URL: https://www.crystalbarsoap.com/
Submission Tags: @phishunt_io
Submission: On February 16 via api from DE — Scanned from CA

Summary

This website contacted 43 IPs in 3 countries across 37 domains to perform 141 HTTP transactions. The main IP is 23.227.38.32, located in Canada and belongs to CLOUDFLARENET, US. The main domain is www.crystalbarsoap.com.
TLS certificate: Issued by R3 on February 1st 2022. Valid for: 3 months.
This is the only time www.crystalbarsoap.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 23.227.38.32 13335 (CLOUDFLAR...)
43 2a04:4e42:200... 54113 (FASTLY)
2 2600:1400:d:5... 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
7 2600:1400:d:5... 20940 (AKAMAI-ASN1)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 52.85.61.129 16509 (AMAZON-02)
2 2620:116:800b... 14618 (AMAZON-AES)
1 23.227.38.33 13335 (CLOUDFLAR...)
4 52.0.73.255 14618 (AMAZON-AES)
6 104.16.254.71 13335 (CLOUDFLAR...)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2600:1400:d:4... 20940 (AKAMAI-ASN1)
5 23.216.132.67 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.218.178.144 16509 (AMAZON-02)
1 54.230.244.62 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.197.160.218 14618 (AMAZON-AES)
1 2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
1 8 23.198.216.196 16625 (AKAMAI-AS)
2 142.251.40.194 15169 (GOOGLE)
6 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 34.139.78.128 15169 (GOOGLE)
1 2600:9000:220... 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2600:9000:220... 16509 (AMAZON-02)
3 151.101.2.133 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.223.88.197 14618 (AMAZON-AES)
2 192.229.163.223 15133 (EDGECAST)
2 151.101.130.133 54113 (FASTLY)
1 18.214.154.98 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
141 43
Apex Domain
Subdomains
Transfer
37 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2239
1 MB
16 yotpo.com
cdn-widgetsrepository.yotpo.com — Cisco Umbrella Rank: 13725
staticw2.yotpo.com — Cisco Umbrella Rank: 6424
p.yotpo.com — Cisco Umbrella Rank: 5999
cdn-widget-assets.yotpo.com — Cisco Umbrella Rank: 16569
loyalty.yotpo.com — Cisco Umbrella Rank: 20640
cdn-loyalty.yotpo.com — Cisco Umbrella Rank: 15047
cdn-swell-assets.yotpo.com — Cisco Umbrella Rank: 13554
584 KB
6 pushapis.xyz
webpush.pushapis.xyz — Cisco Umbrella Rank: 162545
894 B
6 shopifysvc.com
monorail-edge.shopifysvc.com — Cisco Umbrella Rank: 2918
1 KB
6 shopifycdn.com
fonts.shopifycdn.com — Cisco Umbrella Rank: 4796
productreviews.shopifycdn.com — Cisco Umbrella Rank: 8939
84 KB
6 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 250
fonts.googleapis.com — Cisco Umbrella Rank: 35
68 KB
6 crystalbarsoap.com
www.crystalbarsoap.com
138 KB
5 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 3797
static-tracking.klaviyo.com — Cisco Umbrella Rank: 4158
30 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1062
69 KB
4 pinterest.ca
www.pinterest.ca — Cisco Umbrella Rank: 24947
15 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
654 B
4 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 810
www.pinterest.com — Cisco Umbrella Rank: 1008
2 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
201 KB
2 hextom.com
cdn.hextom.com — Cisco Umbrella Rank: 12625
epb.hextom.com — Cisco Umbrella Rank: 29886
22 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
16 KB
2 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 723
140 B
2 google.ca
www.google.ca — Cisco Umbrella Rank: 8810
565 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
525 B
2 bestpush.io
cdn.bestpush.io — Cisco Umbrella Rank: 106462
3 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
2 KB
2 cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
dhv2ziothpgrr.cloudfront.net
77 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
68 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 667
19 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 829
pixel.quantserve.com — Cisco Umbrella Rank: 374
10 KB
2 loyaltylion.net
sdk.loyaltylion.net — Cisco Umbrella Rank: 21756
31 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610
7 KB
1 gstatic.com
fonts.gstatic.com
24 KB
1 smsbump.com
subscription-forms.smsbump.com — Cisco Umbrella Rank: 34244
231 B
1 automizely.com
widgets.automizely.com — Cisco Umbrella Rank: 23309
12 KB
1 dttrk.com
dttrk.com — Cisco Umbrella Rank: 60323
2 KB
1 shopifycloud.com
geolocation-recommendations.shopifycloud.com — Cisco Umbrella Rank: 15929
26 KB
1 amazonaws.com
s3-us-west-2.amazonaws.com
23 KB
1 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 17283
444 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 770
353 B
1 shop.app
shop.app — Cisco Umbrella Rank: 5495
1013 B
1 restock-alerts.com
app.restock-alerts.com — Cisco Umbrella Rank: 94200
78 KB
141 37
Domain Requested by
37 cdn.shopify.com www.crystalbarsoap.com
cdn.shopify.com
6 webpush.pushapis.xyz cdn.shopify.com
6 monorail-edge.shopifysvc.com cdn.shopify.com
6 www.crystalbarsoap.com cdn.shopify.com
5 analytics.tiktok.com cdn.shopify.com
analytics.tiktok.com
5 staticw2.yotpo.com www.crystalbarsoap.com
staticw2.yotpo.com
cdn.shopify.com
4 www.pinterest.ca s.pinimg.com
www.crystalbarsoap.com
4 www.facebook.com www.crystalbarsoap.com
4 fonts.googleapis.com staticw2.yotpo.com
dhv2ziothpgrr.cloudfront.net
cdn-swell-assets.yotpo.com
4 p.yotpo.com cdn-widgetsrepository.yotpo.com
www.crystalbarsoap.com
4 fonts.shopifycdn.com cdn.shopify.com
3 static.klaviyo.com www.crystalbarsoap.com
static.klaviyo.com
3 ct.pinterest.com cdn.shopify.com
www.crystalbarsoap.com
3 connect.facebook.net cdn.shopify.com
connect.facebook.net
2 static-tracking.klaviyo.com static.klaviyo.com
2 cdn-swell-assets.yotpo.com cdn-loyalty.yotpo.com
cdn-swell-assets.yotpo.com
2 productreviews.shopifycdn.com www.crystalbarsoap.com
productreviews.shopifycdn.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 sessions.bugsnag.com cdn.shopify.com
2 www.google.ca www.crystalbarsoap.com
2 www.google.com 1 redirects www.crystalbarsoap.com
2 cdn.bestpush.io app.restock-alerts.com
2 www.googletagmanager.com cdn.shopify.com
www.googletagmanager.com
2 s.pinimg.com cdn.shopify.com
s.pinimg.com
2 www.google-analytics.com cdn.shopify.com
www.crystalbarsoap.com
2 cdn-widget-assets.yotpo.com cdn-widgetsrepository.yotpo.com
cdn-widget-assets.yotpo.com
2 sdk.loyaltylion.net www.crystalbarsoap.com
2 ajax.googleapis.com www.crystalbarsoap.com
productreviews.shopifycdn.com
1 maxcdn.bootstrapcdn.com cdn-swell-assets.yotpo.com
1 fonts.gstatic.com fonts.googleapis.com
1 subscription-forms.smsbump.com cdn.shopify.com
1 epb.hextom.com cdn.shopify.com
1 www.pinterest.com 1 redirects
1 widgets.automizely.com www.crystalbarsoap.com
1 dhv2ziothpgrr.cloudfront.net www.crystalbarsoap.com
1 dttrk.com www.crystalbarsoap.com
1 cdn-loyalty.yotpo.com www.crystalbarsoap.com
1 cdn.hextom.com www.crystalbarsoap.com
1 geolocation-recommendations.shopifycloud.com www.crystalbarsoap.com
1 googleads.g.doubleclick.net 1 redirects
1 loyalty.yotpo.com cdn.shopify.com
1 stats.g.doubleclick.net cdn.shopify.com
1 pixel.quantserve.com www.crystalbarsoap.com
1 d2wy8f7a9ursnm.cloudfront.net cdn.shopify.com
1 s3-us-west-2.amazonaws.com www.crystalbarsoap.com
1 tinyurl.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 shop.app cdn.shopify.com
1 secure.quantserve.com www.crystalbarsoap.com
1 app.restock-alerts.com www.crystalbarsoap.com
1 cdn-widgetsrepository.yotpo.com www.crystalbarsoap.com
141 51

This site contains links to these domains. Also see Links.

Domain
facebook.com
pinterest.com
www.instagram.com
www.shopify.com
Subject Issuer Validity Valid
www.crystalbarsoap.com
R3
2022-02-01 -
2022-05-02
3 months crt.sh
cdn.shopify.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-20 -
2022-05-22
a year crt.sh
*.yotpo.com
DigiCert SHA2 Secure Server CA
2021-05-25 -
2022-06-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-10-22 -
2022-10-21
a year crt.sh
loyaltylion.net
Amazon
2021-06-14 -
2022-07-13
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
shop.app
R3
2022-01-23 -
2022-04-23
3 months crt.sh
monorail-edge.shopifysvc.com
R3
2022-01-31 -
2022-05-01
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-11-25 -
2022-02-23
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-26 -
2022-08-05
a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-13 -
2023-01-13
a year crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.yotpo.xyz
Amazon
2021-09-04 -
2022-10-03
a year crt.sh
www.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.google.ca
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-05 -
2022-05-05
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
geolocation-recommendations.shopifycloud.com
R3
2022-01-24 -
2022-04-24
3 months crt.sh
*.hextom.com
Amazon
2021-05-16 -
2022-06-14
a year crt.sh
static.klaviyo.com
R3
2022-01-23 -
2022-04-23
3 months crt.sh
*.automizely.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-09 -
2022-03-12
a year crt.sh
static-tracking.klaviyo.com
R3
2022-01-31 -
2022-05-01
3 months crt.sh
smsbump.com
Amazon
2021-02-23 -
2022-03-24
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.crystalbarsoap.com/
Frame ID: C4FC09F97E67F39CD630A5E4573BEE41
Requests: 135 HTTP requests in this frame

Frame: https://www.pinterest.ca/ct.html
Frame ID: D1D37AD82E50F1AA45F16D1AA27F20AD
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3D717C54E45274673EF4C4BDAA788E94
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 64E3673782242688678D4EB6AADBC58D
Requests: 1 HTTP requests in this frame

Frame: https://cdn-swell-assets.yotpo.com/bootstrap.min.css
Frame ID: 159F06881699C1AD95579C8F0F104434
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Crystal Bar Soap - Female Owned Crystal Infused Bath Products.

Detected technologies

Overall confidence: 25%
Detected patterns
  • <link[^>]+=['"]//cdn\.shopify\.com

Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • klaviyo\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

141
Requests

99 %
HTTPS

61 %
IPv6

37
Domains

51
Subdomains

43
IPs

3
Countries

2686 kB
Transfer

9323 kB
Size

35
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://tinyurl.com/hgdsuhu HTTP 301
  • https://s3-us-west-2.amazonaws.com/addressvalidator/pobox_checker.js
Request Chain 105
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945880556/?random=2135591369&cv=9&fst=1644976819479&num=1&label=ub4cCOmh2IoBEOz7g8MD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DCrystal%20Bar%20Soap%20-%20Female%20Owned%20Crystal%20Infused%20Bath%20Products.&frm=0&url=https%3A%2F%2Fwww.crystalbarsoap.com%2F&tiba=Crystal%20Bar%20Soap%20-%20Female%20Owned%20Crystal%20Infused%20Bath%20Products.&auid=284187313.1644976819&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=s1oMYq2yIJaNoPMP39iyIA&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/945880556/?random=2135591369&cv=9&fst=1644976819479&num=1&label=ub4cCOmh2IoBEOz7g8MD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DCrystal%20Bar%20Soap%20-%20Female%20Owned%20Crystal%20Infused%20Bath%20Products.&frm=0&url=https%3A%2F%2Fwww.crystalbarsoap.com%2F&tiba=Crystal%20Bar%20Soap%20-%20Female%20Owned%20Crystal%20Infused%20Bath%20Products.&auid=284187313.1644976819&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=s1oMYq2yIJaNoPMP39iyIA&random=4143183964&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.ca/pagead/1p-conversion/945880556/?random=2135591369&cv=9&fst=1644976819479&num=1&label=ub4cCOmh2IoBEOz7g8MD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DCrystal%20Bar%20Soap%20-%20Female%20Owned%20Crystal%20Infused%20Bath%20Products.&frm=0&url=https%3A%2F%2Fwww.crystalbarsoap.com%2F&tiba=Crystal%20Bar%20Soap%20-%20Female%20Owned%20Crystal%20Infused%20Bath%20Products.&auid=284187313.1644976819&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=s1oMYq2yIJaNoPMP39iyIA&random=4143183964&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 116
  • https://www.pinterest.com/ct.html HTTP 302
  • https://www.pinterest.ca/ct.html

141 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.crystalbarsoap.com/
318 KB
44 KB
Document
General
Full URL
https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
dd3f188b47ddc1459e9782b345d6a08983b72b18f30f921f010dd1c071243796
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
content-type
text/html; charset=utf-8
x-sorting-hat-podid
48
x-sorting-hat-shopid
11125866
x-storefront-renderer-rendered
1
link
<https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-alternate-cache-key
cacheable:92f7ee728d2182f0f98bb0cad53139e9
x-cache
miss
x-frame-options
DENY
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
strict-transport-security
max-age=7889238
x-shopid
11125866
x-shardid
48
vary
Accept
content-language
en
x-shopify-stage
production
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-request-id
ff2b1ce7-82fb-4ee2-87d8-ddc261d37e1a
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-download-options
noopen
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6de32e7729e7547f-YYZ
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fancybox.css
cdn.shopify.com/s/files/1/1112/5866/t/128/assets/
13 KB
3 KB
Stylesheet
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/fancybox.css?v=1927803431663513770
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
12e9c00c05589f43db27d8d5a52fb64d04cd566f99ba1b39e71d5b4edfff6f03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=58.264,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
2840
x-xss-protection
1; mode=block
x-request-id
5ccf3731aad0b6af2dae0beeddf1fa11
x-served-by
cache-lga13625-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976818.406562,VS0,VE58
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/fancybox.css>; rel="canonical"
x-cache-hits
1, 1
styles.css
cdn.shopify.com/s/files/1/1112/5866/t/128/assets/
341 KB
51 KB
Stylesheet
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/styles.css?v=14892712763676278695
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
024029328b735f32b5c5c91a3154e9aa66a1a8737d1e8666cae68fdf84514f27
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=1.690,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
51817
x-xss-protection
1; mode=block
x-request-id
ca912924487467be0b7346c0a7e6e4c6
x-served-by
cache-lga21953-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976818.406248,VS0,VE2
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/styles.css>; rel="canonical"
x-cache-hits
1, 1
jquery.min.js
cdn.shopify.com/s/files/1/1112/5866/t/128/assets/
86 KB
29 KB
Script
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/jquery.min.js?v=8104923654797467163
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=1.661,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
29769
x-xss-protection
1; mode=block
x-request-id
c81a950c248e645932d24fca9ec90a74
x-served-by
cache-lga21964-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976818.406740,VS0,VE2
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/jquery.min.js>; rel="canonical"
x-cache-hits
1, 1
vendors.js
cdn.shopify.com/s/files/1/1112/5866/t/128/assets/
336 KB
99 KB
Script
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/vendors.js?v=2732077819924264327
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
e1ac75c6ac44641a54af8846226c0d4166fd27a0a7756ea33fcac6d7a3d365e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=28.004,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
100965
x-xss-protection
1; mode=block
x-request-id
69d53f8fb6fe5027dcf3b055fe59cbbd
x-served-by
cache-lga21931-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976818.406767,VS0,VE28
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/vendors.js>; rel="canonical"
x-cache-hits
1, 1
sections.js
cdn.shopify.com/s/files/1/1112/5866/t/128/assets/
92 KB
17 KB
Script
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/sections.js?v=17437143779476897390
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
49ce1bcc8000a9164713bc621adaf0252c7b8de2ba0f6ab08abf6e60cb9ea827
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=1.042,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
16747
x-xss-protection
1; mode=block
x-request-id
22595c6a913684fb109e675e259df2ab
x-served-by
cache-lga21982-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976818.407100,VS0,VE1
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/sections.js>; rel="canonical"
x-cache-hits
1, 1
utilities.js
cdn.shopify.com/s/files/1/1112/5866/t/128/assets/
44 KB
11 KB
Script
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/utilities.js?v=9880865075774540923
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
9273ed15dad007049caf8f9bcf8cc7e3fa3dd8c0dde8f39c4234807ea9025a7c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=1.135,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
10789
x-xss-protection
1; mode=block
x-request-id
62c4c6804bf8922f34e2595a6b5f82c2
x-served-by
cache-lga21953-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976818.407699,VS0,VE1
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/utilities.js>; rel="canonical"
x-cache-hits
1, 1
app.js
cdn.shopify.com/s/files/1/1112/5866/t/128/assets/
36 KB
10 KB
Script
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/app.js?v=12617550085582655837
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
a058d9d94ada96e8f0b737c7d8e8296a81eb060359c8425a1dc9191bc427b029
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=1.797,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
9523
x-xss-protection
1; mode=block
x-request-id
a5f7c6b43cba6ea77477653fbc446c0a
x-served-by
cache-lga21964-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976818.407400,VS0,VE2
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/app.js>; rel="canonical"
x-cache-hits
1, 1
Z-Lp2VTbu3verordQSpEGw
cdn-widgetsrepository.yotpo.com/v1/loader/
197 KB
24 KB
Script
General
Full URL
https://cdn-widgetsrepository.yotpo.com/v1/loader/Z-Lp2VTbu3verordQSpEGw
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:581::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ae5be089809e50cbb4f2f7cf35cd42b08b326a0cd4222ebd591e0826ebb91da0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
l5d-success-class
1.0
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
24372
currencies.js
cdn.shopify.com/s/files/1/1112/5866/t/128/assets/
16 KB
3 KB
Script
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/currencies.js?v=9584546661715858806
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
e6ce3ce3d3cdb82223925f9031ed2a9af9c3794639252d2c452825b9e3306f8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=0.853,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
2919
x-xss-protection
1; mode=block
x-request-id
9e611f0c7d7efe4e50dfe88bc1e3722c
x-served-by
cache-lga21961-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976818.479500,VS0,VE1
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/currencies.js>; rel="canonical"
x-cache-hits
1, 1
instantclick.min.js
cdn.shopify.com/s/files/1/1112/5866/t/128/assets/
6 KB
2 KB
Script
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/instantclick.min.js?v=2009242200098068415
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
a27262d18290667944abecd62f7c89a24441ff29e26a2b4de33f9a97684a0b50
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=1.335,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
2239
x-xss-protection
1; mode=block
x-request-id
96bd7712f727cdba1daa2a8fb49c9c04
x-served-by
cache-lga21975-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976818.488567,VS0,VE1
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/instantclick.min.js>; rel="canonical"
x-cache-hits
1, 1
load_feature-64e843c1303628716d235ee0f58a0645b4455b5066181b3a49b0707594c3fe89.js
cdn.shopify.com/shopifycloud/shopify/assets/storefront/
10 KB
3 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-64e843c1303628716d235ee0f58a0645b4455b5066181b3a49b0707594c3fe89.js
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12822-YUL /
Resource Hash
64e843c1303628716d235ee0f58a0645b4455b5066181b3a49b0707594c3fe89
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crystalbarsoap.com/
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=0.220,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
2790
x-xss-protection
1; mode=block
x-request-id
01ed4e01c1ff49900ac9ae1712128fd5
x-served-by
cache-lga13626-LGA, cache-yul12822-YUL
server
cache-yul12822-YUL
x-timer
S1644976819.509050,VS0,VE0
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-64e843c1303628716d235ee0f58a0645b4455b5066181b3a49b0707594c3fe89.js>; rel="canonical"
x-cache-hits
1, 1292391
storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js
cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/
49 KB
17 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js?v=20210208
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12822-YUL /
Resource Hash
b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crystalbarsoap.com/
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=0.208,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
17353
x-xss-protection
1; mode=block
x-request-id
e6dfe2566243e86db9e886107c8e90f3
x-served-by
cache-lga21934-LGA, cache-yul12822-YUL
server
cache-yul12822-YUL
x-timer
S1644976819.509319,VS0,VE0
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js>; rel="canonical"
x-cache-hits
4, 1619668
features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js
cdn.shopify.com/shopifycloud/shopify/assets/storefront/
37 KB
12 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12822-YUL /
Resource Hash
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crystalbarsoap.com/
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=0.112,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
12298
x-xss-protection
1; mode=block
x-request-id
e2306559e74cd241e094843a1c9af675
x-served-by
cache-lga21941-LGA, cache-yul12822-YUL
server
cache-yul12822-YUL
x-timer
S1644976819.509226,VS0,VE0
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
x-cache-hits
1, 2445336
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/
90 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 05:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Feb 2023 05:12:23 GMT
crystal-bar-logo-2_410x.png
cdn.shopify.com/s/files/1/1112/5866/files/
1 KB
2 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/files/crystal-bar-logo-2_410x.png
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
c9ee86a7b0b180b7d255d349407d6a9a5d3e94e3867cd82e713c7d00060edba6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=2.123,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
1352
x-xss-protection
1; mode=block
x-request-id
b035db56943f506f804f7160ad940984
x-served-by
cache-lga21937-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976818.490308,VS0,VE2
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/files/crystal-bar-logo-2_410x.png>; rel="canonical"
x-cache-hits
1, 1
herbal-apothecary-logo-2_ded6662c-77d6-4cdf-b71f-665de566f137_410x.png
cdn.shopify.com/s/files/1/1112/5866/files/
1 KB
2 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/files/herbal-apothecary-logo-2_ded6662c-77d6-4cdf-b71f-665de566f137_410x.png
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
0dbbfd2740c7e2633fc1a6cc03f517851942ea2fc4ddc188d32c80595690d8a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=1.392,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
1264
x-xss-protection
1; mode=block
x-request-id
055b106f9e988d50cd437c3d3612e7ba
x-served-by
cache-lga13624-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976818.490576,VS0,VE1
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/files/herbal-apothecary-logo-2_ded6662c-77d6-4cdf-b71f-665de566f137_410x.png>; rel="canonical"
x-cache-hits
1, 1
logogogdgog_410x.png
cdn.shopify.com/s/files/1/1112/5866/files/
7 KB
8 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/files/logogogdgog_410x.png?v=1617489647
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
0fd1bb71866f9aec24f3ffc50c4f985e5fe2f5d0343dcf6b8470a6079aead360
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=1.998,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
7678
x-xss-protection
1; mode=block
x-request-id
b2f740d91581bfb4c2cb151eb5d16e1e
x-served-by
cache-lga21969-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976818.490906,VS0,VE2
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/files/logogogdgog_410x.png>; rel="canonical"
x-cache-hits
1, 1
logogogog_410x.png
cdn.shopify.com/s/files/1/1112/5866/files/
7 KB
8 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/files/logogogog_410x.png?v=1617472224
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
4861d578315cd3375ac2a1af841015c8974e4164ba69bca60b45da7b5203c8c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=1.534,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
7640
x-xss-protection
1; mode=block
x-request-id
c34e75284cb2a81c77e1d04f8a0d5edb
x-served-by
cache-lga21922-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976818.490595,VS0,VE2
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/files/logogogog_410x.png>; rel="canonical"
x-cache-hits
1, 1
widget.js
staticw2.yotpo.com/qj6FsdUoIZNo9eLBrs95sha6jIA1OLmY4YCapn4B/
444 KB
120 KB
Script
General
Full URL
https://staticw2.yotpo.com/qj6FsdUoIZNo9eLBrs95sha6jIA1OLmY4YCapn4B/widget.js
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:585::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.1 /
Resource Hash
af15906bac622388316153c7c87feadaddd03abf440b24572adad362f3440715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=HIT, edge; dur=13
vary
Accept-Encoding
content-length
121855
x-xss-protection
1; mode=block
x-request-id
e59333aee2b4064bbd903b408ed51c8d
x-runtime
0.014760
server
nginx/1.19.1
x-frame-options
SAMEORIGIN
etag
W/"703f4ef1f4888941be57bbd66a20b3fe"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3812
access-control-allow-credentials
true
access-control-allow-headers
*
restock-alerts.js
app.restock-alerts.com/v1/shopify/8ep6qv6357k600xd/
307 KB
78 KB
Script
General
Full URL
https://app.restock-alerts.com/v1/shopify/8ep6qv6357k600xd/restock-alerts.js?webpush=True
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d5f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dba5bc33d0ebd00051f1348154343ad0dcd3ef8db61f5c3a815f2f3780e5f0c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
content-encoding
br
vary
Accept-Encoding, Origin
cf-cache-status
EXPIRED
last-modified
Tue, 15 Feb 2022 22:56:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow
GET, HEAD, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27MhwwImo%2FS2oh%2FUjh7wtUjvQawGJFU7uvtd6kR%2Bu%2FvoMhsEZ1Yd9dJDM7l%2BOxDKGnkT2hUpoX33Fn3LHOmP%2BgenQIg1Y11cyNr5D5qBcvNDDdcjJ0GWQyNdqVc281ZfTGVGSNyPDYdi2LemSs%2BzXa1%2F%2BwDZ"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6de32e7bc8537136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
loader.js
sdk.loyaltylion.net/static/2/
107 KB
31 KB
Script
General
Full URL
https://sdk.loyaltylion.net/static/2/loader.js?t=2022116
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-129.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93d2c513238194a5e85c0036684985698a8c2f8e4755225fb574d014ba948287

Request headers

Referer
https://www.crystalbarsoap.com/
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:55:31 GMT
content-encoding
br
vary
Access-Control-Request-Headers,Access-Control-Request-Method
age
289
x-cache
Hit from cloudfront
content-length
30764
access-control-allow-origin
*
last-modified
Mon, 31 Jan 2022 15:51:18 GMT
server
AmazonS3
etag
"de5cbe8121d09273304a9aaccd10978b"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
max-age=1200, s-maxage=300, must-revalidate
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
x-amz-cf-id
c1BrCgz1SLDLyhXZyQPsIZx_xNv-elBIZf9W5_Kz0aRgrYEKApkXxA==
f2e909d574a72606862584276634eb71.js
sdk.loyaltylion.net/sdk/start/
264 B
671 B
Script
General
Full URL
https://sdk.loyaltylion.net/sdk/start/f2e909d574a72606862584276634eb71.js?t=20221162
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-129.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
5d6281d8b29f81e221f79d932ddd95b97b6aa36e98647f3ba24000acb4c09922

Request headers

Referer
https://www.crystalbarsoap.com/
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-site-inactive
1
date
Wed, 16 Feb 2022 02:00:18 GMT
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
EWR53-P1
etag
W/"108-mTwUOZU+pCIV+TDisnNEzGVh18U"
x-cache-status
STALE
x-dns-prefetch-control
off
x-cache
RefreshHit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=120, must-revalidate
content-length
264
x-amz-cf-id
3glzXLlEYJ2Yc_jGH0LaPBLK6VwQNrjgpnIaMuK_5C80QRK94al4MA==
trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js
cdn.shopify.com/s/
77 KB
16 KB
Script
General
Full URL
https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
e368e55a7cfb23084f46da05742a25a68df2de08001cf191a05e3619da0f5b16
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=0.369,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
16056
x-xss-protection
1; mode=block
x-request-id
96c2c95b51ac40b881a41a602fbbe0ff
x-served-by
cache-lga21941-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976818.490870,VS0,VE0
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js>; rel="canonical"
x-cache-hits
1, 828659
shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
cdn.shopify.com/shopifycloud/shopify/assets/
8 KB
3 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=0.323,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
2560
x-xss-protection
1; mode=block
x-request-id
158c69eadb478c014c9d2720ba63b9ac
x-served-by
cache-lga21958-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976818.491108,VS0,VE0
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js>; rel="canonical"
x-cache-hits
1, 769016
truncated
/
72 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49b236e261ab3b02c0c935076af0b43e1566863a6f8aee15349b3d3486e553fb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
73 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e650e445ac0b2eade36e91e10055da2ff789caa4d8fb4ebf4dff891bd90adfc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
73 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
529747954d561c5b1c344cb06fa59f1548b43b093aed438e1e252b1d262176f3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
72 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4f9c342fb3353d2253bd0d737c0bc5fe312180f152bb2e2ccb9121b6ff5c195

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
73 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c94b380b23820201e77f21db8f7022b6bf099bd12d1e7ce0b033703d9aa22f99

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
72 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1eab061d1b9f4ed8ec06e875ee8d258a21097feb2b451518290e7f70288aaba

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
72 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
535d7ade94b74fa97118b56935014af927d876f81e682cd9235fbd5c1415d4bd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
anonymouspro_n4.07ee957a690588ec6a624bb45a81f197582274b5.woff2
fonts.shopifycdn.com/anonymous_pro/
20 KB
20 KB
Font
General
Full URL
https://fonts.shopifycdn.com/anonymous_pro/anonymouspro_n4.07ee957a690588ec6a624bb45a81f197582274b5.woff2?h1=Y3J5c3RhbGJhcnNvYXAuY29t&h2=Y3J5c3RhbGJhcnNvYXBzLmNvbQ&h3=dGFyb3Rzb2Fwcy5jb20&h4=ZXRzeXNvYXBzLmNvbQ&h5=YW1hem9uc29hcHMuY29t&h6=em9kaWFjc29hcHMuY29t&h7=cGludGVyZXN0c29hcHMuY29t&h8=ZnVsbG1vb25zb2FwLmNvbQ&h9=YW1hem9uYmF0aGJvbWJzLmNvbQ&hmac=f1d98fd1880073e9931b1cbced2232e6ac6b863eb1a8fde2cbc5f853cc952f50
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/styles.css?v=14892712763676278695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
eeccf335cc5da1f19942fdb74a71afdee99dfc270cbcc6472cf4f51a58c597fb

Request headers

Referer
https://cdn.shopify.com/
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
via
1.1 varnish
age
7314049
x-guploader-uploadid
ADPycduFzaVM9DPvfGK7k7zwgaTqCCulewWoND2AvQxIxSRpX-RGuAQu5Ui0y0I6Q-SgsWpxTl1c7fV9GANyGM_SsvyQsYNE_A
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
20364
x-request-id
dc8b4960594c2704af9d6feb0cb99021fbb882e8f7351709214ba8f56104395f
x-served-by
cache-yul12822-YUL
last-modified
Fri, 12 Mar 2021 22:58:53 GMT
server
UploadServer
x-timer
S1644976819.522320,VS0,VE0
etag
"3d43bc2193c2c92746f13c2796dd72d9"
x-goog-hash
crc32c=2ZYuKQ==, md5=PUO8IZPCySdG8Twnlt1y2Q==
content-type
font/woff2
access-control-allow-origin
*
expires
Wed, 23 Nov 2022 10:19:29 GMT
cache-control
max-age=2629800, immutable
accept-ranges
bytes
x-cache-hits
218
loader.gif
cdn.shopify.com/s/files/1/1112/5866/t/128/assets/
5 KB
5 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/loader.gif
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/styles.css?v=14892712763676278695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
09d7475285219049ab5d66f610d2b08a86b88e317d62b96de43f50427577463a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/styles.css?v=14892712763676278695
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-image
proxied_with_processing
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=1.206,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
4697
x-xss-protection
1; mode=block
x-request-id
abb402c00ce1dd8e895c87f16261e68f
x-served-by
cache-lga21954-LGA, cache-yul12829-YUL
last-modified
Sat, 22 Jan 2022 05:49:20 GMT
server
cache-yul12829-YUL
x-timer
S1644976819.526981,VS0,VE1
date
Wed, 16 Feb 2022 02:00:18 GMT
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/gif
access-control-allow-origin
*
expires
Sun, 22 Jan 2023 05:49:20 GMT
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/loader.gif>; rel="canonical"
x-cache-hits
1, 1
clairenews_n3.4af7b0ec53781843c5c302a45fcaa3c06e81ed56.woff2
fonts.shopifycdn.com/claire_news/
13 KB
13 KB
Font
General
Full URL
https://fonts.shopifycdn.com/claire_news/clairenews_n3.4af7b0ec53781843c5c302a45fcaa3c06e81ed56.woff2?h1=Y3J5c3RhbGJhcnNvYXAuY29t&h2=Y3J5c3RhbGJhcnNvYXBzLmNvbQ&h3=dGFyb3Rzb2Fwcy5jb20&h4=ZXRzeXNvYXBzLmNvbQ&h5=YW1hem9uc29hcHMuY29t&h6=em9kaWFjc29hcHMuY29t&h7=cGludGVyZXN0c29hcHMuY29t&h8=ZnVsbG1vb25zb2FwLmNvbQ&h9=YW1hem9uYmF0aGJvbWJzLmNvbQ&hmac=2ad6d30d420fe98294bd8f2538207f84bcbecc0eac9cb8b43aad0a2d69a30bfb
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/styles.css?v=14892712763676278695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e0f382683644daac805cf635762b2155802c2738e2a6d981c82b1d424ced4715

Request headers

Referer
https://cdn.shopify.com/
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
via
1.1 varnish
age
7321231
x-guploader-uploadid
ADPycdtmVy6Yrjnszqop7FUfFDNJq1PEaO57JXlnHkfmY6DK-KtF5g_8tdELze2eb_ekHbpkiJfyAEfOMHcWHhF6gJM
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
12952
x-request-id
ec8077750e8a33c5c3c53ecf22e2c02dcf2f1a803921a56ca2cc3e3f9b8f39ec
x-served-by
cache-yul12822-YUL
last-modified
Fri, 12 Mar 2021 23:13:32 GMT
server
UploadServer
x-timer
S1644976819.539291,VS0,VE15
etag
"66c3a968a0e4173da836075c4aa2a016"
x-goog-hash
crc32c=l5Ol3w==, md5=ZsOpaKDkFz2oNgdcSqKgFg==
content-type
font/woff2
access-control-allow-origin
*
expires
Wed, 23 Nov 2022 08:19:47 GMT
cache-control
max-age=2629800, immutable
accept-ranges
bytes
x-cache-hits
6584
turbo.woff
cdn.shopify.com/s/files/1/1112/5866/t/128/assets/
3 KB
4 KB
Font
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/turbo.woff?v=15096657723668424478
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/styles.css?v=14892712763676278695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12822-YUL /
Resource Hash
2233a4c553461dafb2749167e57714372b4076caf40e878d445b5be83e8b85ca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/styles.css?v=14892712763676278695
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=1.077,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
3428
x-xss-protection
1; mode=block
x-request-id
7a8d8c11b7997b16f41c0305931ea90d
x-served-by
cache-lga21959-LGA, cache-yul12822-YUL
server
cache-yul12822-YUL
x-timer
S1644976819.539608,VS0,VE1
date
Wed, 16 Feb 2022 02:00:18 GMT
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/turbo.woff>; rel="canonical"
x-cache-hits
1, 1
inconsolata_n4.b3cebe055306e28abeae281104f635cb88cd6819.woff2
fonts.shopifycdn.com/inconsolata/
20 KB
20 KB
Font
General
Full URL
https://fonts.shopifycdn.com/inconsolata/inconsolata_n4.b3cebe055306e28abeae281104f635cb88cd6819.woff2?h1=Y3J5c3RhbGJhcnNvYXAuY29t&h2=Y3J5c3RhbGJhcnNvYXBzLmNvbQ&h3=dGFyb3Rzb2Fwcy5jb20&h4=ZXRzeXNvYXBzLmNvbQ&h5=YW1hem9uc29hcHMuY29t&h6=em9kaWFjc29hcHMuY29t&h7=cGludGVyZXN0c29hcHMuY29t&h8=ZnVsbG1vb25zb2FwLmNvbQ&h9=YW1hem9uYmF0aGJvbWJzLmNvbQ&hmac=484c5c229c478c06082d8117c006622c26c74004fb6a7d42c9c78072fc8bffcb
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/styles.css?v=14892712763676278695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e2e894921b3bb71a87e19499befbe12e2f19c18f9d4419ec679777100ae30f56

Request headers

Referer
https://cdn.shopify.com/
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
via
1.1 varnish
age
1019080
x-guploader-uploadid
ADPycdtH3ymwsyIyd6HTn0s1FKRxBXovcIM8mEb8DUNNto9_ust-3K6e0hJXMW7y6uLtWL0vOXx8K0F6k7XAblDsBpQDwl0RcQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
20628
x-request-id
1ac04bdf6545a1c95ee4737c0219799133802e53ad43508cd59b5557b8674cee
x-served-by
cache-yul12822-YUL
last-modified
Fri, 12 Mar 2021 22:33:57 GMT
server
UploadServer
x-timer
S1644976819.539714,VS0,VE0
etag
"6caef5e982beffa7c1ebdc1213b84a32"
x-goog-hash
crc32c=veFp+Q==, md5=bK716YK+/6fB69wSE7hKMg==
content-type
font/woff2
access-control-allow-origin
*
expires
Sat, 04 Feb 2023 06:55:38 GMT
cache-control
max-age=2629800, immutable
accept-ranges
bytes
x-cache-hits
28
oswald_n4.a5ee385bde39969d807f7f1297bf51d73fbf3c1e.woff2
fonts.shopifycdn.com/oswald/
18 KB
18 KB
Font
General
Full URL
https://fonts.shopifycdn.com/oswald/oswald_n4.a5ee385bde39969d807f7f1297bf51d73fbf3c1e.woff2?h1=Y3J5c3RhbGJhcnNvYXAuY29t&h2=Y3J5c3RhbGJhcnNvYXBzLmNvbQ&h3=dGFyb3Rzb2Fwcy5jb20&h4=ZXRzeXNvYXBzLmNvbQ&h5=YW1hem9uc29hcHMuY29t&h6=em9kaWFjc29hcHMuY29t&h7=cGludGVyZXN0c29hcHMuY29t&h8=ZnVsbG1vb25zb2FwLmNvbQ&h9=YW1hem9uYmF0aGJvbWJzLmNvbQ&hmac=20aeb15132d1315ee38e219256891e7fb007fc444eb861143f795a20629693aa
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1112/5866/t/128/assets/styles.css?v=14892712763676278695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9c3944b769ddf44d71901f79e6c659631ac29553689e0fde093be7e0636625fd

Request headers

Referer
https://cdn.shopify.com/
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
via
1.1 varnish
age
21827202
x-guploader-uploadid
ABg5-UxSGt4PCybTp3u6t7O_BB-8zDKko15wMlpTqC3A62_enqeKFdLeS3E3IrBrRmsUnSYhA0uxMiQ8W2lCRb-4VyQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
18500
x-request-id
eabc260dfef239bc793b5d73d85cfbf3a40c3a86b34725bc2a94f6248e1a0f2e
x-served-by
cache-yul12822-YUL
last-modified
Fri, 12 Mar 2021 22:44:45 GMT
server
UploadServer
x-timer
S1644976819.563713,VS0,VE0
etag
"888735abae3f16e2958a0830b030a091"
x-goog-hash
crc32c=YoufxA==, md5=iIc1q64/FuKViggwsDCgkQ==
content-type
font/woff2
access-control-allow-origin
*
expires
Wed, 08 Jun 2022 10:53:37 GMT
cache-control
max-age=2629800, immutable
accept-ranges
bytes
x-cache-hits
194968
quant.js
secure.quantserve.com/
24 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:44af:4f54:8af4:5563 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
content-encoding
gzip
etag
"yoD6mq4JTyPdtDBolW+GUg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 23 Feb 2022 02:00:18 GMT
Lovers_copy2_1200x.jpg
cdn.shopify.com/s/files/1/1112/5866/files/
113 KB
114 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/files/Lovers_copy2_1200x.jpg?v=1642612664
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
e4294b8c5bf1bb81e3e1cdc6f13bed29c8a4707f65a9b113ebd6fe6c3cf01c61
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=1.679,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
116166
x-xss-protection
1; mode=block
x-request-id
1db634470a81e4ca80db995ca43bf015
x-served-by
cache-lga21971-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976819.597670,VS0,VE2
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/files/Lovers_copy2_1200x.jpg>; rel="canonical"
x-cache-hits
1, 1
Snakecopy_400x.jpg
cdn.shopify.com/s/files/1/1112/5866/products/
57 KB
57 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/products/Snakecopy_400x.jpg?v=1642563454
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
df32ef3634d35ca0f8183ab6b6e45e6fa95948d7925625724180f2bc1057d24e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=1.378,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
58014
x-xss-protection
1; mode=block
x-request-id
bd9e5b9f134cf7dd3ba8345bed33b3c6
x-served-by
cache-lga21980-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976819.597915,VS0,VE1
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/products/Snakecopy_400x.jpg>; rel="canonical"
x-cache-hits
1, 1
GardenOfEdencopy_400x.jpg
cdn.shopify.com/s/files/1/1112/5866/products/
26 KB
26 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/products/GardenOfEdencopy_400x.jpg?v=1642612748
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
5392749346886c71389a5c30b9c484d1b1f7aaeacbb1e3f06a5d38193a7d579e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=1.911,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
26352
x-xss-protection
1; mode=block
x-request-id
30e53c9f4bb3336f92499ba4a6652a0f
x-served-by
cache-lga21975-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976819.599041,VS0,VE2
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/products/GardenOfEdencopy_400x.jpg>; rel="canonical"
x-cache-hits
1, 1
LoveDrawning_400x.jpg
cdn.shopify.com/s/files/1/1112/5866/products/
24 KB
25 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/products/LoveDrawning_400x.jpg?v=1629564890
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
fcd78ef33750d69af00b47b1751e0aa2781036e062ffc692e57e59790b6101ca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=1.702,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
24942
x-xss-protection
1; mode=block
x-request-id
eadc3744d9103cae514526a24b723ab4
x-served-by
cache-lga21935-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976819.599656,VS0,VE2
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/products/LoveDrawning_400x.jpg>; rel="canonical"
x-cache-hits
1, 1
LoveBloomscopy_400x.jpg
cdn.shopify.com/s/files/1/1112/5866/products/
57 KB
57 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/products/LoveBloomscopy_400x.jpg?v=1642562354
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
0301ac2c1af7df93f48f367546b53c2cfbcda3581cd19ee5354227b33966afb8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=1.791,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
58414
x-xss-protection
1; mode=block
x-request-id
a7792d0df17b649a930f337f2f4912a3
x-served-by
cache-lga21921-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976819.599700,VS0,VE2
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/products/LoveBloomscopy_400x.jpg>; rel="canonical"
x-cache-hits
1, 1
model-viewer.js
cdn.shopify.com/shopifycloud/model-viewer/v0.8/
119 KB
36 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/model-viewer/v0.8/model-viewer.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-64e843c1303628716d235ee0f58a0645b4455b5066181b3a49b0707594c3fe89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12822-YUL /
Resource Hash
3499ce2f80fa3ee8051c47973a41376374e85d9fe3f03d4b05a1ae50bd83bd97
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crystalbarsoap.com/
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=0.193,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
36233
x-xss-protection
1; mode=block
x-request-id
3b4678cf1a917c0592e998d0d3585668
x-served-by
cache-lga13626-LGA, cache-yul12822-YUL
server
cache-yul12822-YUL
x-timer
S1644976819.711954,VS0,VE0
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/model-viewer/v0.8/model-viewer.js>; rel="canonical"
x-cache-hits
1, 99
shopify-xr.en.js
cdn.shopify.com/shopifycloud/shopify-xr-js/v1.0/
94 KB
30 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/shopify-xr-js/v1.0/shopify-xr.en.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-64e843c1303628716d235ee0f58a0645b4455b5066181b3a49b0707594c3fe89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12822-YUL /
Resource Hash
0bc6696733a73498596ee70b895de68b3646c53fae8c47eb374592c6753fabbb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crystalbarsoap.com/
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=0.363,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
30976
x-xss-protection
1; mode=block
x-request-id
414a39164c541f1accacd3ed9876411c
x-served-by
cache-lga21951-LGA, cache-yul12822-YUL
server
cache-yul12822-YUL
x-timer
S1644976819.712103,VS0,VE0
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify-xr-js/v1.0/shopify-xr.en.js>; rel="canonical"
x-cache-hits
69, 179
model-viewer-ui.en.js
cdn.shopify.com/shopifycloud/model-viewer-ui/v1.0/
35 KB
12 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/model-viewer-ui/v1.0/model-viewer-ui.en.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-64e843c1303628716d235ee0f58a0645b4455b5066181b3a49b0707594c3fe89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12822-YUL /
Resource Hash
2845c4281b9bd9f98de9d9c2e2b9e1df03e8803e5add3149f9dfff0b11942400
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crystalbarsoap.com/
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=0.148,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
11766
x-xss-protection
1; mode=block
x-request-id
6c289227e9982cae47ee17f0e2dba2d1
x-served-by
cache-lga21936-LGA, cache-yul12822-YUL
server
cache-yul12822-YUL
x-timer
S1644976819.712158,VS0,VE0
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/model-viewer-ui/v1.0/model-viewer-ui.en.js>; rel="canonical"
x-cache-hits
55, 150
session
shop.app/pay/
18 B
1013 B
Fetch
General
Full URL
https://shop.app/pay/session?v=1
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js?v=20210208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.33 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
checkout.shopify.com
Software
cloudflare /
Resource Hash
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,us-east1
p3p
CP="Not used"
access-control-allow-methods
GET, OPTIONS
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
042a403b-be3f-4b8b-b90d-b5ea27f33a8f
x-runtime
0.005141
x-robots-tag
noindex
server
cloudflare
x-frame-options
DENY
etag
W/"9b5179ea2a77fe69b294fbd2ed504eac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.crystalbarsoap.com
vary
Accept-Encoding, Accept, Origin
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6de32e7d8cc654b5-YYZ
x-sorting-hat-podid
-1
access-control-expose-headers
bundle.js
p.yotpo.com/js/
42 KB
14 KB
Script
General
Full URL
https://p.yotpo.com/js/bundle.js
Requested by
Host: cdn-widgetsrepository.yotpo.com
URL: https://cdn-widgetsrepository.yotpo.com/v1/loader/Z-Lp2VTbu3verordQSpEGw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.73.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-73-255.compute-1.amazonaws.com
Software
nginx /
Resource Hash
34677893e517cafd730303991928856dea0f7563b13692bb80380f26a71c49a6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
content-encoding
gzip
last-modified
Wed, 11 Aug 2021 17:25:00 GMT
server
nginx
etag
W/"611407ec-a96b"
content-type
application/javascript
cache-control
max-age=86400, private
expires
Thu, 17 Feb 2022 02:00:18 GMT
app.v0.0.42-2673.js
cdn-widget-assets.yotpo.com/widgets-initializer/
24 KB
8 KB
Script
General
Full URL
https://cdn-widget-assets.yotpo.com/widgets-initializer/app.v0.0.42-2673.js
Requested by
Host: cdn-widgetsrepository.yotpo.com
URL: https://cdn-widgetsrepository.yotpo.com/v1/loader/Z-Lp2VTbu3verordQSpEGw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:585::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07323a01c0b955284041a6a883e72d6453c8904d37c42543eefe643389782aba

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
s_deQUz1uSMfrPgmHwG80AEFxDshkoOF
content-encoding
gzip
last-modified
Wed, 03 Nov 2021 08:04:29 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1635926668/atime:1635926668/md5:159abe855ef1924f2032833495ff921f/ctime:1635926668
x-amz-request-id
5CYYGEFPCFH66FJS
etag
"159abe855ef1924f2032833495ff921f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=23112983
date
Wed, 16 Feb 2022 02:00:18 GMT
accept-ranges
bytes
content-length
8139
x-amz-id-2
+cWQFAIB0nTrxqMMBnB72gZYojRYg3Icn1VQLr2+ZhFDC5sJf0LEUFGuMQmmfffv1UlnxKsff4Q=
produce_batch
monorail-edge.shopifysvc.com/unstable/
0
71 B
Ping
General
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dc
gcp-us-central1,us-central1
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
ead305de-ef77-4409-a3c6-1236eb72c09e
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.crystalbarsoap.com
access-control-allow-credentials
true
cf-ray
6de32e7dbdeb547f-YYZ
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
widget.css
staticw2.yotpo.com/qj6FsdUoIZNo9eLBrs95sha6jIA1OLmY4YCapn4B/
517 KB
52 KB
Stylesheet
General
Full URL
https://staticw2.yotpo.com/qj6FsdUoIZNo9eLBrs95sha6jIA1OLmY4YCapn4B/widget.css?widget_version=2022-01-23_10-47-18
Requested by
Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/qj6FsdUoIZNo9eLBrs95sha6jIA1OLmY4YCapn4B/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:585::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.1 /
Resource Hash
bc5c0f79f6c4eafeb30a3d06ba8a26a9d56dea6f658de88ea507b5cbebf734ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=HIT, edge; dur=11
vary
Accept-Encoding
content-length
52259
x-xss-protection
1; mode=block
x-request-id
c5711e90ec9637da4af8fac3a745f15b
x-runtime
0.118988
server
nginx/1.19.1
x-frame-options
SAMEORIGIN
etag
W/"8715bce17d5b5f5ee5a7e063acb84475"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3782
access-control-allow-credentials
true
access-control-allow-headers
*
fbevents.js
connect.facebook.net/en_US/
99 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
T/h+yYNT2z3d67zkkgNKvRagqa4Fh1V9k5cxKhNwy9r5Re83V14KCA1u4UFW8OAvyVDyzjQwOZpUJM00GTi9VA==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Wed, 16 Feb 2022 02:00:18 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5762
date
Wed, 16 Feb 2022 00:24:16 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 16 Feb 2022 02:24:16 GMT
core.js
s.pinimg.com/ct/
1 KB
1 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:492::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

akamai-x-true-ttl
7200
x-cdn
akamai
etag
"c4a0eea377c5e0da574e46f4d6e838e5"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
accept-ranges
bytes
content-length
1142
access-control-expose-headers
X-CDN
events.js
analytics.tiktok.com/i18n/pixel/
119 KB
35 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C13H5OOJQ4BPD6C9VOV0&lib=ttq
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.132.67 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-132-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
96c5b7db792466a79b9ed86953e77df86977c4ebb3d83015f30f56c852395c70

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-akamai-request-id
c67b7992.42aff46d
date
Wed, 16 Feb 2022 02:00:18 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-218-222-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-216-133-195.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-parent-response-time
14,23.216.133.195
server-timing
cdn-cache; desc=MISS, edge; dur=14, origin; dur=3, inner; dur=1
content-length
34796
pragma
no-cache
server
nginx
x-tt-logid
2022021602001801011313507917DA1463
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
3,23.218.222.13
x-tt-trace-host
016038ba7083e269e6caaded1f0b4c816bd0c2b0958d76f0033923ec78ec47297ca62e9b1309a2c8404e20854bc52be1262a3d120ca05128b79560ac93902c46ea0242ba6bd5efd7ae3050d4e3f2f53c57d0006c654d30359f08f13e1318f486ea95f8c40f52229cabeb33d5a1bb4edac4
expires
Wed, 16 Feb 2022 02:00:18 GMT
js
www.googletagmanager.com/gtag/
74 KB
30 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=945880556
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
749404d3370da96ba2400ce440c07184271444285afc9111693b83f5d38eaacc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29981
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:57:59 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 16 Feb 2022 02:00:18 GMT
rules-p-1fAta4vrcna7a.js
rules.quantcount.com/
2 B
353 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-1fAta4vrcna7a.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:7400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:16:15 GMT
via
1.1 c7f2e710eb5e4c599a030513a5a7ed22.cloudfront.net (CloudFront)
server
AmazonS3
age
2642
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
EWR52-C1
content-length
2
x-amz-cf-id
CG11qomE-200LaMMIYuvqZ8VEhet4Oz7ID4TIX_8p_moSOfO-TI99w==
badge
staticw2.yotpo.com/batch/app_key/qj6FsdUoIZNo9eLBrs95sha6jIA1OLmY4YCapn4B/domain_key/yotpononproductrelatedwidget/widget/
814 B
842 B
XHR
General
Full URL
https://staticw2.yotpo.com/batch/app_key/qj6FsdUoIZNo9eLBrs95sha6jIA1OLmY4YCapn4B/domain_key/yotpononproductrelatedwidget/widget/badge
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:585::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.1 /
Resource Hash
ba6bea9dd23d3c2e47db4440a839369e4038d917551ff2ebac07c756973cd854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=9, origin; dur=21
vary
Accept-Encoding
content-length
315
x-xss-protection
1; mode=block
x-request-id
974004c96af398d999c2abcc284d7e5f
x-runtime
0.008452
server
nginx/1.19.1
x-frame-options
SAMEORIGIN
etag
W/"b8b5232526724ceb1d1d844499fcbc50"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.crystalbarsoap.com
cache-control
public, max-age=10780
access-control-allow-credentials
true
access-control-allow-headers
*
i
p.yotpo.com/
35 B
279 B
Image
General
Full URL
https://p.yotpo.com/i?e=pv&page=Crystal%20Bar%20Soap%20-%20Female%20Owned%20Crystal%20Infused%20Bath%20Products.&se_va=qj6FsdUoIZNo9eLBrs95sha6jIA1OLmY4YCapn4B&cx=eyJwdl91dWlkIjo1NDUwMzIzOTV9&dtm=1644976818861&tid=856003&vp=1600x1200&ds=1600x6685&vid=1&duid=147a579b953feb16&p=web&tv=js-0.13.2&fp=839606422&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.crystalbarsoap.com%2F
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.73.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-73-255.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
cache-control
max-age=86400, private
server
nginx
content-type
image/gif
content-length
35
expires
Thu, 17 Feb 2022 02:00:18 GMT
pobox_checker.js
s3-us-west-2.amazonaws.com/addressvalidator/
Redirect Chain
  • https://tinyurl.com/hgdsuhu
  • https://s3-us-west-2.amazonaws.com/addressvalidator/pobox_checker.js
23 KB
23 KB
Script
General
Full URL
https://s3-us-west-2.amazonaws.com/addressvalidator/pobox_checker.js
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
HTTP/1.1
Server
52.218.178.144 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
15c6477e57fc9d5c9b4ac1d1d2afd4ff1e529ceec38febb8ff15ae35a76170c8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 02:00:20 GMT
Last-Modified
Tue, 15 Feb 2022 20:41:03 GMT
Server
AmazonS3
x-amz-request-id
F3F626FJFHDJ31Z9
ETag
"101a7994eb536161c28be45ed4ea804a"
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
23519
x-amz-id-2
nMzhHfDhHzgRF3kyct81w3uzcx46VhwOvAGv5KTPD/sr1IRNFDmNNE5irL0V91hsMSQY/ld6qF4=

Redirect headers

date
Wed, 16 Feb 2022 02:00:19 GMT
referrer-policy
unsafe-url
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html; charset=UTF-8
location
https://s3-us-west-2.amazonaws.com/addressvalidator/pobox_checker.js
x-xss-protection
1; mode=block
cache-control
max-age=0, public, s-max-age=900, stale-if-error: 86400
cf-ray
6de32e7e5b557145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options
nosniff
shopify-boomerang-1.0.0.min.js
cdn.shopify.com/shopifycloud/boomerang/
58 KB
17 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
2b40e69b4b5c337e07359025eb264e9125b5228ed972eb8f0f95785a520af271
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=0.214,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
17404
x-xss-protection
1; mode=block
x-request-id
c72165d4575c14ced82bcdea11d28f6f
x-served-by
cache-lga21929-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976819.888422,VS0,VE0
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=3600, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-cache-hits
3, 931313
produce_batch
monorail-edge.shopifysvc.com/unstable/
0
645 B
Ping
General
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dc
gcp-us-central1,us-central1
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
584ca465-2b7a-4835-b3c7-65f7a489033f
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.crystalbarsoap.com
access-control-allow-credentials
true
cf-ray
6de32e7e1eb9547f-YYZ
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
produce_batch
monorail-edge.shopifysvc.com/unstable/
0
71 B
Ping
General
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dc
gcp-us-central1,us-east1
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
8c8e073f-c630-4015-ad69-9a446c215938
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.crystalbarsoap.com
access-control-allow-credentials
true
cf-ray
6de32e7e2edb547f-YYZ
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
produce_batch
monorail-edge.shopifysvc.com/unstable/
0
71 B
Ping
General
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dc
gcp-us-central1,us-east1
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
78959390-01b8-41cb-ae3e-a615a1e44177
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.crystalbarsoap.com
access-control-allow-credentials
true
cf-ray
6de32e7e2ede547f-YYZ
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
vendors~mv.js
cdn.shopify.com/shopifycloud/model-viewer/v0.8/
754 KB
198 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/model-viewer/v0.8/vendors~mv.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/model-viewer/v0.8/model-viewer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
ff9ad0d0849f856b0b2d92058b684527bf845bf7f25cc0c3d25af8c7ba624cd3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=0.177,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
201551
x-xss-protection
1; mode=block
x-request-id
4c8ee36f2bbfb0e81de6482b1e56b808
x-served-by
cache-lga21957-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976819.925594,VS0,VE0
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/model-viewer/v0.8/vendors~mv.js>; rel="canonical"
x-cache-hits
2, 3
produce_batch
monorail-edge.shopifysvc.com/unstable/
0
90 B
Ping
General
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dc
gcp-us-central1,us-east1
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
439602eb-4634-42d7-8dcb-7e4bbdd42aeb
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.crystalbarsoap.com
access-control-allow-credentials
true
cf-ray
6de32e7e5f55547f-YYZ
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
app.v0.1.6-2774.js
cdn-widget-assets.yotpo.com/widget-referred-friend/
395 KB
111 KB
Script
General
Full URL
https://cdn-widget-assets.yotpo.com/widget-referred-friend/app.v0.1.6-2774.js
Requested by
Host: cdn-widget-assets.yotpo.com
URL: https://cdn-widget-assets.yotpo.com/widgets-initializer/app.v0.0.42-2673.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:585::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41afb86fcad5cb68d3e8a031b0997872088dbde78261d8644b6b2ca1e37b96f5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
sO1TmEjFMZcVXpU3Vezo5MEVsDsXbC7d
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 16:08:56 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1644422934/atime:1644422934/md5:174c9cfa4289b074f07cfd85fc08d89e/ctime:1644422934
x-amz-request-id
GYH7G9SY2JNK484N
etag
"174c9cfa4289b074f07cfd85fc08d89e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=30982185
date
Wed, 16 Feb 2022 02:00:18 GMT
accept-ranges
bytes
x-amz-id-2
0Yk5OcbBCX9ZNihn1qNJ9kbvGEOT3RIhl2ZKYkAehbu7uVZ1qGZL2inwWfa83OFWvVIMs1RV8cw=
GatesToParadisecopy_400x.jpg
cdn.shopify.com/s/files/1/1112/5866/products/
46 KB
46 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/products/GatesToParadisecopy_400x.jpg?v=1642562894
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
b63a13136dbc7297111ab64c6963769c3f9238c58d0a6223dce12641233fca06
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=1.632,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
47042
x-xss-protection
1; mode=block
x-request-id
204e395dbef74f98698f7f5c54426ee6
x-served-by
cache-lga21961-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976819.934213,VS0,VE2
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/products/GatesToParadisecopy_400x.jpg>; rel="canonical"
x-cache-hits
1, 1
EverlastingHopecopy_400x.jpg
cdn.shopify.com/s/files/1/1112/5866/products/
16 KB
17 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/products/EverlastingHopecopy_400x.jpg?v=1642545435
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
1b648b5abb0fdd9899373a0a0959b458afeb3f158c130da15541153e1ac413f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=1.356,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
16668
x-xss-protection
1; mode=block
x-request-id
dbff5e01878c205ea40448d5265caaae
x-served-by
cache-lga21981-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976819.935523,VS0,VE1
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/products/EverlastingHopecopy_400x.jpg>; rel="canonical"
x-cache-hits
1, 1
Venuss_400x.jpg
cdn.shopify.com/s/files/1/1112/5866/products/
49 KB
49 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/products/Venuss_400x.jpg?v=1643408370
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
9076624955d7ac5882cc5a8fe14c175af7e36e148fe9f8184fab7db57064baae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=19.269,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
49764
x-xss-protection
1; mode=block
x-request-id
2261f508c9577f11a4fbb4f836b11d77
x-served-by
cache-lga21974-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976819.935564,VS0,VE19
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/products/Venuss_400x.jpg>; rel="canonical"
x-cache-hits
5, 1
Flyingcopy_400x.jpg
cdn.shopify.com/s/files/1/1112/5866/products/
46 KB
46 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/1112/5866/products/Flyingcopy_400x.jpg?v=1642562571
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
a7402a359a5878e713899e84f3ac39d773be6d2ea607e484a4e39d4c3a75dfac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=1.434,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
46630
x-xss-protection
1; mode=block
x-request-id
01a6abe4b9d3c56d0693783c1a44c6f2
x-served-by
cache-lga21932-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976819.935580,VS0,VE1
date
Wed, 16 Feb 2022 02:00:18 GMT
vary
Accept
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1112/5866/products/Flyingcopy_400x.jpg>; rel="canonical"
x-cache-hits
1, 1
badge.png
staticw2.yotpo.com/assets/
15 KB
15 KB
Image
General
Full URL
https://staticw2.yotpo.com/assets/badge.png
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:585::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.1 /
Resource Hash
09d39eecddc0d69d47cf6b5531c43f61f8115ba327cd87ca4f46b04e505be1bc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
env
PRODUCTION
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
15285
last-modified
Sun, 23 Jan 2022 11:33:38 GMT
server
nginx/1.19.1
etag
"61ed3d12-3bb5"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 23 Feb 2022 02:00:18 GMT
i
p.yotpo.com/
35 B
279 B
Image
General
Full URL
https://p.yotpo.com/i?e=se&se_ca=Reviews_Badge&se_ac=loaded&se_la=productId&se_va=qj6FsdUoIZNo9eLBrs95sha6jIA1OLmY4YCapn4B&cx=eyJwdl91dWlkIjo1NDUwMzIzOTV9&dtm=1644976818971&tid=686953&vp=1600x1200&ds=1600x6685&vid=1&duid=147a579b953feb16&p=web&tv=js-0.13.2&fp=839606422&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.crystalbarsoap.com%2F
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.73.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-73-255.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:18 GMT
cache-control
max-age=86400, private
server
nginx
content-type
image/gif
content-length
35
expires
Thu, 17 Feb 2022 02:00:18 GMT
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v5/
43 KB
12 KB
Script
General
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/v5/bugsnag.min.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify-xr-js/v1.0/shopify-xr.en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-62.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de8c0995b897a17da73adb4d21467bac8f270d366e277eaf57fd9ffb231de8d7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 17:46:56 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 21 Jan 2019 11:27:19 GMT
Server
AmazonS3
Age
375204
ETag
W/"a0fc7a4c606d853b67fa47c3a3eb17d1"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=UTF-8
Via
1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
Cache-Control
public, max-age=315360000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
EWR53-P1
X-Amz-Cf-Id
URzOYGGiizYb3niERXfNYSDthM5BiJpvgj7XYBN_uije7xBdO80fdg==
pixel;r=305191224;rf=0;a=p-1fAta4vrcna7a;url=https%3A%2F%2Fwww.crystalbarsoap.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-709044845-1644976819000;...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=305191224;rf=0;a=p-1fAta4vrcna7a;url=https%3A%2F%2Fwww.crystalbarsoap.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-709044845-1644976819000;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=crystalbarsoap.com;je=0;sr=1600x1200x24;dst=0;et=1644976819000;tzo=0;ogl=url.https%3A%2F%2Fwww%252Ecrystalbarsoap%252Ecom%2F%2Csite_name.Crystal%20Bar%20Soap%2Ctype.website%2Ctitle.Crystal%20Bar%20Soap%20-%20Female%20Owned%20Crystal%20Infused%20Bath%20Products%252E%2Cimage.https%3A%2F%2Fcdn%252Eshopify%252Ecom%2Fs%2Ffiles%2F1%2F1112%2F5866%2Ffiles%2Flogogogog_5c2f4a2d-53ed-42c5-a%2Cimage%3Asecure_url.https%3A%2F%2Fcdn%252Eshopify%252Ecom%2Fs%2Ffiles%2F1%2F1112%2F5866%2Ffiles%2Flogogogog_5c2f4a2d-53ed-42c5-a%2Cimage%3Awidth.2349%2Cimage%3Aheight.302%2Cdescription.We%20Believe%20In%20Small%20Moments%20Of%20Self%20Care%252E%20Cleanse%20Away%20Bad%20Vibes%20And%20Reawaken%20Yo
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:44af:4f54:8af4:5563 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:00:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
1302422466532070
connect.facebook.net/signals/config/
307 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1302422466532070?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0577e96d6b9664ae0a07c0fdb5c2f13deb89c3cd85034cb8b2f5589d2acf9853
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89098
x-xss-protection
0
pragma
public
x-fb-debug
s+NI1u1bs0TghRHjY9jExl/zG4Jzb727LRa+WvqwriLI7G/GtBgGj0V9r6yHkNkxzeRfJodA6oZCKXi/iWhOLQ==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Wed, 16 Feb 2022 02:00:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/qj6FsdUoIZNo9eLBrs95sha6jIA1OLmY4YCapn4B/widget.css?widget_version=2022-01-23_10-47-18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://staticw2.yotpo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:49:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 02:00:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 02:00:19 GMT
collect
stats.g.doubleclick.net/j/
4 B
447 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-159315719-1&cid=1049241858.1644976819&jid=1789348044&gjid=1133253990&_gid=348181216.1644976819&_u=YGBAgEABBAAAAE~&z=150204228
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1402::9b Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 16 Feb 2022 02:00:19 GMT
content-type
text/plain
access-control-allow-origin
https://www.crystalbarsoap.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=440333921&t=pageview&_s=1&dl=https%3A%2F%2Fwww.crystalbarsoap.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Crystal%20Bar%20Soap%20-%20Female%20Owned%20Crystal%20Infused%20Bath%20Products.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABB~&jid=1789348044&gjid=1133253990&cid=1049241858.1644976819&tid=UA-159315719-1&_gid=348181216.1644976819&did=BwiEti&z=240784836
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 17:24:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30940
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
main.32155010.js
s.pinimg.com/ct/lib/
52 KB
18 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.32155010.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:492::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
gzip
x-cdn
akamai
etag
"fd86de14455274a7c147dc95b77e18e3"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18298
access-control-expose-headers
X-CDN
sdk-style.css
cdn.bestpush.io/
5 KB
2 KB
Stylesheet
General
Full URL
https://cdn.bestpush.io/sdk-style.css
Requested by
Host: app.restock-alerts.com
URL: https://app.restock-alerts.com/v1/shopify/8ep6qv6357k600xd/restock-alerts.js?webpush=True
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:501a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca99242fe2f77a14e939c0aac7d15863225ce682cd592411f75b64bd5a647f67

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 04 Mar 2021 15:33:38 GMT
server
cloudflare
etag
W/"6040fdd2-1278"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWmz%2BSKcbB0mu3mIGZCYrJvLa%2FrygL%2FNYndFJ5eBdRuOVMpyPxkO%2Bh2zfwAEIUScHtjZ5V%2F2yhycpLwZLapvEvjOzsB0mEjRwOUzDFtz2IXL9Sbtte47ebFg0qiBJ%2FmQO1CAsfgCmhmNuCRE99g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6de32e7fc8644bd1-YUL
products.json
www.crystalbarsoap.com/
572 KB
87 KB
XHR
General
Full URL
https://www.crystalbarsoap.com/products.json?limit=250&page=1
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
886532dfdf7e05ebafec1fb6f08f1bef3f06f64e258c4a347fb5f40a509b1247
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-shopify-stage
production
x-cache
miss
content-type
application/json; charset=utf-8
x-alternate-cache-key
cacheable:24597b6f1f73a0f671868d62c8b61bb4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
11125866
x-shardid
48
x-storefront-renderer-rendered
1
server
cloudflare
x-frame-options
DENY
content-language
en
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=7889238
x-download-options
noopen
x-shopid
11125866
access-control-allow-origin
*
vary
Accept
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-request-id
49e658a4-c1e1-4ac4-ab44-86dd65f65509
cf-ray
6de32e7fed23544f-YYZ
x-sorting-hat-podid
48
identify.js
analytics.tiktok.com/i18n/pixel/
114 KB
31 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C13H5OOJQ4BPD6C9VOV0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.132.67 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-132-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-akamai-request-id
1a927577.42aff660
date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-218-222-4.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-216-133-195.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-parent-response-time
11,23.216.133.195
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=3, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
2022021602001901011313503827C33DE3
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
3,23.218.222.4
x-tt-trace-host
016038ba7083e269e6caaded1f0b4c816bd0c2b0958d76f0033923ec78ec47297cbfcf66e9f57358473daf04c514efda21d62d189681a1403f06aacf5111b78fdd26c8846b4bac12dc5146ec4fb632e859658a7fb20a1a9a7d42b1b67e9433e0bbf0e8d5c2e593c3c6e172331847167115
expires
Wed, 16 Feb 2022 02:00:19 GMT
config.js
analytics.tiktok.com/i18n/pixel/
4 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C13H5OOJQ4BPD6C9VOV0&hostname=www.crystalbarsoap.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C13H5OOJQ4BPD6C9VOV0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.132.67 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-132-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8964ec4d91c53ecf72fd9459fa1ab0f477ffb1407f871c1206085c83ebe6c273

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-akamai-request-id
42aff6bf
date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-216-133-195.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
server-timing
inner; dur=1, cdn-cache; desc=MISS, edge; dur=1, origin; dur=9
content-length
1760
pragma
no-cache
server
nginx
x-tt-logid
2022021602001901011300604114775A35
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,23.216.133.195
x-tt-trace-host
016038ba7083e269e6caaded1f0b4c816ba5bd5cbdc16f4264d74bdf95b05a90606dba77f459c54c5b07631a2761c413f708be50ed9bd37b8f36968717f0f3c94350e94e1e18da64f5950c7f45abc77ec2b6a201f0ad52bdc8208ac86da8a1e8e5
expires
Wed, 16 Feb 2022 02:00:19 GMT
campaigns
loyalty.yotpo.com/api/public/v1/
619 B
1 KB
XHR
General
Full URL
https://loyalty.yotpo.com/api/public/v1/campaigns?guid=Z-Lp2VTbu3verordQSpEGw&merchant_id=77485&campaign_types[]=ReferralCampaign
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.160.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-160-218.compute-1.amazonaws.com
Software
nginx/1.19.1 /
Resource Hash
3fb8c2820950509a9f3a66e21a9065c9452f81849cb0c55a75071b28f04456b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-ratelimit-limit-second
10000
vary
Accept-Encoding, Origin
ratelimit-reset
1
x-ratelimit-remaining-second
9999
x-kong-proxy-latency
2
x-kong-upstream-latency
17
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, DESTROY, PATCH
ratelimit-limit
10000
referrer-policy
strict-origin
x-xss-protection
1; mode=block
x-request-id
487d5fcfa6f701c2c893e747eacf0d37
x-runtime
0.011351
access-control-allow-origin
*
correlation-id
c22c5e04-7e92-4ee9-9e3a-fa00d6332044
server
nginx/1.19.1
x-frame-options
ALLOWALL
etag
W/"3fb8c2820950509a9f3a66e21a9065c9"
x-download-options
noopen
access-control-max-age
7200
strict-transport-security
max-age=63072000; includeSubDomains
content-type
application/json; charset=utf-8
via
kong/2.1.4
x-permitted-cross-domain-policies
none
cache-control
max-age=0, private, must-revalidate
ratelimit-remaining
9999
access-control-expose-headers
js
www.googletagmanager.com/gtag/
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-945880556&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=945880556
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fef3eb33c4dac17519bd73f687b14f4f92d69567b25ff9e295142f2b7077a786
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39648
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:57:59 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 16 Feb 2022 02:00:19 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-159315719-1&cid=1049241858.1644976819&jid=1789348044&_u=YGBAgEABBAAAAE~&z=41013650
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:00:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/
42 B
501 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-159315719-1&cid=1049241858.1644976819&jid=1789348044&_u=YGBAgEABBAAAAE~&z=41013650
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:00:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
yotpo-widget-font.woff
staticw2.yotpo.com/assets/
12 KB
12 KB
Font
General
Full URL
https://staticw2.yotpo.com/assets/yotpo-widget-font.woff?version=2022-01-23_10-47-18
Requested by
Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/qj6FsdUoIZNo9eLBrs95sha6jIA1OLmY4YCapn4B/widget.css?widget_version=2022-01-23_10-47-18
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:585::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.1 /
Resource Hash
ded3cc824f7bd6d490d247ad247bc13cd3205f3dca15e6afa78610dc8a4d1143

Request headers

Referer
https://staticw2.yotpo.com/qj6FsdUoIZNo9eLBrs95sha6jIA1OLmY4YCapn4B/widget.css?widget_version=2022-01-23_10-47-18
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
env
PRODUCTION
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
12288
last-modified
Sun, 23 Jan 2022 11:33:38 GMT
server
nginx/1.19.1
etag
"61ed3d12-3000"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 23 Feb 2022 02:00:19 GMT
128760868775779
connect.facebook.net/signals/config/
307 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/128760868775779?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c51a79020944fa91c50bca5deefc2856a1097f875a70339deaf195b61e011e5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89098
x-xss-protection
0
pragma
public
x-fb-debug
OxQvtx6szoFtIrQdpy3naO5H++T+KjXnxES7ByuHkYAQWg8KCnoVqcIGuNZzCeUTM1/F/5DpWoCGIo25bIasOg==
x-frame-options
DENY
date
Wed, 16 Feb 2022 02:00:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
i
p.yotpo.com/
35 B
279 B
Image
General
Full URL
https://p.yotpo.com/i?e=se&se_ca=referred-friend&se_ac=shown&se_la=layout&se_va=Z-Lp2VTbu3verordQSpEGw&cx=eyJzZXNzaW9uX2lkIjoiZWQwZWRiNDYtZGY5Yi00NTg5LTkzMjgtYTdmMWM5M2QwZmQwIiwic2VxdWVuY2UiOiIwIiwid2lkZ2V0X2luc3RhbmNlX2lkIjoiMzEzNzEiLCJpbnN0YW5jZV92ZXJzaW9uX2lkIjoiMTU3NTM4NSIsImlzX21vYmlsZSI6ZmFsc2V9&dtm=1644976819321&tid=771432&vp=1600x1200&ds=1600x6685&vid=1&duid=147a579b953feb16&p=web&tv=js-0.13.4&fp=839606422&aid=onsite_v3&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.crystalbarsoap.com%2F
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.73.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-73-255.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
cache-control
max-age=86400, private
server
nginx
content-type
image/gif
content-length
35
expires
Thu, 17 Feb 2022 02:00:19 GMT
/
sessions.bugsnag.com/ Frame
0
0
Preflight
General
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://www.crystalbarsoap.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Wed, 16 Feb 2022 02:00:19 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/
21 B
140 B
XHR
General
Full URL
https://sessions.bugsnag.com/
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1.0
Referer
https://www.crystalbarsoap.com/
Bugsnag-Sent-At
2022-02-16T02:00:19.332Z
Accept-Language
en-CA,en;q=0.9
Bugsnag-Api-Key
a51246d2a1f718541183be260c6215bd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 16 Feb 2022 02:00:19 GMT
via
1.1 google
bugsnag-session-uuid
d56736d1-9d5f-4aad-b1b7-797f2c91dd10
alt-svc
clear
content-length
21
content-type
application/json
/
ct.pinterest.com/user/
487 B
838 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2618093683576&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1644976819339
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.196 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.cc403617.1644976819.a118a38d
x-envoy-upstream-service-time
2
x-pinterest-rid
1265689151055880
pin-unauth
dWlkPU5ERTRNVFk0WkRndE5EWm1NQzAwTURrMUxUa3pNREF0TXprMU5UWmhaakJoWldZMw
access-control-allow-origin
https://www.crystalbarsoap.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
350
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
334 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2618093683576&pd=%7B%22np%22%3A%22shopify%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.crystalbarsoap.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1644976819344
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.196 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:00:19 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.cc403617.1644976819.a118a398
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
9725221872645831
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
579 B
Image
General
Full URL
https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%7D&tid=2618093683576&pd=%7B%22np%22%3A%22shopify%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.crystalbarsoap.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1644976819345
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.196 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:00:19 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.cc403617.1644976819.a118a3a1
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
1784383146989560
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
analytics.tiktok.com/api/v2/
0
571 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C13H5OOJQ4BPD6C9VOV0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.132.67 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-132-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:00:19 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
2022021602001901011313513909C411F4
x-cache
TCP_MISS from a23-216-133-195.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
31,23.216.133.195
x-tt-trace-host
016038ba7083e269e6caaded1f0b4c816ba5bd5cbdc16f4264d74bdf95b05a90606dba77f459c54c5b07631a2761c413f7847c4661509effac96e75a32e94438aa54177059f4c886d29c857e8dbcb6ba8299bc82ebd3c483be60a27513384549e3
server-timing
inner; dur=15, cdn-cache; desc=MISS, edge; dur=4, origin; dur=31
x-akamai-request-id
42aff867
content-length
0
expires
Wed, 16 Feb 2022 02:00:19 GMT
pixel
analytics.tiktok.com/api/v2/
0
570 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C13H5OOJQ4BPD6C9VOV0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.132.67 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-132-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:00:19 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
20220216020019010113135135078C2F51
x-cache
TCP_MISS from a23-216-133-195.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
30,23.216.133.195
x-tt-trace-host
016038ba7083e269e6caaded1f0b4c816ba5bd5cbdc16f4264d74bdf95b05a90606dba77f459c54c5b07631a2761c413f714bdcb03b6689d123d0aebf94f8f4ce3e906b5f53ca0e625ee59a2d35c195f567008d72792ec9e164fcc611ca53e92d2
server-timing
inner; dur=13, cdn-cache; desc=MISS, edge; dur=4, origin; dur=30
x-akamai-request-id
42aff86e
content-length
0
expires
Wed, 16 Feb 2022 02:00:19 GMT
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-945880556&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14884
x-xss-protection
0
server
cafe
etag
16747055602125368176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 02:00:19 GMT
status
webpush.pushapis.xyz/v2/
271 B
894 B
Fetch
General
Full URL
https://webpush.pushapis.xyz/v2/status?app_id=8ep6qv6357k600xd
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
01d65edfab1959d0191d82d7ecbb913d284656473c3bbe7396ff16075d23829e

Request headers

Accept
application/json
Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
deviceid
8d946d7600724a8c8336a3f251805ac6
server
cloudflare
etag
W/"10f-cifNLFViF0mCvrowEv5jhUIAxc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbg%2Fw%2Be2Qm11m3PoLIAjEtV0n7EkBITDncKFXzMkfL%2Fec77yi9Bn6kdOz2zde29a59elhBakSKyBwWIRaPtNr07YL4AZ35Z%2B6pV8M0TiGxgbx7baP33OBKhpcX2rPGpGtBxY3isvXp4YW8cZ9eoIgoKObg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.crystalbarsoap.com
access-control-expose-headers
deviceid
access-control-allow-credentials
true
cf-ray
6de32e820d294bc5-YUL
status
webpush.pushapis.xyz/v2/ Frame
0
0
Preflight
General
Full URL
https://webpush.pushapis.xyz/v2/status?app_id=8ep6qv6357k600xd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:b773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.crystalbarsoap.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.crystalbarsoap.com
access-control-expose-headers
deviceid
access-control-max-age
86400
vary
Origin, Access-Control-Request-Headers
x-powered-by
Express
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DZzqkavBdwTwztlvcpF3cuemZLZdrTnGHLuYNugX3x57YW%2F8E0KkZwnVYClbCnR09il9gEyH6m%2BzZ2pNFA1HKRiJ%2FAXBXgBZaWImrNZmo4NHHIKMjxLDgRtOgIlgHfLIKvzqGR3bGOy0mBF%2BkDB6CZzcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6de32e817b5a7138-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
www.facebook.com/tr/
44 B
408 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1302422466532070&ev=PageView&dl=https%3A%2F%2Fwww.crystalbarsoap.com%2F&rl=&if=false&ts=1644976819400&sw=1600&sh=1200&v=2.9.52&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1644976819399.179902526&it=1644976819020&coo=false&eid=00424f62-2AED-4523-21D7-55AFCA32DB94&rqm=GET
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 16 Feb 2022 02:00:19 GMT
/
www.facebook.com/tr/
44 B
213 B
Image
General
Full URL
https://www.facebook.com/tr/?id=128760868775779&ev=PageView&dl=https%3A%2F%2Fwww.crystalbarsoap.com%2F&rl=&if=false&ts=1644976819402&sw=1600&sh=1200&v=2.9.52&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1644976819399.179902526&it=1644976819020&coo=false&eid=00424f62-2AED-4523-21D7-55AFCA32DB94&rqm=GET
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 16 Feb 2022 02:00:19 GMT
/
www.googleadservices.com/pagead/conversion/945880556/
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/945880556/?random=1644976819479&cv=9&fst=1644976819479&num=1&label=ub4cCOmh2IoBEOz7g8MD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DCrystal%20Bar%20Soap%20-%20Female%20Owned%20Crystal%20Infused%20Bath%20Products.&frm=0&url=https%3A%2F%2Fwww.crystalbarsoap.com%2F&tiba=Crystal%20Bar%20Soap%20-%20Female%20Owned%20Crystal%20Infused%20Bath%20Products.&auid=284187313.1644976819&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
acb1f015581aabdd366f652bfa16c33ea9d6d48abd18cee0c96214dfe71497f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1199
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
products.json
www.crystalbarsoap.com/
15 B
1 KB
XHR
General
Full URL
https://www.crystalbarsoap.com/products.json?limit=250&page=2
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
86d8b086af0fc30d06856e218fcfdb6b803f91b45f50b1b753d8deac627fc054
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-shopify-stage
production
x-cache
miss
content-type
application/json; charset=utf-8
x-alternate-cache-key
cacheable:cdd8ad8f965a98d199bb09ac94349ec0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
11125866
x-shardid
48
x-storefront-renderer-rendered
1
server
cloudflare
x-frame-options
DENY
content-language
en
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=7889238
x-download-options
noopen
x-shopid
11125866
access-control-allow-origin
*
vary
Accept
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-request-id
d604cd3b-55af-4120-a670-1fa06bffc564
cf-ray
6de32e823abf544f-YYZ
x-sorting-hat-podid
48
/
www.google.ca/pagead/1p-conversion/945880556/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945880556/?random=2135591369&cv=9&fst=1644976819479&num=1&label=ub4cCOmh2IoBEOz7g8MD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
  • https://www.google.com/pagead/1p-conversion/945880556/?random=2135591369&cv=9&fst=1644976819479&num=1&label=ub4cCOmh2IoBEOz7g8MD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
  • https://www.google.ca/pagead/1p-conversion/945880556/?random=2135591369&cv=9&fst=1644976819479&num=1&label=ub4cCOmh2IoBEOz7g8MD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
42 B
64 B
Image
General
Full URL
https://www.google.ca/pagead/1p-conversion/945880556/?random=2135591369&cv=9&fst=1644976819479&num=1&label=ub4cCOmh2IoBEOz7g8MD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DCrystal%20Bar%20Soap%20-%20Female%20Owned%20Crystal%20Infused%20Bath%20Products.&frm=0&url=https%3A%2F%2Fwww.crystalbarsoap.com%2F&tiba=Crystal%20Bar%20Soap%20-%20Female%20Owned%20Crystal%20Infused%20Bath%20Products.&auid=284187313.1644976819&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=s1oMYq2yIJaNoPMP39iyIA&random=4143183964&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H3
Server
2607:f8b0:4006:824::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:00:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:00:19 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.ca/pagead/1p-conversion/945880556/?random=2135591369&cv=9&fst=1644976819479&num=1&label=ub4cCOmh2IoBEOz7g8MD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DCrystal%20Bar%20Soap%20-%20Female%20Owned%20Crystal%20Infused%20Bath%20Products.&frm=0&url=https%3A%2F%2Fwww.crystalbarsoap.com%2F&tiba=Crystal%20Bar%20Soap%20-%20Female%20Owned%20Crystal%20Infused%20Bath%20Products.&auid=284187313.1644976819&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=s1oMYq2yIJaNoPMP39iyIA&random=4143183964&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spr.js
productreviews.shopifycdn.com/assets/v4/
8 KB
3 KB
Script
General
Full URL
https://productreviews.shopifycdn.com/assets/v4/spr.js?shop=crystal-bar-soap.myshopify.com
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b110428c2cf2bb0bab8390f3e58b7961de970b7da528b93cafddf5378bb7cf65
Security Headers
Name Value
Content-Security-Policy default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dc
gcp-us-east1
age
22164970
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
server-timing
processing;dur=0, socket_queue;dur=1.229
content-length
2910
x-xss-protection
1; mode=block
x-served-by
cache-bwi5181-BWI, cache-yul12829-YUL
referrer-policy
origin-when-cross-origin
last-modified
Thu, 03 Jun 2021 21:28:24 GMT
x-timer
S1644976820.801592,VS0,VE0
date
Wed, 16 Feb 2022 02:00:19 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public
content-security-policy
default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'
accept-ranges
bytes
x-cache-hits
98, 429775
script.js
geolocation-recommendations.shopifycloud.com/locale_bar/
105 KB
26 KB
Script
General
Full URL
https://geolocation-recommendations.shopifycloud.com/locale_bar/script.js?shop=crystal-bar-soap.myshopify.com
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.139.78.128 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.78.139.34.bc.googleusercontent.com
Software
/
Resource Hash
17f7cfecccd18d6e3713fd43b2b9b5b0aac932d634e62fe56a7861450045a9f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dc
gcp-us-east1
server-timing
processing;dur=17, socket_queue;dur=3.123
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
d4fefd63e6c2535a566d19cc4a42e7ca
x-runtime
0.016906
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
etag
W/"17f7cfecccd18d6e3713fd43b2b9b5b0"
x-download-options
noopen
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate
eventpromotionbar.js
cdn.hextom.com/js/
98 KB
21 KB
Script
General
Full URL
https://cdn.hextom.com/js/eventpromotionbar.js?shop=crystal-bar-soap.myshopify.com
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:e600:1:427b:a440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
653dc7c0a74d3df6a4bdfa0d890c73d9a42d63706595cc0f748af5e25948f029

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 22:28:36 GMT
content-encoding
gzip
last-modified
Mon, 07 Feb 2022 18:59:27 GMT
server
AmazonS3
age
12704
etag
"1df70328a54bb24728d2a87c483307ce"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
21257
x-amz-cf-id
aa3jfHyrooPKOYQOnT_m_W0rWf-lH0PgTE72uTmBP0vf77NNKEO2mg==
Z-Lp2VTbu3verordQSpEGw.js
cdn-loyalty.yotpo.com/loader/
146 KB
16 KB
Script
General
Full URL
https://cdn-loyalty.yotpo.com/loader/Z-Lp2VTbu3verordQSpEGw.js?shop=crystal-bar-soap.myshopify.com
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:581::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.1 /
Resource Hash
07b85e8de316c3c9fe1934056e024cf909949970c245899d42af924bc086e6db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

ratelimit-reset
1
content-encoding
gzip
x-content-type-options
nosniff
x-ratelimit-limit-second
10000
x-kong-proxy-latency
8
x-ratelimit-remaining-second
9999
x-kong-upstream-latency
402
ratelimit-remaining
9999
referrer-policy
strict-origin
ratelimit-limit
10000
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
content-length
15804
x-xss-protection
1; mode=block
x-request-id
1f9e1231668194c00377ed80ee1f454c
x-runtime
0.387808
correlation-id
8508960e-f1d2-41ff-ad29-d1408c6fceca
server
nginx/1.19.1
x-frame-options
ALLOWALL
date
Wed, 16 Feb 2022 02:00:19 GMT
x-download-options
noopen
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-permitted-cross-domain-policies
none
cache-control
private, must-revalidate, max-age=0
access-control-allow-credentials
false
etag
W/"07b85e8de316c3c9fe1934056e024cf9"
access-control-allow-headers
*
storefront-banner.js
cdn.shopify.com/shopifycloud/privacy-banner/
26 KB
8 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/privacy-banner/storefront-banner.js?shop=crystal-bar-soap.myshopify.com
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
ebb6f81cf4af0ef5f8d57405761efca67b7a808502d84bbdfd01dddc5bf0ae5c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, MISS
server-timing
cdn;dur=0.755,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=9.828,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=8.684,cdnOriginTTLB;dur=9.707
content-length
7354
x-xss-protection
1; mode=block
x-request-id
60b012cf93ae431ac2466ae0fc17be86
x-served-by
cache-lga21955-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976820.801069,VS0,VE10
date
Wed, 16 Feb 2022 02:00:19 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/privacy-banner/storefront-banner.js>; rel="canonical"
x-cache-hits
1, 0
track.js
dttrk.com/shopify/
3 KB
2 KB
Script
General
Full URL
https://dttrk.com/shopify/track.js?shop=crystal-bar-soap.myshopify.com
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cf21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ff89dc2c0470e48ecd417a81c4662fb32707b432743af6385d00d19010c5eb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28086
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
DENY
etag
W/"shopify/track.1e1fd27041.js"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sb6rvPjAQGNhBVWnq35841nJduDdIT3hnfj09sCEPGOP5xSredUAzoUqqTM2iEdOKLa52X%2F8BJmyOwjedJnBA9ftpo9mMKIvdwAD5ty%2FRgtYmi49fE%2Bvzq46d%2FjD1fifXi1VVFBPG74%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
feature-policy
none
cf-ray
6de32e8408e84bcb-YUL
form_81158.js
dhv2ziothpgrr.cloudfront.net/465397/
258 KB
65 KB
Script
General
Full URL
https://dhv2ziothpgrr.cloudfront.net/465397/form_81158.js?ver=1641594377&shop=crystal-bar-soap.myshopify.com
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c00:12:cbd9:89c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65ed3c26839389dba93131008b1b4b7479c608bfd982a6ae5f30dd9397432dd1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 11:37:19 GMT
content-encoding
gzip
last-modified
Fri, 07 Jan 2022 22:26:18 GMT
server
AmazonS3
age
51781
etag
W/"74d114a27c9b143fee0ed6f734d41528"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
4zSSrE-ZUcepz3OoCUeXhYRgic7xwxgT1JwY2isii5tGO924y1kIYQ==
klaviyo.js
static.klaviyo.com/onsite/js/
2 KB
1 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RMBKns&shop=crystal-bar-soap.myshopify.com
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
819bd7150c843eeba4f4289f9ad3c97e3064d1ec9598c8a3ddad66d5a035cf7a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
gzip
age
9289
x-cache
HIT, HIT
access-control-max-age
86400
content-length
858
x-served-by
cache-lga21940-LGA, cache-yul12824-YUL
access-control-allow-origin
*
allow
GET, OPTIONS
server
nginx
x-timer
S1644976820.847071,VS0,VE1
etag
W/"38449d8e9e271dd1afd9c78a04d5779b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
x-resp-is-stale
true
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
1, 1
klaviyo.js
static.klaviyo.com/onsite/js/
3 KB
1 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TWDGn4&shop=crystal-bar-soap.myshopify.com
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
415bd157fb4205e6696eb88a80c314d6e29223afcafa1c2d8cb1af30312a9b6f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:19 GMT
content-encoding
gzip
age
9289
x-cache
HIT, HIT
access-control-max-age
86400
content-length
993
x-served-by
cache-lga21953-LGA, cache-yul12824-YUL
access-control-allow-origin
*
allow
OPTIONS, GET
server
nginx
x-timer
S1644976820.847523,VS0,VE1
etag
W/"6957559d2a12bfbc66621337763703be"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
x-resp-is-stale
true
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
1, 1
pages.js
widgets.automizely.com/pages/v1/
39 KB
12 KB
Script
General
Full URL
https://widgets.automizely.com/pages/v1/pages.js?store_connection_id=0df43c460b884b40ba38670af16a6595&shop=crystal-bar-soap.myshopify.com
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5166c56477c1b9717b8a5b9ab2d6aa7d96e652ad154d4a34f467221207d54825
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 13 Feb 2022 16:20:15 GMT
server
cloudflare
x-amz-request-id
F3F7YV114YHAS4VN
etag
W/"3cc6b338489205c17573350216387325"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
strict-transport-security
max-age=15552000
cf-ray
6de32e840d36715a-YUL
x-amz-id-2
dRxl9hTe700N4y7C/7+3uBiOPuqQ+g2px4rJKSNoNmBhQv/d5sA/slfXZWKlDuedNY2DaYDDPfk=
expires
Wed, 16 Feb 2022 06:00:20 GMT
ct.html
www.pinterest.ca/ Frame D1D3
Redirect Chain
  • https://www.pinterest.com/ct.html
  • https://www.pinterest.ca/ct.html
413 B
4 KB
Document
General
Full URL
https://www.pinterest.ca/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.196 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
42becabcd9b2995ba688c5641a62e44912a49eb170046578867b7e897de874e4
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-de4092f941db2cfe37aa48b89e2a6385' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1691820910053878; frame-ancestors *
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/

Response headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p
CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-de4092f941db2cfe37aa48b89e2a6385' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1691820910053878; frame-ancestors *
content-security-policy-report-only
script-src 'nonce-de4092f941db2cfe37aa48b89e2a6385' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
link
<https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
106
pinterest-generated-by
coreapp-webapp-prod-0a03c673
content-encoding
gzip
pinterest-version
a3b5cfb
referrer-policy
origin
x-pinterest-rid
1691820910053878
date
Wed, 16 Feb 2022 02:00:20 GMT
content-length
279
akamai-grn
0.cc403617.1644976820.a118adab
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location
https://www.pinterest.ca/ct.html
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
113
pinterest-generated-by
coreapp-webapp-prod-0a03c99c
content-encoding
gzip
pinterest-version
a3b5cfb
referrer-policy
origin
x-pinterest-rid
1228776465247278
date
Wed, 16 Feb 2022 02:00:20 GMT
akamai-grn
0.cc403617.1644976819.a118ab08
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
/
www.facebook.com/tr/ Frame 3D71
0
15 B
Document
General
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.crystalbarsoap.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.crystalbarsoap.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Wed, 16 Feb 2022 02:00:19 GMT
/
www.facebook.com/tr/ Frame 64E3
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.crystalbarsoap.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.crystalbarsoap.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Wed, 16 Feb 2022 02:00:19 GMT
spr-2b44f6fc4993950d95c16d866d5effd0f42c22884d8f9ec5ef347045675aed11.css
productreviews.shopifycdn.com/assets/v4/
17 KB
9 KB
Stylesheet
General
Full URL
https://productreviews.shopifycdn.com/assets/v4/spr-2b44f6fc4993950d95c16d866d5effd0f42c22884d8f9ec5ef347045675aed11.css
Requested by
Host: productreviews.shopifycdn.com
URL: https://productreviews.shopifycdn.com/assets/v4/spr.js?shop=crystal-bar-soap.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2b44f6fc4993950d95c16d866d5effd0f42c22884d8f9ec5ef347045675aed11
Security Headers
Name Value
Content-Security-Policy default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dc
gcp-us-east1
age
22164970
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
server-timing
processing;dur=0, socket_queue;dur=2.609
content-length
8243
x-xss-protection
1; mode=block
x-served-by
cache-bwi5144-BWI, cache-yul12829-YUL
referrer-policy
origin-when-cross-origin
last-modified
Thu, 03 Jun 2021 21:24:46 GMT
x-timer
S1644976820.946788,VS0,VE0
date
Wed, 16 Feb 2022 02:00:19 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public
content-security-policy
default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'
accept-ranges
bytes
x-cache-hits
86, 372631
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/
91 KB
32 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: productreviews.shopifycdn.com
URL: https://productreviews.shopifycdn.com/assets/v4/spr.js?shop=crystal-bar-soap.myshopify.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 05:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Feb 2023 05:12:45 GMT
epb_get_bars
epb.hextom.com/
1 KB
866 B
XHR
General
Full URL
https://epb.hextom.com/epb_get_bars?shop=crystal-bar-soap.myshopify.com
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.88.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-88-197.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
693b0a00468fb2ec603310f0d2ebafa181de2d66bbc6966ed0737c69e9653a33

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:20 GMT
content-encoding
gzip
server
nginx/1.20.0
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.crystalbarsoap.com
access-control-allow-credentials
true
content-length
665
consent-tracking-api.js
cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/
4 KB
2 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-64e843c1303628716d235ee0f58a0645b4455b5066181b3a49b0707594c3fe89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12822-YUL /
Resource Hash
d76bb8ae3fe9c180fff22870f4b361233d037369e7ecca832b71f37fb6f65b10
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crystalbarsoap.com/
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=0.185,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
1497
x-xss-protection
1; mode=block
x-request-id
40a908eab1cc186d5541c0c5c3c3368b
x-served-by
cache-lga21969-LGA, cache-yul12822-YUL
server
cache-yul12822-YUL
x-timer
S1644976820.959748,VS0,VE0
date
Wed, 16 Feb 2022 02:00:19 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-cache-hits
97, 232
app.v1.0.360.js
cdn-swell-assets.yotpo.com/
1 MB
192 KB
Script
General
Full URL
https://cdn-swell-assets.yotpo.com/app.v1.0.360.js
Requested by
Host: cdn-loyalty.yotpo.com
URL: https://cdn-loyalty.yotpo.com/loader/Z-Lp2VTbu3verordQSpEGw.js?shop=crystal-bar-soap.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.223 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D22) /
Resource Hash
7ac92367caf0a608cc27f6e75b967f6a2d55eaf60e518696482b162beb81aca5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:20 GMT
content-encoding
gzip
last-modified
Thu, 06 Jan 2022 15:08:57 GMT
server
ECS (nyb/1D22)
x-amz-meta-s3cmd-attrs
uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1641481736/atime:1641481736/md5:e4057235e120524270d4e411ab9f769e/ctime:1641481736
age
463746
etag
"e4057235e120524270d4e411ab9f769e+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/plain
x-amz-request-id
SJ02A16G6E9AR905
content-length
195938
x-amz-version-id
JCIBrmtx.iRXujMGYHEvUomJwmp6MLah
x-amz-id-2
wh8F+u6SHDDDBXQIgSc43dbCYDTBCJkUywip+6kcqtkPMgZZa041dY6UtKu8g4jkIu7kf6fhUSo=
fender_analytics.db55f76f39e2ce6cf6b9.js
static-tracking.klaviyo.com/onsite/js/
22 KB
8 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/fender_analytics.db55f76f39e2ce6cf6b9.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RMBKns&shop=crystal-bar-soap.myshopify.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f27a8b3d8b6ec3bb240a2bc19a92fb86e2f0ae8f8d011c86a8042f85a12f14ed

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
fHLxAwwiJNxxozrQf8fYi6aSvsoRLR.F
content-encoding
gzip
age
4430
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
7502
x-amz-id-2
Wm4Sj0YscCJrytuKU+K4aBRU/Uf9ZQMqnQT+WG9d73VwhlSHuNTROAHvxdkWkHu30Y5cV74oYt4=
x-served-by
cache-lga21921-LGA, cache-yul12825-YUL
last-modified
Tue, 15 Feb 2022 23:10:29 GMT
server
AmazonS3
etag
"e9b215b0acefcbb56cc34400515c554d"
vary
Accept-Encoding
x-amz-request-id
KJS236WKSHDHXFWD
via
1.1 varnish, 1.1 varnish
cache-control
max-age=2592000, stale-while-revalidate=10800
accept-ranges
bytes
content-type
application/x-javascript
date
Wed, 16 Feb 2022 02:00:20 GMT
x-cache-hits
1, 548
static.2822ab3634ed139e9eed.js
static-tracking.klaviyo.com/onsite/js/
13 KB
6 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/static.2822ab3634ed139e9eed.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RMBKns&shop=crystal-bar-soap.myshopify.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ed76e4217341dabb0fc299a352b95075878d44678c051936175df5f51e810e0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
t98cFAcfiT7oBDCr0zX1pPE1vPqIMaP7
content-encoding
gzip
age
4430
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
5458
x-amz-id-2
jSHNrhjYjL/qoYUAmsOTBWlTO2dxuIcL8obt4bY0e5z+HwTp4BEqdAhYaQNRCQZjnfxaY3HV7Ow=
x-served-by
cache-lga13625-LGA, cache-yul12825-YUL
last-modified
Tue, 15 Feb 2022 23:10:29 GMT
server
AmazonS3
etag
"d2982941f4a48197255794b43fcd6d2b"
vary
Accept-Encoding
x-amz-request-id
KJSC11CA83W3CMJY
via
1.1 varnish, 1.1 varnish
cache-control
max-age=2592000, stale-while-revalidate=10800
accept-ranges
bytes
content-type
application/x-javascript
date
Wed, 16 Feb 2022 02:00:20 GMT
x-cache-hits
1, 547
sharedUtils.b70852ec86792ccd3ae6.js
static.klaviyo.com/onsite/js/
49 KB
15 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.b70852ec86792ccd3ae6.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RMBKns&shop=crystal-bar-soap.myshopify.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e04cc1cecb33c6cb59c5bdc2a7ec38e26289e86360363715009a41940f0adda3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
lWo4zWmmJ42q_3S1GwABCgI2fdm3AwTQ
content-encoding
gzip
age
4430
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
14726
x-amz-id-2
G0friMxX1mp5tGlnVlN76wFeoIupgHDgBatWNrYW1+Z0I8qCV95EnAj6KauKi8A2Ic+qGFWk88U=
x-served-by
cache-lga21963-LGA, cache-yul12824-YUL
last-modified
Mon, 07 Feb 2022 23:27:43 GMT
server
AmazonS3
etag
"c6898718e04a7f3aeab2c0e5eaa0dc58"
vary
Accept-Encoding
x-amz-request-id
VP2NP9RZF3QQW9B6
via
1.1 varnish, 1.1 varnish
cache-control
max-age=2592000, stale-while-revalidate=10800
accept-ranges
bytes
content-type
application/x-javascript
date
Wed, 16 Feb 2022 02:00:19 GMT
x-cache-hits
1, 5746
css
fonts.googleapis.com/
2 KB
415 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:lighter,normal,bold;
Requested by
Host: dhv2ziothpgrr.cloudfront.net
URL: https://dhv2ziothpgrr.cloudfront.net/465397/form_81158.js?ver=1641594377&shop=crystal-bar-soap.myshopify.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0157ef16f507de35a2b47f159c3686f13b7c6757d38d6e02a3062f93127b8f0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 02:00:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 02:00:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 02:00:20 GMT
quick-subscribe-check
subscription-forms.smsbump.com/
102 B
231 B
Fetch
General
Full URL
https://subscription-forms.smsbump.com/quick-subscribe-check
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.154.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-154-98.compute-1.amazonaws.com
Software
/
Resource Hash
b62ed4d0a5dcdc8b33606e50551e498aaea8493b68e0489daf47c4661adc2469

Request headers

Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 16 Feb 2022 02:00:20 GMT
content-length
102
apigw-requestid
NnMcKjtBIAMESvQ=
content-type
text/plain; charset=utf-8
browsing_context_suggestions.json
www.crystalbarsoap.com/
5 KB
4 KB
Fetch
General
Full URL
https://www.crystalbarsoap.com/browsing_context_suggestions.json?source=geolocation_recommendation&country[enabled]=true&country[exclude]=US&currency[enabled]=true&currency[exclude]=USD&language[enabled]=true&language[exclude]=en&
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
8ee9c301ce7e1bfb13da0b91e264f1c83cae37ec482164f90b370ea7a7324477
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-shopify-stage
production
content-type
application/json; charset=utf-8
strict-transport-security
max-age=7889238
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
11125866
x-shardid
48
x-storefront-renderer-rendered
1
server
cloudflare
x-frame-options
DENY
content-language
en
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept
x-download-options
noopen
x-shopid
11125866
x-request-id
95b5af8c-3750-4b0d-bac5-972cc12df982
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray
6de32e857ab7544f-YYZ
x-sorting-hat-podid
48
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:lighter,normal,bold;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.crystalbarsoap.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:29:28 GMT
x-content-type-options
nosniff
age
541852
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:29:28 GMT
subscription
webpush.pushapis.xyz/v2/push/
0
0
Fetch
General
Full URL
https://webpush.pushapis.xyz/v2/push/subscription
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
application/json
Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

deviceid
8d946d7600724a8c8336a3f251805ac6
date
Wed, 16 Feb 2022 02:00:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RE0opI%2BM8H6GvMAEpSQ%2BSIrVs%2FW9ZY70ILfAvRUNHYKeiuIdmsd7HUDb5M4JLzGuOCXAvsZQPDug4xn4W2Y84SlkNCqrKccMCwi5DrMghntLxR%2BtQkchpDRW%2BDth7MHgB2bnC79Oq4zgeZ%2FV9SWwWU2wWA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.crystalbarsoap.com
access-control-expose-headers
deviceid
access-control-allow-credentials
true
cf-ray
6de32e867a734bc5-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
subscription
webpush.pushapis.xyz/v2/push/ Frame
0
0
Preflight
General
Full URL
https://webpush.pushapis.xyz/v2/push/subscription
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.crystalbarsoap.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Feb 2022 02:00:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.crystalbarsoap.com
access-control-expose-headers
deviceid
access-control-max-age
86400
vary
Origin, Access-Control-Request-Headers
x-powered-by
Express
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNodMcCe%2F1SfQ8Floqju2ZMU1%2BMGyUnQ4DE6fBHcs6mYT8Jk3SRUGv8qMCD%2BtPWot6Zv95UhTJKQNSh4bKSMWEfLveECOpDpjbZXerddff5bbYk2tFBSb3fw4eC7DF65W25pp2ksrVJeGBDC4itcI3QhXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6de32e862bedca53-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cart.js
www.crystalbarsoap.com/
283 B
1 KB
XHR
General
Full URL
https://www.crystalbarsoap.com/cart.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
8f7f8237e3401881ca93b0a55ded4344c3a8f6818fe3199ada74c64da3f58bce
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.crystalbarsoap.com/
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-shopify-stage
production
content-type
text/javascript; charset=utf-8
strict-transport-security
max-age=7889238
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
11125866
x-shardid
48
x-storefront-renderer-rendered
1
server
cloudflare
x-frame-options
DENY
content-language
en
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept
x-download-options
noopen
x-shopid
11125866
x-request-id
ff9c79a5-1721-48fd-a323-2abb9f46dc67
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray
6de32e863c8c544f-YYZ
x-sorting-hat-podid
48
x-cartjs-updatedat
0
/
www.pinterest.ca/_/_/csp_report/ Frame D1D3
0
4 KB
Other
General
Full URL
https://www.pinterest.ca/_/_/csp_report/?rid=1691820910053878
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.196 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-b9a56651bc664d0df172c9598b165500' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=3607049645432029; frame-ancestors 'self' , script-src 'nonce-b9a56651bc664d0df172c9598b165500' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=3607049645432029
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-b9a56651bc664d0df172c9598b165500' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=3607049645432029; frame-ancestors 'self' , script-src 'nonce-b9a56651bc664d0df172c9598b165500' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=3607049645432029
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.cc403617.1644976820.a118afd1
content-security-policy-report-only
script-src 'nonce-b9a56651bc664d0df172c9598b165500' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
84
vary
User-Agent, Accept-Encoding
x-pinterest-rid
3607049645432029
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
a3b5cfb
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Wed, 16 Feb 2022 02:00:20 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a03fdaf
/
www.pinterest.ca/_/_/csp_report/ Frame D1D3
0
4 KB
Other
General
Full URL
https://www.pinterest.ca/_/_/csp_report/?reportonly
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.196 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-d1557cd48e74889914def38fb998c16f' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=2529910106284771; frame-ancestors 'self' , script-src 'nonce-d1557cd48e74889914def38fb998c16f' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=2529910106284771
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-d1557cd48e74889914def38fb998c16f' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=2529910106284771; frame-ancestors 'self' , script-src 'nonce-d1557cd48e74889914def38fb998c16f' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=2529910106284771
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.cc403617.1644976820.a118afd5
content-security-policy-report-only
script-src 'nonce-d1557cd48e74889914def38fb998c16f' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
29
vary
User-Agent, Accept-Encoding
x-pinterest-rid
2529910106284771
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
a3b5cfb
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Wed, 16 Feb 2022 02:00:20 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a03d8bc
/
www.pinterest.ca/_/_/csp_report/ Frame D1D3
0
4 KB
Other
General
Full URL
https://www.pinterest.ca/_/_/csp_report/?reportonly
Requested by
Host: www.crystalbarsoap.com
URL: https://www.crystalbarsoap.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.196 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-00327b50630b6aa2642e55109acf4e19' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=9395568774916499; frame-ancestors 'self' , script-src 'nonce-00327b50630b6aa2642e55109acf4e19' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=9395568774916499
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-00327b50630b6aa2642e55109acf4e19' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=9395568774916499; frame-ancestors 'self' , script-src 'nonce-00327b50630b6aa2642e55109acf4e19' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=9395568774916499
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.cc403617.1644976820.a118afdb
content-security-policy-report-only
script-src 'nonce-00327b50630b6aa2642e55109acf4e19' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
33
vary
User-Agent, Accept-Encoding
x-pinterest-rid
9395568774916499
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
a3b5cfb
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Wed, 16 Feb 2022 02:00:20 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a03e9e5
ca.svg
cdn.shopify.com/static/images/flags/
1 KB
1 KB
Image
General
Full URL
https://cdn.shopify.com/static/images/flags/ca.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
0d78c57d795e496c1419de30c2af44b0d9b3cb96299cf879dcbf08cf9bbf41a4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=0.119,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
579
x-xss-protection
1; mode=block
x-request-id
610025280d1bbe335d180a0e9bfb364b
x-served-by
cache-lga21953-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1644976820.230431,VS0,VE0
date
Wed, 16 Feb 2022 02:00:20 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/static/images/flags/ca.svg>; rel="canonical"
x-cache-hits
1, 20750
collect
webpush.pushapis.xyz/v2/analytics/
0
0
Fetch
General
Full URL
https://webpush.pushapis.xyz/v2/analytics/collect
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
application/json
Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

deviceid
8d946d7600724a8c8336a3f251805ac6
date
Wed, 16 Feb 2022 02:00:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zw7lplRjcDL8nhRIaGNqlC2%2FqJLSOrkzuH%2Fe2DhRNjleJMRImtuhPoz3C%2FnBF7tOXEWGenysDoFr0J7HlprWU3Kfdd%2B9%2BL%2FTnOBL5DA8rbYTqsWI5aaX%2Bj5aI6v9pzuNnyS7Vqf%2BHPwgDFY%2FMxxgan%2BnHw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.crystalbarsoap.com
access-control-expose-headers
deviceid
access-control-allow-credentials
true
cf-ray
6de32e872b2b4bc5-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
collect
webpush.pushapis.xyz/v2/analytics/ Frame
0
0
Preflight
General
Full URL
https://webpush.pushapis.xyz/v2/analytics/collect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.crystalbarsoap.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Feb 2022 02:00:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.crystalbarsoap.com
access-control-expose-headers
deviceid
access-control-max-age
86400
vary
Origin, Access-Control-Request-Headers
x-powered-by
Express
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PT6pEO3E5OvVHt%2BhRL3GZ7Aei1wVyz%2F8nQnjgNmYgIxVjhqEwNBHmLRIl1H23%2BgwWDaDw83saxQRuc1T7nAe7VGO4NcMXCpFxfH2%2BgQ4y6Q8D8Pqs8M4ZFN7%2BCW8PtP14Xc3WVUdNuuqSyAY0T9u4eDRFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6de32e86dcc7ca53-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
loggedincustomer
www.crystalbarsoap.com/apps/
2 B
1 KB
XHR
General
Full URL
https://www.crystalbarsoap.com/apps/loggedincustomer
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.crystalbarsoap.com/
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1,gcp-us-central1
x-shopify-stage
production
content-type
application/json; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
11125866
x-shardid
48
x-storefront-renderer-rendered
1
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=7889238
x-download-options
noopen
content-language
en
x-request-id
cd833c62-3759-45f2-91ba-180a3adb3c61
vary
Accept-Encoding, Accept
x-shopid
11125866
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray
6de32e871e86544f-YYZ
link
<https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-sorting-hat-podid
48
envelope-icon.svg
cdn.bestpush.io/images/
1 KB
1 KB
Image
General
Full URL
https://cdn.bestpush.io/images/envelope-icon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:501a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f20c4cf7259362f36953f4d5b4dd6bbb25327785e59273a06da953e40cf2073b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5759
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 03 Aug 2020 07:46:33 GMT
server
cloudflare
etag
W/"5f27c0d9-461"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVXAupG7m73RzPExUhiOxbpOcuOqRbg%2FgjCvxp75GpXHchHUJaZITctH9q%2F4YdkA0QxydFoIzHqfH%2FQubRgFttPVCnq5yWFUZfxWwuAXqLY0WCeXkg1hE%2FEzjmU6lZuEvkrCIPJpa07859LhtdY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6de32e87ba1bece6-YUL
bootstrap.min.css
cdn-swell-assets.yotpo.com/ Frame 159F
128 KB
17 KB
Stylesheet
General
Full URL
https://cdn-swell-assets.yotpo.com/bootstrap.min.css
Requested by
Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.360.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.223 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D32) /
Resource Hash
d85fdb38867dbfd85d49d3711045f03ba72cccfc3217003f911b34d18a05d580

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:20 GMT
content-encoding
gzip
last-modified
Sat, 03 Nov 2018 07:07:15 GMT
server
ECS (nyb/1D32)
age
83004830
etag
"ac7e8e8ff20e7d843326d71a28ecb087+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=315360000
x-amz-request-id
B9A1295A77B201BC
content-length
16944
x-amz-version-id
null
x-amz-id-2
k7+hcvPur50IyBStgAX39sAwQW26LyNVgNPpte9nriOE+CfQsN4jg7q6xBKpbuik4O2OXhISSZY=
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 159F
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
25803416
cdn-cachedat
2021-03-10 13:26:27
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
898a5586476273b50179fca1a96b41f8
cf-ray
6de32e89d9d67156-YUL
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
css
fonts.googleapis.com/
8 KB
748 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato|Open%20Sans:300,400,700,bold,normal
Requested by
Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.360.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fd711e5777cff97bb6329a229645c5e69fc7901ca3dbf54841ea491dd00c179
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.crystalbarsoap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 02:00:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 02:00:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 02:00:20 GMT
css
fonts.googleapis.com/ Frame 159F
8 KB
748 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato|Open%20Sans:300,400,700,bold,normal
Requested by
Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.360.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fd711e5777cff97bb6329a229645c5e69fc7901ca3dbf54841ea491dd00c179
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 02:00:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 02:00:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 02:00:20 GMT
produce
monorail-edge.shopifysvc.com/v1/
0
575 B
Ping
General
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.crystalbarsoap.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 02:00:20 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dc
gcp-us-central1,us-central1
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
b7495151-37b1-4612-8f97-b41ee4e200ab
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.crystalbarsoap.com
access-control-allow-credentials
true
cf-ray
6de32e8adc5754d9-YYZ
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| structuredClone object| lazySizesConfig object| lazySizes object| Theme object| Shopify object| Currency object| ShopifyPay object| __st boolean| ShopifyPaypalV4VisibilityTracking object| loyaltylion object| lion object| meta string| attr object| ShopifyAnalytics object| gaDevIds object| trekkie function| $ function| jQuery object| _BestPushConfig object| _qevents object| moneyFormats function| formatWithDelimiters function| formatMoney function| getCentsValue function| getMoneyValue object| currencyConverter function| PointerEventsPolyfill function| objectFitImages function| Cookies function| Waypoint function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| TapListener function| imagesLoaded object| Modernizr function| Headhesive function| url function| lazyframe function| Plyr object| featuredCollectionSection object| featuredPromotions object| slideshow object| testimonial object| gallery object| videoSection object| cart object| productPage object| header object| mapFunction object| globalAccordions function| selectCallback boolean| usePageDots object| imageFunctions object| recentlyViewed function| enableLoadMoreButton function| enableLoadMoreProducts function| enableInfiniteScroll function| enableLoadMoreSearch function| enableInfiniteSearchScroll function| hideNoScript undefined| aKeyValue undefined| aCouples object| quickFilter object| searchAutocomplete object| collectionSidebarFilter object| arrowSize string| svgArrowSizeLeft string| svgArrowSizeRight function| isScreenSizeLarge object| utils object| sliderBlock undefined| globalQuickShopProduct object| quickShop object| newsletter_popup object| productMedia object| videoEl string| videoControls object| globalVideoPlayers object| videoPlayers undefined| videosInRecommendedProductsPlayer object| videoFeature function| htmlEncode function| is_touch_device boolean| touch_device function| floatToString string| waypointContextKey object| $container object| $tab object| $content object| instantClick object| InstantClick object| core object| regeneratorRuntime object| yotpoWidgetsContainer object| webpackChunk_loyaltylion_tonks function| EndlessScroll function| Room number| EDGE_RANGE_WIDTH function| getUserMedia object| yotpo function| Yotpo object| JSON2 object| jstz function| EXIF object| Bestpush object| Weblytics function| fbq function| _fbq function| ga string| GoogleAnalyticsObject function| pintrk string| TiktokAnalyticsObject object| ttq object| dataLayer function| gtag function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| _visit object| BOOMR object| webpackJsonp function| setImmediate function| clearImmediate function| applyFocusVisiblePolyfill boolean| _babelPolyfill object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| bugsnag object| ShopifyXR function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| _createForOfIteratorHelper function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| _typeof number| BOOMR_onload number| visuallyReady function| innerShiv function| SPR object| Dovetale function| FlipClockht object| hextom_epb_instance function| epb_import_libraries function| hextom_epb undefined| getScript function| epb_button_on_click function| epb_close_on_click function| epb_button_on_click_v1 function| epb_close_on_click_v1 object| swellConfig object| _learnq string| __klKey object| SMSBumpForm object| LocaleBar object| klaviyoOnsiteJSONP object| SENTRY_RELEASE object| webpackJsonpAutomizelyPageBuilderMain function| swellrequire object| Materia object| User object| OAuth object| jQuery112406416775840770828 object| spapi object| swellAPI object| Swell undefined| any_match string| discount_type object| elements function| toggleSwellModal function| showSwellModal function| closeSwellModal function| showIframe function| hideIframe

35 Cookies

Domain/Path Name / Value
www.crystalbarsoap.com/ Name: secure_customer_sig
Value:
www.crystalbarsoap.com/ Name: localization
Value: US
www.crystalbarsoap.com/ Name: cart_currency
Value: USD
.crystalbarsoap.com/ Name: _orig_referrer
Value:
.crystalbarsoap.com/ Name: _landing_page
Value: %2F
.crystalbarsoap.com/ Name: _y
Value: d0e9d00e-7088-42a8-a286-424b911a7f18
.crystalbarsoap.com/ Name: _s
Value: ec2d76aa-3cd6-4b5d-a17f-f3c84d3eedd7
.crystalbarsoap.com/ Name: _shopify_y
Value: d0e9d00e-7088-42a8-a286-424b911a7f18
.crystalbarsoap.com/ Name: _shopify_s
Value: ec2d76aa-3cd6-4b5d-a17f-f3c84d3eedd7
.crystalbarsoap.com/ Name: _tracking_consent
Value: %7B%22v%22%3A%222.0%22%2C%22con%22%3A%7B%22CCPA%22%3A%22%22%2C%22GDPR%22%3A%22%22%7D%2C%22lim%22%3A%5B%22CCPA%22%2C%22GDPR%22%5D%2C%22reg%22%3A%22%22%7D
.crystalbarsoap.com/ Name: _shopify_tm
Value:
.crystalbarsoap.com/ Name: _shopify_tw
Value:
.crystalbarsoap.com/ Name: _shopify_m
Value: persistent
www.crystalbarsoap.com/ Name: _sp_id.bc6f
Value: 147a579b953feb16.1644976819.1.1644976819.1644976819
www.crystalbarsoap.com/ Name: _sp_ses.bc6f
Value: *
.crystalbarsoap.com/ Name: _shopify_sa_t
Value: 2022-02-16T02%3A00%3A18.879Z
.crystalbarsoap.com/ Name: _shopify_sa_p
Value:
.yotpo.com/ Name: pixel
Value: 24d96521-6359-4397-421c-383e16e76d77
.quantserve.com/ Name: mc
Value: 620c5ab3-04d3e-dad6d-27c33
.crystalbarsoap.com/ Name: _ga
Value: GA1.2.1049241858.1644976819
.crystalbarsoap.com/ Name: _gid
Value: GA1.2.348181216.1644976819
.crystalbarsoap.com/ Name: _gat
Value: 1
.crystalbarsoap.com/ Name: __qca
Value: P0-709044845-1644976819000
www.crystalbarsoap.com/ Name: shopify_pay_redirect
Value: pending
.crystalbarsoap.com/ Name: _gcl_au
Value: 1.1.284187313.1644976819
.crystalbarsoap.com/ Name: _fbp
Value: fb.1.1644976819399.179902526
.crystalbarsoap.com/ Name: _pin_unauth
Value: dWlkPU5ERTRNVFk0WkRndE5EWm1NQzAwTURrMUxUa3pNREF0TXprMU5UWmhaakJoWldZMw
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSYwaFFHa0phUDZiZXhkdGw1dUNWTnkxOXVWNE02Sm5xdE9hek9OaG5SQXo5bVZLQnlpQkxpQzNDb0JKSTYrVzk0NEI2MDd4SjhYL1JkSTcwZzVRWXpQS1lzQWh5Yk9VYVU4Rm1CaVNzcllIVT0mUkhVMlZBQk5POE5Fbmc4MUJ5MndGWVVEZ0g4PQ=="
.facebook.com/ Name: fr
Value: 0WUsuNKetoVRKB7Av..BiDFqz...1.0.BiDFqz.
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.crystalbarsoap.com/ Name: epb_previous_pathname
Value: /
www.crystalbarsoap.com/ Name: __kla_id
Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2NDQ5NzY4MjAsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmNyeXN0YWxiYXJzb2FwLmNvbS8ifSwiJGxhc3RfcmVmZXJyZXIiOnsidHMiOjE2NDQ5NzY4MjAsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmNyeXN0YWxiYXJzb2FwLmNvbS8ifX0=
www.pinterest.ca/ Name: _pinterest_sess
Value: TWc9PSYrd1JBajJ1SjZzOTljZGV6Q2locnNxK1RHSGtWSEFQNVkySis0NU41U0drZzA2YmEraThJKzQzQkR2VllPNXNnZHNEaElpV2w3WXRkK2RiN2dGWU9jdEhMTnpUdGlBOHQwQXVaSUxxNExDND0mbFVlRnVHWGxxcUR0Q3RYR0NaREVHMm9PbDFBPQ==
www.crystalbarsoap.com/ Name: smsbump_form_pages_session81158
Value: 1
www.crystalbarsoap.com/ Name: smsbump_form_pages_unique_session81158
Value: https://www.crystalbarsoap.com/

3 Console Messages

Source Level URL
Text
other warning URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71)
Message:
Unrecognized feature: 'attribution-reporting'.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-de4092f941db2cfe37aa48b89e2a6385' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.tiktok.com
app.restock-alerts.com
cdn-loyalty.yotpo.com
cdn-swell-assets.yotpo.com
cdn-widget-assets.yotpo.com
cdn-widgetsrepository.yotpo.com
cdn.bestpush.io
cdn.hextom.com
cdn.shopify.com
connect.facebook.net
ct.pinterest.com
d2wy8f7a9ursnm.cloudfront.net
dhv2ziothpgrr.cloudfront.net
dttrk.com
epb.hextom.com
fonts.googleapis.com
fonts.gstatic.com
fonts.shopifycdn.com
geolocation-recommendations.shopifycloud.com
googleads.g.doubleclick.net
loyalty.yotpo.com
maxcdn.bootstrapcdn.com
monorail-edge.shopifysvc.com
p.yotpo.com
pixel.quantserve.com
productreviews.shopifycdn.com
rules.quantcount.com
s.pinimg.com
s3-us-west-2.amazonaws.com
sdk.loyaltylion.net
secure.quantserve.com
sessions.bugsnag.com
shop.app
static-tracking.klaviyo.com
static.klaviyo.com
staticw2.yotpo.com
stats.g.doubleclick.net
subscription-forms.smsbump.com
tinyurl.com
webpush.pushapis.xyz
widgets.automizely.com
www.crystalbarsoap.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.pinterest.ca
www.pinterest.com
104.16.254.71
142.251.40.194
151.101.130.133
151.101.2.133
18.214.154.98
192.229.163.223
23.198.216.196
23.216.132.67
23.227.38.32
23.227.38.33
2600:1400:d:492::1931
2600:1400:d:581::1d72
2600:1400:d:585::1d72
2600:1901:0:7a0b::
2600:9000:2140:7400:6:44e3:f8c0:93a1
2600:9000:2209:c00:12:cbd9:89c0:21
2600:9000:2209:e600:1:427b:a440:93a1
2606:4700:10::ac43:1e1
2606:4700:3032::6815:501a
2606:4700:3032::ac43:b773
2606:4700:3035::ac43:cf21
2606:4700:3036::ac43:d5f9
2606:4700::6812:bcf
2606:4700::6813:a866
2607:f8b0:4006:809::2003
2607:f8b0:4006:809::200e
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80b::2008
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81f::200a
2607:f8b0:4006:824::2003
2607:f8b0:4023:1402::9b
2620:116:800b:21:44af:4f54:8af4:5563
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::268
3.223.88.197
34.139.78.128
34.197.160.218
52.0.73.255
52.218.178.144
52.85.61.129
54.230.244.62
0157ef16f507de35a2b47f159c3686f13b7c6757d38d6e02a3062f93127b8f0c
01d65edfab1959d0191d82d7ecbb913d284656473c3bbe7396ff16075d23829e
024029328b735f32b5c5c91a3154e9aa66a1a8737d1e8666cae68fdf84514f27
0301ac2c1af7df93f48f367546b53c2cfbcda3581cd19ee5354227b33966afb8
0577e96d6b9664ae0a07c0fdb5c2f13deb89c3cd85034cb8b2f5589d2acf9853
07323a01c0b955284041a6a883e72d6453c8904d37c42543eefe643389782aba
07b85e8de316c3c9fe1934056e024cf909949970c245899d42af924bc086e6db
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09d39eecddc0d69d47cf6b5531c43f61f8115ba327cd87ca4f46b04e505be1bc
09d7475285219049ab5d66f610d2b08a86b88e317d62b96de43f50427577463a
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bc6696733a73498596ee70b895de68b3646c53fae8c47eb374592c6753fabbb
0d78c57d795e496c1419de30c2af44b0d9b3cb96299cf879dcbf08cf9bbf41a4
0dbbfd2740c7e2633fc1a6cc03f517851942ea2fc4ddc188d32c80595690d8a7
0fd1bb71866f9aec24f3ffc50c4f985e5fe2f5d0343dcf6b8470a6079aead360
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12e9c00c05589f43db27d8d5a52fb64d04cd566f99ba1b39e71d5b4edfff6f03
15c6477e57fc9d5c9b4ac1d1d2afd4ff1e529ceec38febb8ff15ae35a76170c8
17f7cfecccd18d6e3713fd43b2b9b5b0aac932d634e62fe56a7861450045a9f0
1b648b5abb0fdd9899373a0a0959b458afeb3f158c130da15541153e1ac413f6
1dba5bc33d0ebd00051f1348154343ad0dcd3ef8db61f5c3a815f2f3780e5f0c
1ff89dc2c0470e48ecd417a81c4662fb32707b432743af6385d00d19010c5eb2
2233a4c553461dafb2749167e57714372b4076caf40e878d445b5be83e8b85ca
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2845c4281b9bd9f98de9d9c2e2b9e1df03e8803e5add3149f9dfff0b11942400
2b40e69b4b5c337e07359025eb264e9125b5228ed972eb8f0f95785a520af271
2b44f6fc4993950d95c16d866d5effd0f42c22884d8f9ec5ef347045675aed11
2c51a79020944fa91c50bca5deefc2856a1097f875a70339deaf195b61e011e5
2e650e445ac0b2eade36e91e10055da2ff789caa4d8fb4ebf4dff891bd90adfc
34677893e517cafd730303991928856dea0f7563b13692bb80380f26a71c49a6
3499ce2f80fa3ee8051c47973a41376374e85d9fe3f03d4b05a1ae50bd83bd97
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3fb8c2820950509a9f3a66e21a9065c9452f81849cb0c55a75071b28f04456b4
3fd711e5777cff97bb6329a229645c5e69fc7901ca3dbf54841ea491dd00c179
415bd157fb4205e6696eb88a80c314d6e29223afcafa1c2d8cb1af30312a9b6f
41afb86fcad5cb68d3e8a031b0997872088dbde78261d8644b6b2ca1e37b96f5
42becabcd9b2995ba688c5641a62e44912a49eb170046578867b7e897de874e4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4861d578315cd3375ac2a1af841015c8974e4164ba69bca60b45da7b5203c8c2
49b236e261ab3b02c0c935076af0b43e1566863a6f8aee15349b3d3486e553fb
49ce1bcc8000a9164713bc621adaf0252c7b8de2ba0f6ab08abf6e60cb9ea827
5166c56477c1b9717b8a5b9ab2d6aa7d96e652ad154d4a34f467221207d54825
529747954d561c5b1c344cb06fa59f1548b43b093aed438e1e252b1d262176f3
535d7ade94b74fa97118b56935014af927d876f81e682cd9235fbd5c1415d4bd
5392749346886c71389a5c30b9c484d1b1f7aaeacbb1e3f06a5d38193a7d579e
5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e
5d6281d8b29f81e221f79d932ddd95b97b6aa36e98647f3ba24000acb4c09922
64e843c1303628716d235ee0f58a0645b4455b5066181b3a49b0707594c3fe89
653dc7c0a74d3df6a4bdfa0d890c73d9a42d63706595cc0f748af5e25948f029
65ed3c26839389dba93131008b1b4b7479c608bfd982a6ae5f30dd9397432dd1
693b0a00468fb2ec603310f0d2ebafa181de2d66bbc6966ed0737c69e9653a33
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
749404d3370da96ba2400ce440c07184271444285afc9111693b83f5d38eaacc
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ac92367caf0a608cc27f6e75b967f6a2d55eaf60e518696482b162beb81aca5
819bd7150c843eeba4f4289f9ad3c97e3064d1ec9598c8a3ddad66d5a035cf7a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86d8b086af0fc30d06856e218fcfdb6b803f91b45f50b1b753d8deac627fc054
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
886532dfdf7e05ebafec1fb6f08f1bef3f06f64e258c4a347fb5f40a509b1247
8964ec4d91c53ecf72fd9459fa1ab0f477ffb1407f871c1206085c83ebe6c273
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8ed76e4217341dabb0fc299a352b95075878d44678c051936175df5f51e810e0
8ee9c301ce7e1bfb13da0b91e264f1c83cae37ec482164f90b370ea7a7324477
8f7f8237e3401881ca93b0a55ded4344c3a8f6818fe3199ada74c64da3f58bce
9076624955d7ac5882cc5a8fe14c175af7e36e148fe9f8184fab7db57064baae
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9273ed15dad007049caf8f9bcf8cc7e3fa3dd8c0dde8f39c4234807ea9025a7c
93d2c513238194a5e85c0036684985698a8c2f8e4755225fb574d014ba948287
96c5b7db792466a79b9ed86953e77df86977c4ebb3d83015f30f56c852395c70
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9c3944b769ddf44d71901f79e6c659631ac29553689e0fde093be7e0636625fd
a058d9d94ada96e8f0b737c7d8e8296a81eb060359c8425a1dc9191bc427b029
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a27262d18290667944abecd62f7c89a24441ff29e26a2b4de33f9a97684a0b50
a7402a359a5878e713899e84f3ac39d773be6d2ea607e484a4e39d4c3a75dfac
acb1f015581aabdd366f652bfa16c33ea9d6d48abd18cee0c96214dfe71497f4
ae5be089809e50cbb4f2f7cf35cd42b08b326a0cd4222ebd591e0826ebb91da0
af15906bac622388316153c7c87feadaddd03abf440b24572adad362f3440715
b110428c2cf2bb0bab8390f3e58b7961de970b7da528b93cafddf5378bb7cf65
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8
b62ed4d0a5dcdc8b33606e50551e498aaea8493b68e0489daf47c4661adc2469
b63a13136dbc7297111ab64c6963769c3f9238c58d0a6223dce12641233fca06
ba6bea9dd23d3c2e47db4440a839369e4038d917551ff2ebac07c756973cd854
bc5c0f79f6c4eafeb30a3d06ba8a26a9d56dea6f658de88ea507b5cbebf734ac
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c94b380b23820201e77f21db8f7022b6bf099bd12d1e7ce0b033703d9aa22f99
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
c9ee86a7b0b180b7d255d349407d6a9a5d3e94e3867cd82e713c7d00060edba6
ca99242fe2f77a14e939c0aac7d15863225ce682cd592411f75b64bd5a647f67
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
d4f9c342fb3353d2253bd0d737c0bc5fe312180f152bb2e2ccb9121b6ff5c195
d76bb8ae3fe9c180fff22870f4b361233d037369e7ecca832b71f37fb6f65b10
d85fdb38867dbfd85d49d3711045f03ba72cccfc3217003f911b34d18a05d580
dd3f188b47ddc1459e9782b345d6a08983b72b18f30f921f010dd1c071243796
de8c0995b897a17da73adb4d21467bac8f270d366e277eaf57fd9ffb231de8d7
ded3cc824f7bd6d490d247ad247bc13cd3205f3dca15e6afa78610dc8a4d1143
df32ef3634d35ca0f8183ab6b6e45e6fa95948d7925625724180f2bc1057d24e
e04cc1cecb33c6cb59c5bdc2a7ec38e26289e86360363715009a41940f0adda3
e0f382683644daac805cf635762b2155802c2738e2a6d981c82b1d424ced4715
e1ac75c6ac44641a54af8846226c0d4166fd27a0a7756ea33fcac6d7a3d365e0
e1eab061d1b9f4ed8ec06e875ee8d258a21097feb2b451518290e7f70288aaba
e2e894921b3bb71a87e19499befbe12e2f19c18f9d4419ec679777100ae30f56
e368e55a7cfb23084f46da05742a25a68df2de08001cf191a05e3619da0f5b16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4294b8c5bf1bb81e3e1cdc6f13bed29c8a4707f65a9b113ebd6fe6c3cf01c61
e6ce3ce3d3cdb82223925f9031ed2a9af9c3794639252d2c452825b9e3306f8a
ebb6f81cf4af0ef5f8d57405761efca67b7a808502d84bbdfd01dddc5bf0ae5c
eeccf335cc5da1f19942fdb74a71afdee99dfc270cbcc6472cf4f51a58c597fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f20c4cf7259362f36953f4d5b4dd6bbb25327785e59273a06da953e40cf2073b
f27a8b3d8b6ec3bb240a2bc19a92fb86e2f0ae8f8d011c86a8042f85a12f14ed
fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e
fcd78ef33750d69af00b47b1751e0aa2781036e062ffc692e57e59790b6101ca
fef3eb33c4dac17519bd73f687b14f4f92d69567b25ff9e295142f2b7077a786
ff9ad0d0849f856b0b2d92058b684527bf845bf7f25cc0c3d25af8c7ba624cd3