URL: https://novaapple.com/
Submission: On December 05 via api from US — Scanned from DE

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 43 HTTP transactions. The main IP is 65.254.248.137, located in United States and belongs to BIZLAND-SD, US. The main domain is novaapple.com.
TLS certificate: Issued by E6 on October 19th 2024. Valid for: 3 months.
This is the only time novaapple.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 65.254.248.137 29873 (BIZLAND-SD)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.18.10.207 13335 (CLOUDFLAR...)
6 3.68.36.177 16509 (AMAZON-02)
3 142.250.185.100 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
5 2600:9000:206... 16509 (AMAZON-02)
1 142.250.184.227 15169 (GOOGLE)
2 157.240.0.35 32934 (FACEBOOK)
1 2600:9000:249... 16509 (AMAZON-02)
1 13.33.216.144 16509 (AMAZON-02)
43 12
Apex Domain
Subdomains
Transfer
7 cloudfront.net
d34ikvsdm2rlij.cloudfront.net
d1oxsl77a1kjht.cloudfront.net
d3cy3u1txmkqs3.cloudfront.net
321 KB
6 ecwid.com
app.ecwid.com — Cisco Umbrella Rank: 50610
5 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
993 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
212 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
76 KB
2 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3540
48 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
1 gstatic.com
www.gstatic.com
218 KB
1 novaapple.com
novaapple.com
15 KB
0 glomaxaesthetics.com Failed
www.glomaxaesthetics.com Failed
43 10
Domain Requested by
6 app.ecwid.com novaapple.com
d34ikvsdm2rlij.cloudfront.net
5 d34ikvsdm2rlij.cloudfront.net app.ecwid.com
d34ikvsdm2rlij.cloudfront.net
3 www.google.com novaapple.com
www.gstatic.com
2 www.facebook.com novaapple.com
2 connect.facebook.net novaapple.com
connect.facebook.net
2 netdna.bootstrapcdn.com novaapple.com
netdna.bootstrapcdn.com
2 fonts.googleapis.com novaapple.com
1 d3cy3u1txmkqs3.cloudfront.net d34ikvsdm2rlij.cloudfront.net
1 d1oxsl77a1kjht.cloudfront.net d34ikvsdm2rlij.cloudfront.net
1 www.gstatic.com www.google.com
1 novaapple.com
0 www.glomaxaesthetics.com Failed novaapple.com
43 12
Subject Issuer Validity Valid
*.novaapple.com
E6
2024-10-19 -
2025-01-17
3 months crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
bootstrapcdn.com
WE1
2024-11-18 -
2025-02-16
3 months crt.sh
*.ecwid.com
Amazon RSA 2048 M03
2024-06-06 -
2025-07-06
a year crt.sh
*.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-13 -
2024-12-12
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
*.gstatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh

This page contains 3 frames:

Primary Page: https://novaapple.com/
Frame ID: 1F4955571438708CB29D6A5829087331
Requests: 39 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d997.2024619649995!2d103.84599961002415!3d1.2882562100711543!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da190abe1205f7%3A0x1eba0db8455228d3!2sGlomax+Aesthetics!5e0!3m2!1sen!2ssg!4v1545806494716
Frame ID: 7BCC18E8E85829F78128B793FAFAB858
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeS1t4UAAAAACU34uOC_xCYKHh6jVWpD43TLogF&co=aHR0cHM6Ly9ub3ZhYXBwbGUuY29tOjQ0Mw..&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&theme=light&size=invisible&badge=bottomright&cb=dazfh8if8k0v
Frame ID: 35B365CE3CCF3357D6C7A3DFF30C8F7C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Glomax Aesthetics

Detected technologies

Overall confidence: 100%
Detected patterns
  • https://app\.ecwid\.com/script\.js

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

43
Requests

60 %
HTTPS

27 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

687 kB
Transfer

2864 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://www.glomaxaesthetics.com/wp-content/uploads/2018/01/gen_logo-e1595237838814.png HTTP 307
  • https://www.glomaxaesthetics.com/wp-content/uploads/2018/01/gen_logo-e1595237838814.png
Request Chain 14
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://www.glomaxaesthetics.com/wp-content/uploads/2020/06/glomaxaestheticspteltd_1.jpeg HTTP 307
  • https://www.glomaxaesthetics.com/wp-content/uploads/2020/06/glomaxaestheticspteltd_1.jpeg
Request Chain 15
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://www.glomaxaesthetics.com/wp-content/uploads/2020/06/glomaxaestheticspteltd_3.jpeg HTTP 307
  • https://www.glomaxaesthetics.com/wp-content/uploads/2020/06/glomaxaestheticspteltd_3.jpeg
Request Chain 16
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://www.glomaxaesthetics.com/wp-content/uploads/2014/04/unsplash_528c31f66181e_1.jpg HTTP 307
  • https://www.glomaxaesthetics.com/wp-content/uploads/2014/04/unsplash_528c31f66181e_1.jpg
Request Chain 17
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://www.glomaxaesthetics.com/wp-content/uploads/2014/03/parallax-services.jpg HTTP 307
  • https://www.glomaxaesthetics.com/wp-content/uploads/2014/03/parallax-services.jpg
Request Chain 18
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://www.glomaxaesthetics.com/wp-content/uploads/2014/03/parallax-contact.jpg HTTP 307
  • https://www.glomaxaesthetics.com/wp-content/uploads/2014/03/parallax-contact.jpg
Request Chain 19
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img,w_2000/https://www.glomaxaesthetics.com/wp-content/uploads/2020/06/Banner7B.png HTTP 307
  • https://www.glomaxaesthetics.com/wp-content/uploads/2020/06/Banner7B.png
Request Chain 20
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img,w_1024/https://www.glomaxaesthetics.com/wp-content/uploads/2020/07/Nofilterskin06A-e1595128198409-1024x261.png HTTP 307
  • https://www.glomaxaesthetics.com/wp-content/uploads/2020/07/Nofilterskin06A-e1595128198409-1024x261.png
Request Chain 21
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img,w_300/https://www.glomaxaesthetics.com/wp-content/uploads/2020/07/Nofilterskin07-300x210.png HTTP 307
  • https://www.glomaxaesthetics.com/wp-content/uploads/2020/07/Nofilterskin07-300x210.png
Request Chain 34
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img,w_180,h_180/https://www.glomaxaesthetics.com/wp-content/uploads/2020/07/glomax-small-logo-transparent-e1595238143381.png HTTP 307
  • https://www.glomaxaesthetics.com/wp-content/uploads/2020/07/glomax-small-logo-transparent-e1595238143381.png
Request Chain 35
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img,w_32,h_32/https://www.glomaxaesthetics.com/wp-content/uploads/2017/11/android-icon-36x36.png HTTP 307
  • https://www.glomaxaesthetics.com/wp-content/uploads/2017/11/android-icon-36x36.png
Request Chain 36
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img,w_192,h_192/https://www.glomaxaesthetics.com/wp-content/uploads/2017/11/android-icon-36x36.png HTTP 307
  • https://www.glomaxaesthetics.com/wp-content/uploads/2017/11/android-icon-36x36.png

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
novaapple.com/
80 KB
15 KB
Document
General
Full URL
https://novaapple.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
65.254.248.137 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
65-254-248-137.yourhostingaccount.com
Software
Apache /
Resource Hash
777506584d5aa2e062c5f0b3f3328e8e3b4bdc27e70f6651df0ed63562171b03

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Age
0
Cache-Control
max-age=300
Connection
keep-alive
Content-Encoding
gzip
Content-Length
15159
Content-Type
text/html
Date
Thu, 05 Dec 2024 10:33:15 GMT
ETag
"141fa-6286ed7aa1898-gzip"
Expires
Thu, 05 Dec 2024 10:38:15 GMT
Last-Modified
Wed, 04 Dec 2024 09:59:50 GMT
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
Vary
Accept-Encoding,User-Agent
X-Endurance-Cache-Level
3
autoptimize_99a075ee6afd93ccda1bad1a8db1083d.css
www.glomaxaesthetics.com/wp-content/cache/autoptimize/css/
0
0

css
fonts.googleapis.com/
34 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C300%2C600%2C700%2C800&ver=5.7.11
Requested by
Host: novaapple.com
URL: https://novaapple.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc11a59578f38539ffefed886665bcb2c189ce33880ed9a0735e47a44b6173bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://novaapple.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 10:33:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 10:33:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 05 Dec 2024 10:33:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/3.2.1/css/
22 KB
5 KB
Stylesheet
General
Full URL
https://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.min.css?ver=1.3.9
Requested by
Host: novaapple.com
URL: https://novaapple.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://novaapple.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"7fbe76cdac6093784895bb4989203e5a"
age
622900
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 05 Dec 2024 10:33:15 GMT
last-modified
Mon, 25 Jan 2021 22:04:51 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
10/29/2024 05:20:43
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
291c3ba8fa01560c259eaf9685d1db36
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.05
cf-ray
8ed360816e51d22f-FRA
access-control-allow-origin
*
cdn-edgestorageid
1067
server
cloudflare
cdn-requestcountrycode
US
/
www.glomaxaesthetics.com/
0
0

autoptimize_single_36ea4805809e6b690c2f5126a0808297.css
www.glomaxaesthetics.com/wp-content/cache/autoptimize/css/
0
0

css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%2C600%7COswald%3A500&subset=latin&ver=1621497595
Requested by
Host: novaapple.com
URL: https://novaapple.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d845527151f69ef01c7af58683d6b53eb3a9c63c0585b4cba4372ec35e826fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://novaapple.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 10:33:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 10:33:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 05 Dec 2024 10:33:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery.min.js
www.glomaxaesthetics.com/wp-includes/js/jquery/
0
0

gen_logo-e1595237838814.png
www.glomaxaesthetics.com/wp-content/uploads/2018/01/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://www.glomaxaesthetics.com/wp-content/uploads/2018/01/gen_logo-e1595237838814.png
  • https://www.glomaxaesthetics.com/wp-content/uploads/2018/01/gen_logo-e1595237838814.png
0
0

script.js
app.ecwid.com/
7 KB
3 KB
Script
General
Full URL
https://app.ecwid.com/script.js?28623172&data_platform=wporg&lang=en
Requested by
Host: novaapple.com
URL: https://novaapple.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.36.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-36-177.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fba7a56c870af26287268f5c57e5dadca631ace0d685a4c9800046acb758be01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://novaapple.com/

Response headers

Link
<https://d3cy3u1txmkqs3.cloudfront.net/rosetta>; rel=preconnect, <https://d2j6dbq0eux0bg.cloudfront.net>; rel=preconnect, <https://d1oxsl77a1kjht.cloudfront.net>; rel=preconnect, <https://d34ikvsdm2rlij.cloudfront.net/>; rel=preconnect, <https://app.ecwid.com:443>; rel=preconnect
Cache-Control
no-cache
Content-Encoding
gzip
ETag
296661927
Connection
keep-alive
Content-Length
2283
Date
Thu, 05 Dec 2024 10:33:16 GMT
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding
Server
nginx
api.js
www.google.com/recaptcha/
1 KB
993 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=anr_onloadCallback&render=explicit
Requested by
Host: novaapple.com
URL: https://novaapple.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
ESF /
Resource Hash
182d67911171e1b7ba44f06bb712fecf0b969bd6da1bfe85c9d1abfc2c7f4836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://novaapple.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 10:33:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Thu, 05 Dec 2024 10:33:16 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
autoptimize_9be4bd228c9590193436df81292ae349.js
www.glomaxaesthetics.com/wp-content/cache/autoptimize/js/
0
0

script.js
app.ecwid.com/
0
124 B
Other
General
Full URL
https://app.ecwid.com/script.js?28623172&data_platform=wporg&lang=en
Requested by
Host: novaapple.com
URL: https://novaapple.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.36.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-36-177.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://novaapple.com/

Response headers

Link
<https://d3cy3u1txmkqs3.cloudfront.net/rosetta>; rel=preconnect, <https://d2j6dbq0eux0bg.cloudfront.net>; rel=preconnect, <https://d1oxsl77a1kjht.cloudfront.net>; rel=preconnect, <https://d34ikvsdm2rlij.cloudfront.net/>; rel=preconnect, <https://app.ecwid.com:443>; rel=preconnect
Cache-Control
no-cache
Content-Encoding
gzip
ETag
296661927
Content-Length
2283
Date
Thu, 05 Dec 2024 10:33:16 GMT
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding
Server
nginx
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: novaapple.com
URL: https://novaapple.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-cuM1iqaP' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://novaapple.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 05 Dec 2024 10:33:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-cuM1iqaP' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4428, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
QxOr2IERKYZS6HgDyBS/JiAnDQAvonFagPB/0yU8n8lXjBbf5Jg+72tt51cpu0Cnkeu2aCFQPH6WhOtxvB8ctg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62212
x-xss-protection
0
origin-agent-cluster
?1
embed
www.google.com/maps/ Frame 7BCC
0
0
Document
General
Full URL
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d997.2024619649995!2d103.84599961002415!3d1.2882562100711543!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da190abe1205f7%3A0x1eba0db8455228d3!2sGlomax+Aesthetics!5e0!3m2!1sen!2ssg!4v1545806494716
Requested by
Host: novaapple.com
URL: https://novaapple.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-zn-2GQakwNfY5JeqMlhzVw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://novaapple.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1463
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-zn-2GQakwNfY5JeqMlhzVw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Thu, 05 Dec 2024 10:33:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0
glomaxaestheticspteltd_1.jpeg
www.glomaxaesthetics.com/wp-content/uploads/2020/06/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://www.glomaxaesthetics.com/wp-content/uploads/2020/06/glomaxaestheticspteltd_1.jpeg
  • https://www.glomaxaesthetics.com/wp-content/uploads/2020/06/glomaxaestheticspteltd_1.jpeg
0
0

glomaxaestheticspteltd_3.jpeg
www.glomaxaesthetics.com/wp-content/uploads/2020/06/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://www.glomaxaesthetics.com/wp-content/uploads/2020/06/glomaxaestheticspteltd_3.jpeg
  • https://www.glomaxaesthetics.com/wp-content/uploads/2020/06/glomaxaestheticspteltd_3.jpeg
0
0

unsplash_528c31f66181e_1.jpg
www.glomaxaesthetics.com/wp-content/uploads/2014/04/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://www.glomaxaesthetics.com/wp-content/uploads/2014/04/unsplash_528c31f66181e_1.jpg
  • https://www.glomaxaesthetics.com/wp-content/uploads/2014/04/unsplash_528c31f66181e_1.jpg
0
0

parallax-services.jpg
www.glomaxaesthetics.com/wp-content/uploads/2014/03/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://www.glomaxaesthetics.com/wp-content/uploads/2014/03/parallax-services.jpg
  • https://www.glomaxaesthetics.com/wp-content/uploads/2014/03/parallax-services.jpg
0
0

parallax-contact.jpg
www.glomaxaesthetics.com/wp-content/uploads/2014/03/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://www.glomaxaesthetics.com/wp-content/uploads/2014/03/parallax-contact.jpg
  • https://www.glomaxaesthetics.com/wp-content/uploads/2014/03/parallax-contact.jpg
0
0

Banner7B.png
www.glomaxaesthetics.com/wp-content/uploads/2020/06/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img,w_2000/https://www.glomaxaesthetics.com/wp-content/uploads/2020/06/Banner7B.png
  • https://www.glomaxaesthetics.com/wp-content/uploads/2020/06/Banner7B.png
0
0

Nofilterskin06A-e1595128198409-1024x261.png
www.glomaxaesthetics.com/wp-content/uploads/2020/07/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img,w_1024/https://www.glomaxaesthetics.com/wp-content/uploads/2020/07/Nofilterskin06A-e1595128198409-1024x261.png
  • https://www.glomaxaesthetics.com/wp-content/uploads/2020/07/Nofilterskin06A-e1595128198409-1024x261.png
0
0

Nofilterskin07-300x210.png
www.glomaxaesthetics.com/wp-content/uploads/2020/07/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img,w_300/https://www.glomaxaesthetics.com/wp-content/uploads/2020/07/Nofilterskin07-300x210.png
  • https://www.glomaxaesthetics.com/wp-content/uploads/2020/07/Nofilterskin07-300x210.png
0
0

474097773352801
connect.facebook.net/signals/config/
76 KB
16 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/474097773352801?v=2.9.178&r=stable&domain=novaapple.com&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
993e27936cb485620e1a83cc26f758679678318a620149c37256cbdbea671abd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ZiT7IY7q' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://novaapple.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 05 Dec 2024 10:33:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ZiT7IY7q' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=77, mss=1232, tbw=70410, tp=66, tpl=0, uplat=381, ullat=0
pragma
public
x-fb-debug
DOIovHbNC/XFJjcpe/Tws6Eu34USTfcKk2sHPHip226zsJNESClfD15w7szthaLrjkDrsdNi3LWeQBybZ3AW+g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
ecommerce.js
d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/
53 KB
16 KB
Script
General
Full URL
https://d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/ecommerce.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?28623172&data_platform=wporg&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9800:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70181912bdbdd8b023b4d77963cd5d0427a0edc4792e3ccaf089efc2105dfa9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://novaapple.com
Referer
https://novaapple.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
QgUgRwYp.ngbY.aGyOxRmcqgCOIApV32
etag
W/"55105a262ee39db677b3f95789f89cfb"
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
qOFnUCAQtZKlPmGqnQ5sEalrhBkHTwH16YlpS9sD92x_g3S-Mbqlaw==
date
Thu, 05 Dec 2024 10:33:17 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Thu, 05 Dec 2024 08:56:42 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
55105a262ee39db677b3f95789f89cfb
cache-control
public, max-age=31536000
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/3.2.1/font/
43 KB
43 KB
Font
General
Full URL
https://netdna.bootstrapcdn.com/font-awesome/3.2.1/font/fontawesome-webfont.woff?v=3.2.1
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.min.css?ver=1.3.9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://novaapple.com
Referer
https://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.min.css?ver=1.3.9

Response headers

cdn-status
200
cf-cache-status
MISS
etag
"b683029bafe0305ac2234038a03e1541"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 05 Dec 2024 10:33:16 GMT
content-type
font/woff
last-modified
Mon, 25 Jan 2021 22:04:51 GMT
cdn-cachedat
08/20/2022 02:34:02
cdn-cache
HIT
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
1
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
bd0b6b1af03e931bbc53dea2a4fb0dc4
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.02
cf-ray
8ed3608589ca3600-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
43572
cdn-edgestorageid
722
server
cloudflare
cdn-requestcountrycode
DE
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/
549 KB
218 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=anr_onloadCallback&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://novaapple.com
Referer
https://novaapple.com/

Response headers

content-encoding
gzip
age
7744
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 05 Dec 2025 08:24:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 08:24:12 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222835
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/api2/ Frame 35B3
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeS1t4UAAAAACU34uOC_xCYKHh6jVWpD43TLogF&co=aHR0cHM6Ly9ub3ZhYXBwbGUuY29tOjQ0Mw..&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&theme=light&size=invisible&badge=bottomright&cb=dazfh8if8k0v
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-v-VrJh49ynYVGon0kK3IHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://novaapple.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-v-VrJh49ynYVGon0kK3IHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Dec 2024 10:33:16 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/
0
19 B
Image
General
Full URL
https://www.facebook.com/tr/?id=474097773352801&ev=PageView&dl=https%3A%2F%2Fnovaapple.com&rl=&if=false&ts=1733394796650&sw=1600&sh=1200&v=2.9.178&r=stable&a=wordpress-5.7.11-3.0.5&ec=0&o=12316&fbp=fb.1.1733394796649.112478194386666369&pm=1&hrl=7dfc23&ler=empty&cdl=API_unavailable&it=1733394796239&coo=false&cs_cc=1&rqm=GET
Requested by
Host: novaapple.com
URL: https://novaapple.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://novaapple.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4480, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 05 Dec 2024 10:33:16 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
193 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=474097773352801&ev=PageView&dl=https%3A%2F%2Fnovaapple.com&rl=&if=false&ts=1733394796650&sw=1600&sh=1200&v=2.9.178&r=stable&a=wordpress-5.7.11-3.0.5&ec=0&o=12316&fbp=fb.1.1733394796649.112478194386666369&pm=1&hrl=7dfc23&ler=empty&cdl=API_unavailable&it=1733394796239&coo=false&cs_cc=1&rqm=FGET
Requested by
Host: novaapple.com
URL: https://novaapple.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://novaapple.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7444873960424011377"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 05 Dec 2024 10:33:16 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
s3EZ98fb3ic4FRS7jX08WQRqvQBgl8gixf18T1Myok/ADdIENzI+UiAmXBqnfOrmtJup341W/2xwYhi47BMaww==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7444873960424011377", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4848, tp=13, tpl=0, uplat=178, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
bootstrap
app.ecwid.com/storefront/api/v1/28623172/
621 B
1 KB
Fetch
General
Full URL
https://app.ecwid.com/storefront/api/v1/28623172/bootstrap
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/ecommerce.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.36.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-36-177.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
008d58ec95b2896987228113f81282d3efd6f64ee993c6eb557a6a98e2b71ebe

Request headers

x-ec-initiator
browser
Referer
https://novaapple.com/
x-ec-forced-tracing-enabled
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json

Response headers

Link
<https://d3cy3u1txmkqs3.cloudfront.net/rosetta>; rel=preconnect, <https://d2j6dbq0eux0bg.cloudfront.net>; rel=preconnect, <https://d1oxsl77a1kjht.cloudfront.net>; rel=preconnect, <https://d34ikvsdm2rlij.cloudfront.net/>; rel=preconnect, <https://app.ecwid.com:443>; rel=preconnect
Access-Control-Max-Age
600
Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Methods
GET,POST,PUT,PATCH,DELETE
Access-Control-Allow-Origin
*
Content-Length
355
Date
Thu, 05 Dec 2024 10:33:18 GMT
Content-Type
application/json;charset=utf-8
Vary
Accept-Encoding
Server
nginx
Access-Control-Allow-Headers
Authorization, x-ec-initiator, traceparent, Content-Type, X-Ecwid-Auth-Profile, X-Ecwid-Device-Measurement, X-Ec-Forced-Tracing-Enabled
bootstrap
app.ecwid.com/storefront/api/v1/28623172/ Frame
0
0
Preflight
General
Full URL
https://app.ecwid.com/storefront/api/v1/28623172/bootstrap
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.36.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-36-177.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ec-forced-tracing-enabled,x-ec-initiator
Access-Control-Request-Method
POST
Origin
https://novaapple.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
Authorization, x-ec-initiator, traceparent, Content-Type, X-Ecwid-Auth-Profile, X-Ecwid-Device-Measurement, X-Ec-Forced-Tracing-Enabled
Access-Control-Allow-Methods
GET,POST,PUT,PATCH,DELETE
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Connection
keep-alive
Content-Length
0
Date
Thu, 05 Dec 2024 10:33:17 GMT
Server
nginx
apps-startup.js
d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/
25 KB
9 KB
Script
General
Full URL
https://d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/apps-startup.js
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/ecommerce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9800:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c48e7a7b24327da8c9b61382acc09c1b8383a99fd1db9aa61eca718780b8c43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://novaapple.com
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
4CbNMSU4YO.N_qzTwaAbSzEWx3UpzDyt
etag
W/"98b616e9a9b1336c718a3865bad07760"
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
UwZHd-smzmxWNvgdtVtgvAiUSH8v5LzAKZc2daq_8zVCs_QP1o2zBA==
date
Thu, 05 Dec 2024 10:33:18 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Thu, 05 Dec 2024 08:56:41 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
98b616e9a9b1336c718a3865bad07760
cache-control
public, max-age=31536000
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
shared.js
d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/
140 KB
38 KB
Script
General
Full URL
https://d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/shared.js
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/ecommerce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9800:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
542c3455da0620b470ab88faa2d16d73cc0ff3561d61d278c97fbd969cd708bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://novaapple.com
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
OU6kS_T6xDIxKqGutcaaw6_Yqxyem5xB
etag
W/"056ff675c0ae1072c345d4cb7e3aacb7"
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
9B1BvdMjvAgAuSu_ZlY0d13LqqWUgr19lJMoWj26xM3Hm7pYlnMAvQ==
date
Thu, 05 Dec 2024 10:33:18 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Thu, 05 Dec 2024 08:56:43 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
056ff675c0ae1072c345d4cb7e3aacb7
cache-control
public, max-age=31536000
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor.js
d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/
182 KB
67 KB
Script
General
Full URL
https://d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/vendor.js
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/ecommerce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9800:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8a4c25072d49656753ed58885ff536ece5b63752204d86a9b43b932ce35178a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://novaapple.com
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
412XMS0TdgKuCc1.xl9bpvPdDSQpyp9J
etag
W/"6f835183bad1b53208bd853cc10fa50f"
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
YFobvhT1kFBL53PxYkjjO8SZqigNQPkMX1fkRzuSVkReBu9R7ud9kA==
date
Thu, 05 Dec 2024 10:33:18 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Thu, 05 Dec 2024 08:56:42 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
6f835183bad1b53208bd853cc10fa50f
cache-control
public, max-age=31536000
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
glomax-small-logo-transparent-e1595238143381.png
www.glomaxaesthetics.com/wp-content/uploads/2020/07/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img,w_180,h_180/https://www.glomaxaesthetics.com/wp-content/uploads/2020/07/glomax-small-logo-transparent-e1595238143381.png
  • https://www.glomaxaesthetics.com/wp-content/uploads/2020/07/glomax-small-logo-transparent-e1595238143381.png
0
0

android-icon-36x36.png
www.glomaxaesthetics.com/wp-content/uploads/2017/11/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img,w_32,h_32/https://www.glomaxaesthetics.com/wp-content/uploads/2017/11/android-icon-36x36.png
  • https://www.glomaxaesthetics.com/wp-content/uploads/2017/11/android-icon-36x36.png
0
0

android-icon-36x36.png
www.glomaxaesthetics.com/wp-content/uploads/2017/11/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/q_glossy,ret_img,w_192,h_192/https://www.glomaxaesthetics.com/wp-content/uploads/2017/11/android-icon-36x36.png
  • https://www.glomaxaesthetics.com/wp-content/uploads/2017/11/android-icon-36x36.png
0
0

new
d1oxsl77a1kjht.cloudfront.net/css/
1 MB
109 KB
Stylesheet
General
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=-1788343195&ownerid=28623172&id-selector=html%23ecwid_html%20body%23ecwid_body&color-foreground=rgb(0%2C%200%2C%200)&color-price=rgb(0%2C%200%2C%200)&color-background=white&color-link=rgb(0%2C%200%2C%20238)&font-family=%22Times%20New%20Roman%22&frontendV2=true
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/ecommerce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:f400:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
32db232b355c7438627b83a22e4af8de1b607715fc12dfdee7582b7f87277629
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://novaapple.com/

Response headers

strict-transport-security
max-age=15724800
cache-control
public, max-age=31536000
content-encoding
gzip
etag
"-1788343195"
via
1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
ORQaUzJTzg2Pcu0uIxD_-jTbzt_OFXM3D5GgZrRiSOMX5S61JAJgnA==
date
Thu, 05 Dec 2024 10:33:18 GMT
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx/1.19.0
x-amz-cf-pop
FRA56-P7
new-frontend.en.1577608738.js
d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/
285 KB
78 KB
Script
General
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/new-frontend.en.1577608738.js
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/ecommerce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.216.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-216-144.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b73b07f7d2cda4f11cd0a7858fa9de96c01964142937e8b6c4e4a3390fe50702

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://novaapple.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=31536000
content-encoding
gzip
x-amz-version-id
v7.Drx2tFuAZ8pzL7rAD1M5o2bAbWbGX
etag
W/"d3440267953117e857ed672fc7f6f6de"
age
77375
via
1.1 6a5eda21ba47fc7b4d3ca7ac7a9ac958.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Lh8PbhUY7_e4sl0GT2_fVTk8XnYIqyskxPfaFBnKwCC_PKnQS4l85g==
date
Wed, 04 Dec 2024 13:03:44 GMT
content-type
application/javascript;charset=UTF-8
last-modified
Wed, 04 Dec 2024 12:59:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
x-amz-server-side-encryption
AES256
apps-minicart-v2.js
d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/
9 KB
4 KB
Script
General
Full URL
https://d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/apps-minicart-v2.js
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/ecommerce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9800:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8c76c7b623621b54eeffc96241f55c7e084f60593f6d633b195296601cd354b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://novaapple.com
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
wb6KyYzBn8U7qnzer_m76tPIUZra3CFi
etag
W/"bb87dd66da520534aac7043d2e05315c"
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
_vRsdiAPJCibLKJ84mZbrxbRNQtNVDhChcF8zh0ETLpjmGxxnmp4Lw==
date
Thu, 05 Dec 2024 10:33:19 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Thu, 05 Dec 2024 08:56:43 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
bb87dd66da520534aac7043d2e05315c
cache-control
public, max-age=31536000
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
initial-data
app.ecwid.com/storefront/api/v1/28623172/
322 B
732 B
Fetch
General
Full URL
https://app.ecwid.com/storefront/api/v1/28623172/initial-data
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/storefront/static/2024/2024-52886-gdad4febadec1ef/ecommerce.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.36.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-36-177.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a465f0d86900b74a3337ac86989c4c339313605d726208dc225f2d4da3f9e789

Request headers

x-ec-initiator
browser
Referer
https://novaapple.com/
x-ec-forced-tracing-enabled
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Methods
GET,POST,PUT,PATCH,DELETE
Access-Control-Allow-Origin
*
Content-Length
238
Date
Thu, 05 Dec 2024 10:33:19 GMT
Content-Type
application/json;charset=utf-8
Vary
Accept-Encoding
Server
nginx
Access-Control-Allow-Headers
Authorization, x-ec-initiator, traceparent, Content-Type, X-Ecwid-Auth-Profile, X-Ecwid-Device-Measurement, X-Ec-Forced-Tracing-Enabled
initial-data
app.ecwid.com/storefront/api/v1/28623172/ Frame
0
0
Preflight
General
Full URL
https://app.ecwid.com/storefront/api/v1/28623172/initial-data
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.36.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-36-177.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ec-forced-tracing-enabled,x-ec-initiator
Access-Control-Request-Method
POST
Origin
https://novaapple.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
Authorization, x-ec-initiator, traceparent, Content-Type, X-Ecwid-Auth-Profile, X-Ecwid-Device-Measurement, X-Ec-Forced-Tracing-Enabled
Access-Control-Allow-Methods
GET,POST,PUT,PATCH,DELETE
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Connection
keep-alive
Content-Length
0
Date
Thu, 05 Dec 2024 10:33:18 GMT
Server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-content/cache/autoptimize/css/autoptimize_99a075ee6afd93ccda1bad1a8db1083d.css
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/?sccss=1&ver=5.7.11
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-content/cache/autoptimize/css/autoptimize_single_36ea4805809e6b690c2f5126a0808297.css?ver=5.7.11
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-content/uploads/2018/01/gen_logo-e1595237838814.png
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-content/cache/autoptimize/js/autoptimize_9be4bd228c9590193436df81292ae349.js
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-content/uploads/2020/06/glomaxaestheticspteltd_1.jpeg
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-content/uploads/2020/06/glomaxaestheticspteltd_3.jpeg
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-content/uploads/2014/04/unsplash_528c31f66181e_1.jpg
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-content/uploads/2014/03/parallax-services.jpg
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-content/uploads/2014/03/parallax-contact.jpg
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-content/uploads/2020/06/Banner7B.png
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-content/uploads/2020/07/Nofilterskin06A-e1595128198409-1024x261.png
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-content/uploads/2020/07/Nofilterskin07-300x210.png
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-content/uploads/2020/07/glomax-small-logo-transparent-e1595238143381.png
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-content/uploads/2017/11/android-icon-36x36.png
Domain
www.glomaxaesthetics.com
URL
https://www.glomaxaesthetics.com/wp-content/uploads/2017/11/android-icon-36x36.png

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ecwidParams object| dt_loader object| dt_styles object| ec function| fbq function| _fbq function| setREVStartSize boolean| isEcwidV3StorefrontLoaded function| getEcwidV2Object function| getEcwidV2ObjectName function| getEcwidV3Object function| ecwid_onBodyDone function| xAffiliate function| xAddToBag function| xCategories function| xCategoriesV2 function| xMinicart function| xProduct function| xProductBrowser function| xProductThumbnail function| xSearch function| xSearchPanel function| xSingleProduct function| xVCategories object| EcwidCart object| Ecwid function| onEcommerceReady object| ht_ccw_var object| wpcf7 object| vals object| dt_handler object| dt_parallax_VppjW object| dt_parallax_Og6N2 object| dt_parallax_oggxO object| dt_parallax_nxmem object| dt_parallax_5341d object| dt_parallax_d4uHj object| dt_parallax_8P3TR object| dt_parallax_2uXEw object| dt_parallax_VSx4G object| dt_parallax_PeFdg object| dt_parallax_DPOjJ object| dt_parallax_4yia0 object| dt_parallax_MWRjd object| dt_parallax_Bitt2 object| dt_parallax_dKKRg object| dt_parallax_Lcetj object| ga function| anr_onloadCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_279541 object| _xnext_initialization_scripts function| Ecommerce function| EcommerceGlobals object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| __vueuse_ssr_handlers__ string| css_selectors_prefix object| ecwidMessages boolean| __VUE__ string| rosettaLanguageCode object| rosettaMessages

1 Cookies

Domain/Path Name / Value
.novaapple.com/ Name: _fbp
Value: fb.1.1733394796649.112478194386666369

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.ecwid.com
connect.facebook.net
d1oxsl77a1kjht.cloudfront.net
d34ikvsdm2rlij.cloudfront.net
d3cy3u1txmkqs3.cloudfront.net
fonts.googleapis.com
netdna.bootstrapcdn.com
novaapple.com
www.facebook.com
www.glomaxaesthetics.com
www.google.com
www.gstatic.com
www.glomaxaesthetics.com
104.18.10.207
13.33.216.144
142.250.184.227
142.250.185.100
157.240.0.35
157.240.0.6
2600:9000:206f:9800:1f:58b3:eac0:21
2600:9000:2491:f400:1c:b536:2c40:21
2a00:1450:4001:813::200a
3.68.36.177
65.254.248.137
008d58ec95b2896987228113f81282d3efd6f64ee993c6eb557a6a98e2b71ebe
182d67911171e1b7ba44f06bb712fecf0b969bd6da1bfe85c9d1abfc2c7f4836
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
2d845527151f69ef01c7af58683d6b53eb3a9c63c0585b4cba4372ec35e826fe
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
32db232b355c7438627b83a22e4af8de1b607715fc12dfdee7582b7f87277629
4c48e7a7b24327da8c9b61382acc09c1b8383a99fd1db9aa61eca718780b8c43
542c3455da0620b470ab88faa2d16d73cc0ff3561d61d278c97fbd969cd708bc
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
70181912bdbdd8b023b4d77963cd5d0427a0edc4792e3ccaf089efc2105dfa9d
777506584d5aa2e062c5f0b3f3328e8e3b4bdc27e70f6651df0ed63562171b03
993e27936cb485620e1a83cc26f758679678318a620149c37256cbdbea671abd
a465f0d86900b74a3337ac86989c4c339313605d726208dc225f2d4da3f9e789
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b73b07f7d2cda4f11cd0a7858fa9de96c01964142937e8b6c4e4a3390fe50702
b8c76c7b623621b54eeffc96241f55c7e084f60593f6d633b195296601cd354b
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
dc11a59578f38539ffefed886665bcb2c189ce33880ed9a0735e47a44b6173bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8a4c25072d49656753ed58885ff536ece5b63752204d86a9b43b932ce35178a
fba7a56c870af26287268f5c57e5dadca631ace0d685a4c9800046acb758be01