%3A%20%2217d4b14599317-010b8b7099c05a-978183a-1d4c00-17d4b145994ef1%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%22%24os%22%3A%20%22Windows%22%2C%22%24browser%22%3A%20%22Chrome%22%2C%22%24browser_version%22%3A%2096%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.herocosmetics.us/	1970-01-20 16:25:14	Name: _ga Value: GA1.2.1622530996.1637642165
.herocosmetics.us/	1970-01-20 01:03:38	Name: _rdt_uuid Value: 1637642164688.d0b47f5b-8220-4bfd-91d1-bc3276ef185e
.herocosmetics.us/	1970-01-19 22:55:28	Name: _uetsid Value: de765ae04c1611ecb050b9f3a8d4f2e6
.herocosmetics.us/	1970-01-20 08:15:38	Name: _uetvid Value: de76ac104c1611ecb3c7dba1bc334a61
.herocosmetics.us/	1970-01-20 08:23:48	Name: _scid Value: 5ad5b5be-006c-4fd4-9f2c-5990a51f64db
.herocosmetics.us/	1970-01-20 01:03:38	Name: _fbp Value: fb.1.1637642164808.775957216
.yotpo.com/	1970-01-20 07:39:38	Name: pixel Value: ae41985e-3f91-45d2-6c55-4b2fc335d006
.facebook.com/	1970-01-20 01:03:38	Name: fr Value: 0O1XjxlPhDTdSRq5U..BhnG-0...1.0.BhnG-0.
.twitter.com/	1970-01-20 16:25:14	Name: personalization_id Value: "v1_aZigVLDbboimb7g5OClm9A=="
.zeotap.com/	1970-01-20 07:39:38	Name: zc Value: ca40d624-ff19-4e82-5397-58ad2a907435
.zeotap.com/	1970-01-19 22:55:28	Name: zsc Value: %BA%9A%B7%C4%06%5D%A0G%7B%FEZ%2An%3F%CC%BC%B8%3E%14z%1BhJ%B99h%26%3C%83%C0H%BA%A6%7F%ACF%A1MXTM%BC%D0%17%A36%1A%23%BF%C9%BA%AA%95%85%C3%D1%C1%BA%B3q%18%BE%0Eg%C9%94%DA%0B%F2%ED%DE%F1%1C%95I%C42%8Foq%ECZ%8C%F0p%AD
.advertising.com/	1970-01-20 07:41:04	Name: APID Value: UPdeb10ff9-4c16-11ec-90e3-0e5762b885b3
.bidswitch.net/	1970-01-20 07:39:38	Name: tuuid Value: b45b135a-94e0-4361-95e0-65874672e39c
.bidswitch.net/	1970-01-20 07:39:38	Name: c Value: 1637642165
.bidswitch.net/	1970-01-20 07:39:38	Name: tuuid_lu Value: 1637642165
.herocosmetics.us/	1970-01-20 07:39:38	Name: _hjSessionUser_1133465 Value: eyJpZCI6ImI0ZjVkNDA4LTBlNjAtNWZjYy1iZjY4LTY5MGRmZTAwYmQ0NCIsImNyZWF0ZWQiOjE2Mzc2NDIxNjUxMDEsImV4aXN0aW5nIjpmYWxzZX0=
.herocosmetics.us/	1970-01-19 22:54:03	Name: _hjFirstSeen Value: 1
.herocosmetics.us/	1970-01-19 22:54:03	Name: _hjSession_1133465 Value: eyJpZCI6IjMxODA2MDE0LTA1MWMtNGQwNi1hNWY0LTE2NzNlMDk0NThlMSIsImNyZWF0ZWQiOjE2Mzc2NDIxNjUxNDR9
www.herocosmetics.us/	1970-01-19 22:54:02	Name: _hjIncludedInPageviewSample Value: 1
.herocosmetics.us/	1970-01-19 22:54:03	Name: _hjAbsoluteSessionInProgress Value: 0
www.herocosmetics.us/	1970-01-19 22:54:02	Name: _hjIncludedInSessionSample Value: 0
.tremorhub.com/	1970-01-20 07:39:59	Name: tvid Value: d363daab0e654141b0b80d8f4f8bfea0
.tremorhub.com/	1970-01-20 16:25:55	Name: tv_UIAM Value: d2c69fef7ea7481ca34aa08939dee9ac
.yahoo.com/	1970-01-20 07:39:59	Name: A3 Value: d=AQABBLVvnGECEGV1OrFayixsvbuZhkLQdmQFEgEBAQHBnWGmYQAAAAAA_eMAAA&S=AQAAAruM-f6Gz0DHrzgP3mzMZxc
.agkn.com/	1970-01-20 07:39:38	Name: ab Value: 0001%3AoxZF9XjTxNgGtXzCuRW187y%2B516daiNN
.myvisualiq.net/	1970-01-20 16:25:14	Name: tuuid Value: 0a8ab98f-789a-4aed-ad9e-81f3cac2c078
.myvisualiq.net/	1970-01-20 16:25:14	Name: c Value: 1637642165
.myvisualiq.net/	1970-01-20 16:25:14	Name: tuuid_lu Value: 1637642165
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPdeb10ff9-4c16-11ec-90e3-0e5762b885b3
.yahoo.com/	1970-01-19 22:55:28	Name: APIDTS Value: 1637642165
ads.stickyadstv.com/	1970-01-19 23:37:14	Name: UID Value: b484b3a2c51329d7e74023d3d83bff67
ads.stickyadstv.com/	1970-01-19 23:14:11	Name: uid-bp-30833 Value: 1
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 65b6e9cbbe1040e6e044933fe86de16
.snapchat.com/	1970-01-20 08:15:38	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwRGAMAgEwIqYOeQgxG7EhCpSvF/3teYWTWxBv1OYj0qhKHNXr0ikJ48St4aN4KXh51d8Cg6iNUAAAAA=
.tapad.com/	1970-01-20 00:20:26	Name: TapAd_TS Value: 1637642165354
.tapad.com/	1970-01-20 00:20:26	Name: TapAd_DID Value: 3689c51b-3e27-44a5-b177-2a8ae9026c0e
www.herocosmetics.us/	1970-01-20 22:52:35	Name: userCountry Value: United%20States
www.herocosmetics.us/	1970-01-20 22:52:35	Name: userState Value: Florida
.tapad.com/	1970-01-20 00:20:26	Name: TapAd_3WAY_SYNCS Value:
.krxd.net/	1970-01-20 03:13:14	Name: _kuid_ Value: Of5DefR3
.mookie1.com/	1970-01-20 08:22:50	Name: id Value: 10610339985053103018
.mookie1.com/	1970-01-20 08:22:50	Name: mdata Value: 1\|10610339985053103018\|1637642165451
.mookie1.com/	1970-01-20 08:22:50	Name: ov Value: 629f862c679c59d2a8d19bf17e1e540f
.herocosmetics.us/	1970-01-20 08:23:48	Name: _sctr Value: 1\|1637625600000
ads.samba.tv/	1970-01-20 08:22:50	Name: sambapxid Value: e7ffeb6418b12201
.rubiconproject.com/	1970-01-20 07:39:38	Name: khaos Value: KWBLV22L-27-DP9E
.adform.net/	1970-01-19 23:37:14	Name: C Value: 1
.surveywall-api.survata.com/	1970-01-20 03:14:40	Name: svResp Value: cbfc5776-3cbc-19f4-7ee4-14abe617c45b
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1637624165_1
.serving-sys.com/	1970-01-20 01:03:20	Name: u2 Value: a171cc7a-51ba-4c37-8d66-31cf5beb807d4E9090
.doubleclick.net/	1970-01-20 16:25:14	Name: IDE Value: AHWqTUmFRzfP-04qHeshxk9kSdt-dL4VHizQGt6tiqeL_7EiAUfqjc7Zy6sj47tY1dU
.adform.net/	1970-01-20 00:20:26	Name: uid Value: 6609201023583653501
.openx.net/	1970-01-20 07:39:38	Name: i Value: 58f04789-d3eb-4c4b-b48e-aee696d5c8c2\|1637642165
.scorecardresearch.com/	1970-01-20 16:10:50	Name: UID Value: 14NRZXMEFXSXZSATIQQWMOg1637642166
.spotxchange.com/	1970-01-20 07:39:42	Name: audience Value: df0ff246-4c16-11ec-afd3-183ad5690503
.demdex.net/	1970-01-20 03:13:14	Name: demdex Value: 58774573467902483333074860490631213082
.casalemedia.com/	1970-01-20 07:39:38	Name: CMID Value: YZxvtXwE14rpiYyi3t4zYgAA
.casalemedia.com/	1970-01-20 01:03:38	Name: CMPS Value: 363
.analytics.yahoo.com/	1970-01-20 07:41:04	Name: IDSYNC Value: "195g~21os:17ki~21os:18zd~21os"
.adnxs.com/	1970-01-20 01:03:38	Name: uuid2 Value: 6554793325189761322
.exelator.com/	1970-01-20 01:46:50	Name: EE Value: "a546cac9ee4a6c7adc98e4dab08a4fc2"
.casalemedia.com/	1970-01-20 01:03:38	Name: CMPRO Value: 572
.casalemedia.com/	1970-01-19 22:55:28	Name: CMST Value: YZxvtWGcb7UA
.rubiconproject.com/	1970-01-20 07:39:38	Name: audit Value: 1\|JmJNbx88jYgUhPaj2AZZsbGwslpqGk5Q0K53C7EGbKopTwDvOxoI3KhSlBc/dRXMVZdR9hEdZCcwHTRO1/p4iI6Nm6jhz3KOBTnHUxeqwqBubPWupJwohhd6Yal/nUqGnK53hXUfaCJrsq2cs6fTHcMaHpt7wDFSb6TmGAtzLpdkpTamRW6gkrzDT3cMf3P8vVCijm/h0f690hrn3MB7kkwjFgVaEqWffbPSpELRx1GnoZtVqvDt1fKeEOazMA84
.ispot.tv/	1970-01-20 16:25:14	Name: pt Value: v2:3665fb51ea138b8aa713a4e7c61e31c2b7e15d5e85cf601b53bbb791f39f9164\|12670255ca143b2b2983979afd451ce3b0fff71d05b8df8c30c5ca0d7d56a2b5
.dpm.demdex.net/	1970-01-20 03:13:14	Name: dpm Value: 58774573467902483333074860490631213082
.exelator.com/	1970-01-20 01:46:50	Name: ud Value: "eJxrXxzq6XKLQSHR1MQsOTHZMjXVJNEs2TwxJdnSItUkJTHJwCLRJC3ZaHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvqi0ODFRSlpDItKik8F71vaBQDheSuX"
.semasio.net/	1970-01-20 07:39:38	Name: SEUNCY Value: 830788563D1DD8BE
.pubmatic.com/	1970-01-19 22:55:28	Name: KTPCACOOKIE Value: YES
.taboola.com/	1970-01-20 07:39:38	Name: t_gid Value: 917340de-111a-48a0-b499-451cbb79df6a-tuct895f536
.ninthdecimal.com/	1970-01-20 03:13:14	Name: ndat Value: LU+k32Gcb7ay+1vfigNdAg==
.pubmatic.com/	1970-01-20 01:03:38	Name: KADUSERCOOKIE Value: E4881211-6043-48C3-920E-8DFC8F13A642

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-77ef44b7c59a4e063faa3591edd07af3' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
alb.reddit.com
amazon.partners.tremorhub.com
analytics.tiktok.com
analytics.twitter.com
api-js.mixpanel.com
app.backinstock.org
app.swellrewards.com
bat.bing.com
beacon.krxd.net
bingshoppingtool-t2app-prod.trafficmanager.net
bs.serving-sys.com
c1.adform.net
cdn-loyalty.yotpo.com
cdn-swell-assets.yotpo.com
cdn.attn.tv
cdn.shopify.com
cdn4.mxpnl.com
cdnjs.cloudflare.com
cld.accentuate.io
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
creatives.attn.tv
ct.pinterest.com
d24pi58tm9sxgh.cloudfront.net
dpm.demdex.net
events.attentivemobile.com
fonts.googleapis.com
fonts.gstatic.com
geoip-db.com
googleads.g.doubleclick.net
hero.attn.tv
herocosmetics.us
ib.adnxs.com
image6.pubmatic.com
images.accentuate.io
in.hotjar.com
lciapi.ninthdecimal.com
live.bb.eight-cdn.com
lm.serving-sys.com
loadus.exelator.com
maxcdn.bootstrapcdn.com
monorail-edge.shopifysvc.com
odr.mookie1.com
p.yotpo.com
pi.ispot.tv
pixel.advertising.com
pixel.rubiconproject.com
pixel.streetmetrics.io
pixel.tapad.com
px.surveywall-api.survata.com
s.amazon-adsystem.com
s.pinimg.com
sb.scorecardresearch.com
sc-static.net
script.hotjar.com
shop.app
shopify-gtm-suite.getelevar.com
spl.zeotap.com
ssapi.herocosmetics.us
ssum-sec.casalemedia.com
static.ads-twitter.com
static.hotjar.com
static.klaviyo.com
staticw2.yotpo.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.taboola.com
t.co
t.myvisualiq.net
tags.bluekai.com
token.rubiconproject.com
tr.snapchat.com
tr6.snapchat.com
uipglob.semasio.net
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
vars.hotjar.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.herocosmetics.us
www.imdb.com
www.pinterest.com
www.redditstatic.com
x.bidswitch.net
www.pinterest.com
104.244.42.3
104.244.42.69
107.178.246.49
13.225.210.108
13.225.63.15
13.225.63.61
13.226.37.38
141.226.224.48
142.251.32.98
142.251.41.2
143.204.149.52
151.101.0.84
151.101.129.140
151.101.130.132
151.101.130.133
151.101.208.157
168.61.66.40
18.205.33.239
18.206.102.118
184.29.129.7
185.167.164.39
192.229.163.223
192.35.249.127
2001:4860:4802:38::15
209.54.176.128
23.209.184.224
23.227.38.32
23.227.38.33
23.227.38.74
23.49.248.8
2600:141b:13:1085::1d72
2600:1901:0:be84::
2600:1f18:612b:4216:7de5:38a9:e1be:23d8
2600:9000:202c:5400:1a:609a:6780:93a1
2600:9000:202c:ea00:1e:e4a:5840:21
2600:9000:210b:1c00:f:8ce2:fb80:93a1
2600:9000:21da:4400:1c:9484:cec0:93a1
2600:9000:21da:bc00:a:78b:4e00:93a1
2606:4700:10::6816:1957
2606:4700:20::681a:54f
2606:4700:20::681a:c9e
2606:4700:3030::ac43:d2f8
2606:4700:3036::6815:b99
2606:4700::6810:135e
2606:4700::6810:7eaf
2606:4700::6812:bcf
2607:f8b0:4006:806::2002
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2003
2607:f8b0:4006:81e::200e
2607:f8b0:4006:822::2004
2607:f8b0:4023:1404::9b
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:60::84
2a04:4e42::396
2a04:4e42:e00::268
3.222.167.3
34.120.58.162
34.138.230.116
34.192.21.137
34.192.56.19
34.206.33.80
34.210.53.141
34.229.3.43
34.237.173.244
34.237.89.32
35.168.96.170
35.186.226.184
35.186.235.23
35.190.25.25
35.190.90.30
35.211.178.172
35.244.159.8
45.79.164.223
46.101.254.131
50.57.31.206
52.45.76.65
52.50.124.16
52.6.91.228
52.70.197.1
54.175.87.114
54.230.162.77
54.81.7.92
63.251.28.218
68.67.178.10
69.173.151.100
76.13.32.147
8.28.7.81
8.43.72.97
012bdfae93203b58ae5eda5fc842651f844f1a88cf437b16a70576c4646c9be1
03af4f97ca4a6f4345c7f1b190da652426cf027808b9b345bea4a75b8d477804
04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4
074ecce33f51d5d8d1bb3de98722cbf043b1f765cb1a083488c1730f87ae41b5
0b7e4352853fe7151dc05398399910a8a139e9c6d257737b8156ef1c579fd129
0b850991db54c2e0c6a6b7a3c818d88205ced62b9f93665cca47f9cb2802b208
0cc2be64b24f8ae3f9951a81ce4964ea31e5663f5f739d7f34cf9dbaef8ae2c6
0db4312a4ade88dc59517b6c0b78c47a8f8dfb58f85dc8a59b3fb3f7f53854a5
0f473fefe40384ad90ca8a03212ad487e428a3cd5f403f5bd77a31a1a23414cb
107dad5add93781ddf6c4562cc6da3dbe5b406bab97930e43df6d6c17a99af26
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11de231b8aa361f5f4e621a775eb7de2fde2f3db101aa6a0b370dc42f434746c
167eefb7b10b3e9da487008300c272c1ac37dd9784b014a38638603f482488bc
1863a9be3a4116016d3b5d5574f6183cde4c5dac51d085a563c969d939870241
2147901a5a424ea92ad2fd2457976c46765880cf4d267aa711df70d026912ab7
23bf454835ec39b6ec911a13a02d06363dc54ff112743bc6270a3b03971b53ae
2410189e8cd9c74a2fa0f8585e6ea025638c6c872925fe6ee458271d6e0ea1b7
27b96237f095c28666e8da35ca868514c3470f4ba817904e3303cfb6315c80b1
27e4c91570826b32846a174aaddeb37aec54f653638d5594994d2c9177a3149b
28b383fecb87510f90bba4d9f8a7613981945e61b9893293211b52b124e33687
2988e26679ec0e979b833a90942b9009d82335bc516d1e5b2e83dd52742af7f0
29c9dfb6cf3a450236cae6de80aad6ed4d811c4de28ec94a03415644cc8e7c21
2b2ff694566a842da1f81277f2646b47e73443bb33f271e2620c3dfeda9a5a6f
2c95fbfb9ef3cb04946309ec9e6f7afa4a07c3ceb1cd4f9ce188f2fb312190bc
300807a8632339de01c7fada5c4bc8a458fcf2bba7861d74ca889ee8446e5ad4
316bda79ebc11f2ec6c4654f6b0fe4ecdaea2382f1cdc27035972eb9e877b2ff
325c17502b309a464c1b5775805a44cf1ce63e21a0f30852d878a54cd7e91d55
336274d698b29746f863da6ef86ac4d3aff9354a9a2b796731dd1a0db09bbb87
373ba1eb77a24ce34df463dde241928669973e4c09a60cfefb3c8d061f9db09f
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38ea8af607c6f3dd8c07fa1d027010c4382d8037a026d0492817648e1a4ce8f1
39d555012efe68836359acca381530a79c174705d504eca533ed4267a74b7295
3a807d8eea9a93fbb56d2a4e656a9b361b0854cd190f5a86fd453b6cea5958f8
3fa4fd1e31aabb8a3ff5f8bbaae61c86fcb33566abfc08a3b9ff473eaff624d2
41956dfbc3ce0c23c1595d1cafe097944392a9df1138920b2785576603ef387c
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47827f1ba5f754bdfd79a69017039ba2af2529e63bf6fcfb351473286caed2bf
4a201b919964032a52a3d2c3365bd5cafdc2acf12ed71cd2f9905627ad105fc9
4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4c718e6c04604e704e210624d400222cd989eb140a8b7ff479ced4f7c116e96e
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
5120eec0790764797922dfb870c937b7cb342b682e2cd529804872be96ea895b
52b2329d1e5888abc91802b0e23ae1cdb4f42ee45419f1b105cadfb5427d8a36
5617130e0a10c0a161fb3dc76c3b538c3fd9868bf3143c3f581475d0a135663d
565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4
570c18a72f8c237ee28c78cc10ac99cece43c0b4a95aa2afd497dd70716dc5fc
59431844a46b6d5a59194d5f29a48c8e586405b593b7a36607a81532075cffba
5992b9737d3929ffee7f86624cb7bc5d928cd7c0a82c5d7627921f720c6e19b6
5b7a32f948ef3cca7d6525663ff1eeee3b2c133ed10a5a2c2183ac7d9d5b6803
5fc989ccff2af15a5d8202ad64a62e15411c78915b4005e26ba3984d0f9d4770
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
63fe60e471d81ef9d5132591e3fe6dfe43245f66638abea2aed433d136f05578
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
66736e28f378e374f8392513aa1a031f47c787e2de3fa05abea269f31a14acbc
69ac9afe639ee5db48a2263cf73d914f962c02a9449a8ec52a9da109ec9bd4dc
6a3dbb230b9c333a39405f7dc4115a91bb3dcae67f68c76ac5c81451dc2f4ac2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cc4b32de9ef6161a9bc1ed62866cdd378336356887adccd57858eb4f939f9bf
6e4218838e9584443232c143c67173b30af0cf69195977417476cf03c282dd74
745e280a74e1ad3eaff7092934051d32882b92b3cc4921ff714068e7b73fab24
749cff5b22f4044e201065772ae841de8ee26478f60e3715dc0347693fd9013f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a51c0b14ef346ad7fd3aaaf1274f151551a5e047352213622ebe9661e2a05cd
7b3a311e463360814d373ee4ebd1f7ed7f2168953f50b409c5f0115d9bfe89e5
7dd020d86f193c29bdb549f2032bb94fd6a4198953091ad1b5f0ee7f972ea32d
7ea208827e3e7bd45aa4791bc24e24829e43ce868ae98aae1b64716385fc715a
7eb87661521cbb7369647c7802e6c6337fc80cb6b5b60fd0367be34840385a6b
80605dd6653d1705776c10448f6fc7453bcf6de08ae0551f8b79b2c3b986729f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
886430890562cc216ae31a8047f07542f8df8c11f9465f9b08a8dd2da529ac9a
895a9abb219fd2af30ad07d7ed904c321249fa5d6a7cf966e69586443ff2ebca
8de6474077a4de6a0c24e148148224ff9d6db70fe6106f68cfa5d1c5fb662e15
8f2785438782b356c073e613402dde20e04e41d681182856c77567519189c5d3
9026401935a6468a2b2059c3a10aa1accacd71d7271ecf88783be350973434fb
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef
9102e7d07194ef0d231630e5acb69d75f2e44f6c48610aa0f8330fbb6fa2794b
91cf772cd44e8756f72bdd23c66cbc3d90c9f4a413630174cdc9e062849335aa
91fe4ad83167a86b3a2dd3b67b6399d674f58ca32aad07ef6d70b0a3c0ed5ba0
9906b2ed9453fed2b77840d0ea4d5b06daf480ded94f05e06552d3e2ae3c2a2e
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9d38fd5af2f1903f7c961c464a1d37b6440d3f1a6ef5aa05bae0c313cc770f6b
9ebbd916b6c322597da4b1ac0ef4bbbf04d00339cfc619424a99f929b69e608e
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
a0d3dca392f666cddf8352f8a10199e9ae93d2afc53117e013fae88327489d28
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a22cbf3800d778b03a80843c036086abe0d123b4972119595a7cf2e496436c0c
a2aef314df12ae580d00c62eefebf69a2b75933357aa9acfd3a47d2d20660573
a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524
a9fd6767e0eb0c1a89951dcc353c5295a8f68b37e98c7f80046af7361e1065f9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b225a6c2aa4475b396186859cc56261197675631daeeaa7b7346906fcf2828dd
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8
b780530f7153de0fb942eea156dc0e1acf9b3ccb694b44866892b2710d5404c3
b79adf570b66bcd072b6f3ea35e760f7433030c083c686a08b6ba740f532098a
bccf89159d4632529e77ddcafa9a0b27cde760845f880e52b5f7537421de00b5
be76c042dc8a900e73128ccbea6752f5a9ce88ed1eb37283f37f8eafb35af411
bfbbd0772eda291e13d714b63c76011a05b1a830ee633732e379b487cb076dd8
c14c7d89d2f50cfddff9e5ab56ce377d0ca5ff385e2a6a22809235253f6e6dc5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d9017d9d9d4b6de42f1ae0056ab997ca8acd04f0402aab2060f0afc16eb47c
c384290752dc11491ddc621b4a7cb2c3294e1254998d245abdd6b52fac36515a
c57925d1d9f3f0682b8dfb694988ca8f7caf0362da8999e5c5c1fd5dd038b842
c62195b74b679afaf7051f3996694e08e337c2abfeeaa12961afff3a337b9500
c93b0af5c7708f3e8c5dae65e13bee02380d5a9276152cbfd0cbd799e52dcbd8
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
cc1e01a0cb1d9580a5a09c33f9ffbad6d5d664231253c43de6311ce453429c1c
cc255e9375acf8b38f5c4a0196069265d59935349e85d8986629746d08ef8411
cf09cf4fe3ac51fe7db563cbfbf53adb16d17d75d4288002358bc883012f5461
d041681ad7b48ebd3e8eaf22937c7235b8c1ea0cf9069ec2fb88dcd42d3f9588
d04c01926dc18bb1aa1b0b07f12bb45c930a8c868f0b65e4c9961eaafa614c21
d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13
d3ed6cb466bd654fe36c57faacb1c88ad4e2793087431d6ffc5366961a4c978f
d83a7fcbef496d0ac909a41f946273275740e291089a985ec269e2ad6bad7dbb
d85fdb38867dbfd85d49d3711045f03ba72cccfc3217003f911b34d18a05d580
d8b469cf425c528a8c897dfeced255c181b941de8bfba6c2d4b0cfd2189e464c
d8ecd573b4fb59d68fa623f4c5c2130e470b82ae559e4f86e6a891fcc80e1362
d903a35a90276fed8d286f4de9f6ab44db076826cdb14a82d2e418aeb79b92ac
dbe74252035fd1cda8b03e76098b49b0530e2e9470b004549f628b1e840e6694
dc131657068707ac57506e3053ea092a346e7364ec91bc922b4f78921e73a9e4
dc342e0b812b60f9ca39e6215bdb9fbf1b09c24ec4f80cd70f8996ad17495be4
dcceb11f03c0aa3e1c68614f39982c056a202bf4d6d3f855c1482dc0034894d9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deac7e66c014fc3fb33614f3878d9ca2c2fbfce2ffd80ad6a2355875a0f4ba96
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfe83bd7c16bf942110e8738c45005e773272ee751ac0022c1e87a35585fb1d3
e1987730f22b5962851d069c53afbabfb14e1f7114aecbbeef0925615387a3e8
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b60cd22e43f8632e046c95bf6847774302efed5ac12b973b30f9a7902776de
e6dce58813b6c31ac1b5580aeb3ae39901f769c180619034702969bdb12e8b97
e772ceda9acb431a79146102ff272c8d2860bd1148224316ec8d1163d4eda18b
e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f
eb23842e002864729d3e39cf25f636f55d6fce297c0154dd6b54d1f5b815d671
ec021e4ffcfc369c56ef330186d9ec1abaa9648bf86a2fb9bf397b19edd635be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c74b13317c38c648227a79ea87b8506f9de531010094c47537fc117ec21fd3
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f5f9fabf5def6c14f22f8bb87dbea8bab02c4a336f7c184ead31aaddca428197
fa2b6b4f17e0e354d76e730c49f67f67f5bce41c522a02909e9f64d0ea1ed385
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd04d094b2397c4a5ae1238f524c2be317229d628c82efbc029fa02437b0842f
fe7ec77584ca08b2e86b4a7a7061236a59fe704eb72c94b723d4e49f8dd829ea
ff5fa34b7b4add78cedae128a55a17cadb6865f39c1788d9f9b6c315b06fb613

www.herocosmetics.us Open in urlscan Pro 23.227.38.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

220 Requests

83 %HTTPS

33 %IPv6

76 Domains

95 Subdomains

59 IPs

5 Countries

5828 kBTransfer

10043 kBSize

107 Cookies

15 Outgoing links

Page URL History

Redirected requests

220 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.herocosmetics.us Open in urlscan Pro
23.227.38.74 Public Scan

Screenshot
Live screenshot

Full Image

220
Requests

83 %
HTTPS

33 %
IPv6

76
Domains

95
Subdomains

59
IPs

5
Countries

5828 kB
Transfer

10043 kB
Size

107
Cookies

220 HTTP transactions
0 data transactions