URL: https://weare.lush.com/
Submission: On September 18 via manual from JP — Scanned from JP

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 46 HTTP transactions. The main IP is 2606:4700::6812:de71, located in United States and belongs to CLOUDFLARENET, US. The main domain is weare.lush.com.
TLS certificate: Issued by WE1 on August 17th 2024. Valid for: 3 months.
This is the only time weare.lush.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
28 lush.com
weare.lush.com
1 MB
5 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 2715
2 MB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
249 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
td.doubleclick.net — Cisco Umbrella Rank: 189
253 B
1 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 26138
63 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 140
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 onldspk.cc
assets.onldspk.cc
6 KB
46 10
Domain Requested by
28 weare.lush.com weare.lush.com
5 res.cloudinary.com weare.lush.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com weare.lush.com
www.googletagmanager.com
1 www.google.co.jp weare.lush.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com weare.lush.com
1 assets.onldspk.cc weare.lush.com
46 11

This site contains links to these domains. Also see Links.

Domain
lush.pinpointhq.com
www.lush.com
Subject Issuer Validity Valid
lush.com
WE1
2024-08-17 -
2024-11-16
3 months crt.sh
*.google-analytics.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
onldspk.cc
WE1
2024-09-03 -
2024-12-02
3 months crt.sh
upload.video.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.gstatic.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2
2024-04-23 -
2025-05-25
a year crt.sh
*.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.g.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.google.co.jp
WR2
2024-08-12 -
2024-11-04
3 months crt.sh

This page contains 2 frames:

Primary Page: https://weare.lush.com/
Frame ID: 8EFC4E65D01D31241101A4A76742E945
Requests: 47 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-WDDPNWP9KX&gacid=305571349.1726639857&gtm=45je4990v9112149620za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1398189473
Frame ID: 486D22D3DE56699D838182B307171E46
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

We are Lush — And this will be the company we want it to be

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

46
Requests

100 %
HTTPS

77 %
IPv6

10
Domains

11
Subdomains

14
IPs

3
Countries

3842 kB
Transfer

8951 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
weare.lush.com/
156 KB
26 KB
Document
General
Full URL
https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
65fbd55a9cf38ce19192f5a1f59a30af4caf2c02fae7b951b5b06f32ed7e3eb4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c4f2cfcded1f6b9-NRT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 18 Sep 2024 06:10:56 GMT
link
<https://weare.lush.com/wp-json/>; rel="https://api.w.org/", <https://weare.lush.com/wp-json/wp/v2/pages/5361>; rel="alternate"; type="application/json", <https://weare.lush.com/>; rel=shortlink
nimbus-cache
HIT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
NIMHOST
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
sidebar.css
weare.lush.com/wp-content/mu-plugins/weareblocks/build/meta/
395 B
394 B
Stylesheet
General
Full URL
https://weare.lush.com/wp-content/mu-plugins/weareblocks/build/meta/sidebar.css?ver=6.4.5
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
3f117548bac568e3834835bc4598d5a97a757c4f19cf52f09c33d72e494963db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=0; includeSubDomains
age
819
cf-polished
origSize=396
x-powered-by
NIMHOST
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
cf-bgj
minify
last-modified
Thu, 23 Jun 2022 13:38:11 GMT
server
cloudflare
etag
W/"18c-5e21d90998608-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
nimbus-cache
HIT
cf-ray
8c4f2cfec96cf6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
style-pagestemplate.css
weare.lush.com/wp-content/mu-plugins/weareblocks/build/templates/
2 KB
965 B
Stylesheet
General
Full URL
https://weare.lush.com/wp-content/mu-plugins/weareblocks/build/templates/style-pagestemplate.css?ver=0.1.0
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
31482fef13771a9276a24b55a2108b80a5c9e723d96523e3a7b504f3e6694610
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=0; includeSubDomains
age
819
cf-polished
origSize=2485
x-powered-by
NIMHOST
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
cf-bgj
minify
last-modified
Thu, 04 Apr 2024 10:59:47 GMT
server
cloudflare
etag
W/"9b5-615433cd11255-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
nimbus-cache
HIT
cf-ray
8c4f2cfec96ff6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
style-searchpressreleases.css
weare.lush.com/wp-content/mu-plugins/weareblocks/build/sections/
2 KB
925 B
Stylesheet
General
Full URL
https://weare.lush.com/wp-content/mu-plugins/weareblocks/build/sections/style-searchpressreleases.css?ver=0.1.0
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
e5f886c8534bbb69d1bdf0a6fe8dcfcb1f78d215f71b65509b3ef9a1bd287a4e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=0; includeSubDomains
age
819
cf-polished
origSize=2408
x-powered-by
NIMHOST
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
cf-bgj
minify
last-modified
Thu, 04 Apr 2024 10:59:47 GMT
server
cloudflare
etag
W/"968-615433cd102b5-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
nimbus-cache
HIT
cf-ray
8c4f2cfec970f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
style.css
weare.lush.com/wp-content/themes/wearelush/dist/
67 KB
14 KB
Stylesheet
General
Full URL
https://weare.lush.com/wp-content/themes/wearelush/dist/style.css?id=cf4fb55fa198c49bb147e1b0c2e5482c&ver=6.4.5
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
26d9f2e550861802d6b4f40ccb84f3d733476a805578f9264c776b4355882d5d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=0; includeSubDomains
age
819
cf-polished
origSize=68425
x-powered-by
NIMHOST
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
cf-bgj
minify
last-modified
Thu, 04 Apr 2024 11:03:05 GMT
server
cloudflare
etag
W/"10b49-6154348a09ec0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
nimbus-cache
HIT
cf-ray
8c4f2cfec972f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
wp-polyfill-inert.min.js
weare.lush.com/wp-includes/js/dist/vendor/
8 KB
3 KB
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
818
x-powered-by
NIMHOST
content-length
2484
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 02 Nov 2023 08:22:22 GMT
server
cloudflare
etag
"1feb-609271648b011-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfec974f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
regenerator-runtime.min.js
weare.lush.com/wp-includes/js/dist/vendor/
6 KB
3 KB
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
819
x-powered-by
NIMHOST
content-length
2502
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 08 Feb 2024 16:04:11 GMT
server
cloudflare
etag
"19e1-610e0f6575e83-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfec975f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
wp-polyfill.min.js
weare.lush.com/wp-includes/js/dist/vendor/
112 KB
35 KB
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
1899
x-powered-by
NIMHOST
content-length
35888
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 08 Feb 2024 16:04:11 GMT
server
cloudflare
etag
"1c1b7-610e0f6575e83-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfed977f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
react.min.js
weare.lush.com/wp-includes/js/dist/vendor/
10 KB
4 KB
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/vendor/react.min.js?ver=18.2.0
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
38f8206d84ed8658e4f4fee5a71d757d475b03767e5e7eb1e7cb770f6ab2cd3e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
1899
x-powered-by
NIMHOST
content-length
4155
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 02 Nov 2023 08:22:22 GMT
server
cloudflare
etag
"2971-6092716488131-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfed979f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
hooks.min.js
weare.lush.com/wp-includes/js/dist/
5 KB
2 KB
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
818
x-powered-by
NIMHOST
content-length
1567
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 02 Nov 2023 08:22:22 GMT
server
cloudflare
etag
"1213-6092716475850-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfed97bf6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
deprecated.min.js
weare.lush.com/wp-includes/js/dist/
729 B
572 B
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/deprecated.min.js?ver=73ad3591e7bc95f4777a
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
37720dbcab5427116c276e8b750bb4a7da41a7d3d5662ccdf92a3fee530fc28d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
1899
x-powered-by
NIMHOST
content-length
456
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 02 Nov 2023 08:22:22 GMT
server
cloudflare
etag
"2d9-609271647d550-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfed97cf6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
dom.min.js
weare.lush.com/wp-includes/js/dist/
13 KB
5 KB
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/dom.min.js?ver=49ff2869626fbeaacc23
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
fa3159ad1e5deb4efdc091354d34e2fcbc511a9a2778775384786425af09b8c8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
1899
x-powered-by
NIMHOST
content-length
4722
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 08 Feb 2024 16:04:11 GMT
server
cloudflare
etag
"3317-610e0f65700c3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfed97df6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
react-dom.min.js
weare.lush.com/wp-includes/js/dist/vendor/
126 KB
41 KB
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=18.2.0
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
efce7d4dfdff6ca56599601f0d4fdd12a19fd7e448109fddfad9a9a0f10df6e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
1899
x-powered-by
NIMHOST
content-length
42012
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 02 Nov 2023 08:22:22 GMT
server
cloudflare
etag
"1f975-609271648b011-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfed97ef6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
escape-html.min.js
weare.lush.com/wp-includes/js/dist/
1 KB
687 B
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/escape-html.min.js?ver=03e27a7b6ae14f7afaa6
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
cfb6ea70d464c88b03728fe77f38a7400f7a3b1b5b0eaaae5817844d730e8cbd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
1899
x-powered-by
NIMHOST
content-length
544
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 02 Nov 2023 08:22:22 GMT
server
cloudflare
etag
"473-609271648bfb1-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfed97ff6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
element.min.js
weare.lush.com/wp-includes/js/dist/
12 KB
5 KB
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/element.min.js?ver=ed1c7604880e8b574b40
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
21826e531e656e94ed03199882cdc37f4af9946aeed1a3f63c1e9218ae8142f5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
818
x-powered-by
NIMHOST
content-length
5002
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 02 Nov 2023 08:22:22 GMT
server
cloudflare
etag
"3169-6092716472970-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfed981f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
is-shallow-equal.min.js
weare.lush.com/wp-includes/js/dist/
1 KB
695 B
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/is-shallow-equal.min.js?ver=20c2b06ecf04afb14fee
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
b09bdbf565d50102894b31146a8ecea9cff952ed9a365753185ce4b22fd818cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
1899
x-powered-by
NIMHOST
content-length
529
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 02 Nov 2023 08:22:22 GMT
server
cloudflare
etag
"449-609271648def1-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfed983f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
i18n.min.js
weare.lush.com/wp-includes/js/dist/
9 KB
4 KB
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
818
x-powered-by
NIMHOST
content-length
3692
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 02 Nov 2023 08:22:22 GMT
server
cloudflare
etag
"24e5-6092716480431-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfed985f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
keycodes.min.js
weare.lush.com/wp-includes/js/dist/
4 KB
2 KB
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/keycodes.min.js?ver=3460bd0fac9859d6886c
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
100cc029535a3be566618b073bb9815fea13ea722b029fd858b3a466396d50f5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
1899
x-powered-by
NIMHOST
content-length
1833
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 02 Nov 2023 08:22:22 GMT
server
cloudflare
etag
"fbf-609271647c5b0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfed987f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
priority-queue.min.js
weare.lush.com/wp-includes/js/dist/
3 KB
2 KB
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/priority-queue.min.js?ver=422e19e9d48b269c5219
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
a21da61d636ea66bd58bb96e3ddb6c249c9d6f47fe371d084c71bee2099444f1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
1899
x-powered-by
NIMHOST
content-length
1525
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 02 Nov 2023 08:22:22 GMT
server
cloudflare
etag
"d72-609271648cf51-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfed988f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
compose.min.js
weare.lush.com/wp-includes/js/dist/
37 KB
13 KB
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/compose.min.js?ver=3189b344ff39fef940b7
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
3cca5cf5bfa14b32647fc12c6e52b050c2504f12794184725a74f49fe68e84d9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
818
x-powered-by
NIMHOST
content-length
12771
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 08 Feb 2024 16:04:11 GMT
server
cloudflare
etag
"92ae-610e0f656b2a3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfed989f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
primitives.min.js
weare.lush.com/wp-includes/js/dist/
2 KB
1 KB
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/primitives.min.js?ver=6984e6eb5d6157c4fe44
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
dcef257b2daa8e3cf39bbb7e682704a20c59c0f2e5e9a50522cf1e8b818ac54c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
818
x-powered-by
NIMHOST
content-length
1116
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 08 Feb 2024 16:04:11 GMT
server
cloudflare
etag
"9db-610e0f657aca4-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfed98bf6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
plugins.min.js
weare.lush.com/wp-includes/js/dist/
4 KB
2 KB
Script
General
Full URL
https://weare.lush.com/wp-includes/js/dist/plugins.min.js?ver=c485ff6186cdddabcf91
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
a5269d439e2aa47977f00c5f081bd67aaeac593fb08b41a55f49a30c0ba23bbb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
1899
x-powered-by
NIMHOST
content-length
1802
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 08 Feb 2024 16:04:11 GMT
server
cloudflare
etag
"10f6-610e0f656e183-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2cfed98ff6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
js
www.googletagmanager.com/gtag/
212 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-93585949-38
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81f::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
55ea5e0fdcf9316bb1570d4115f076b13a53ab2b2ae69bad55326caab6977cd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77710
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 18 Sep 2024 06:10:56 GMT
main.js
weare.lush.com/wp-content/themes/wearelush/dist/
320 KB
95 KB
Script
General
Full URL
https://weare.lush.com/wp-content/themes/wearelush/dist/main.js?id=6a6f898cbb65a15719af852d52f1de7a&ver=6.4.5
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
35cb2cf97a6c66b0179e27e5c95617e22125a13e273a081b5361000df0ead636
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=0; includeSubDomains
age
816
cf-polished
origSize=327546
x-powered-by
NIMHOST
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
cf-bgj
minify
last-modified
Thu, 04 Apr 2024 10:59:43 GMT
server
cloudflare
etag
W/"4ff7a-615433c935d33-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
nimbus-cache
HIT
cf-ray
8c4f2cfed991f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
embed.js
assets.onldspk.cc/assets/
14 KB
6 KB
Script
General
Full URL
https://assets.onldspk.cc/assets/embed.js
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f5167232ba44767a2835ed87d6fbe7d6b211a1abbc93ddc199219ae02845cd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
668090
cf-polished
origSize=14249
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1721124682&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=8GVznd3lHfFOVJwjh6ZB%2BDsRgxJ91%2FD289dQhf4z3bo%3D
cf-bgj
minify
last-modified
Mon, 15 Jul 2024 09:10:34 GMT
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1721124682&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=8GVznd3lHfFOVJwjh6ZB%2BDsRgxJ91%2FD289dQhf4z3bo%3D"}]}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8c4f2d00fc308099-NRT
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/wp-content/themes/wearelush/dist/style.css?id=cf4fb55fa198c49bb147e1b0c2e5482c&ver=6.4.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c00::5f Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8910eb7147c93440e1664fa8d3f0a992d6b2dfbbe20d4b05f448a26a7869f85e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 18 Sep 2024 05:25:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Sep 2024 06:10:56 GMT
gtm.js
www.googletagmanager.com/
203 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTXWPV7
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81f::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0629e8915ed2b42422da402d63254658233386a57b041be477137b8586b8aa9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74988
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 18 Sep 2024 06:10:56 GMT
truncated
/
252 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9419f750f00df685ba52ca8554ee9b8f472e57099275f05776c93d1c8e2ffd21

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
right-arrow.svg
weare.lush.com/wp-content/themes/wearelush/img/icons/
970 B
537 B
Image
General
Full URL
https://weare.lush.com/wp-content/themes/wearelush/img/icons/right-arrow.svg
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/wp-content/themes/wearelush/dist/style.css?id=cf4fb55fa198c49bb147e1b0c2e5482c&ver=6.4.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
32d2a47f18c51028f37d8319def31044e08b0c3d4979722b839369336fac7ad6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/wp-content/themes/wearelush/dist/style.css?id=cf4fb55fa198c49bb147e1b0c2e5482c&ver=6.4.5
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains
age
816
x-powered-by
NIMHOST
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Wed, 27 Apr 2022 16:07:56 GMT
server
cloudflare
etag
W/"3ca-5dda5032c0a03"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
nimbus-cache
HIT
cf-ray
8c4f2d00bbbbf6b9-NRT
expires
Wed, 18 Sep 2024 10:10:56 GMT
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://weare.lush.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 14:52:01 GMT
x-content-type-options
nosniff
age
487135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48444
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Sep 2025 14:52:01 GMT
truncated
/
441 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a0ec823f43eab5d5e008983923508c62b1c53d2fcff5784297c941090fde4e4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
LushHandwritten_WLat_Rg.woff
weare.lush.com/wp-content/themes/wearelush/fonts/
60 KB
60 KB
Font
General
Full URL
https://weare.lush.com/wp-content/themes/wearelush/fonts/LushHandwritten_WLat_Rg.woff
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/wp-content/themes/wearelush/dist/style.css?id=cf4fb55fa198c49bb147e1b0c2e5482c&ver=6.4.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
f515f1c6a4546f227dacabc4c6e2c0cdb15158ee1e0e5d7686fa00f7d3fc417e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/wp-content/themes/wearelush/dist/style.css?id=cf4fb55fa198c49bb147e1b0c2e5482c&ver=6.4.5
Origin
https://weare.lush.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:57 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=0; includeSubDomains
x-powered-by
NIMHOST
content-length
61684
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
last-modified
Thu, 04 Apr 2024 11:03:05 GMT
server
cloudflare
etag
"f0f4-6154348a0ae60"
vary
Accept-Encoding
content-type
font/woff
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2d010c0ef6b9-NRT
expires
Wed, 18 Sep 2024 10:10:57 GMT
fathers_day_banner_2022_2000x1364-1-scaled.jpg
weare.lush.com/wp-content/uploads/2022/05/
406 KB
406 KB
Image
General
Full URL
https://weare.lush.com/wp-content/uploads/2022/05/fathers_day_banner_2022_2000x1364-1-scaled.jpg
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
2bf717dd1ffaa71e7584ba8c9f286b0f10f3bebb45cc79f9982247c2c8dfb083
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:57 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=0; includeSubDomains
cf-polished
origSize=431987
x-powered-by
NIMHOST
content-length
415294
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
cf-bgj
imgq:100,h2pri
last-modified
Wed, 23 Aug 2023 12:59:14 GMT
server
cloudflare
etag
"69773-60396adbb242f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2d010c16f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:57 GMT
lush_oxford_street_shop_opening_75-1-1-scaled-2.jpg
weare.lush.com/wp-content/uploads/2021/11/
731 KB
732 KB
Image
General
Full URL
https://weare.lush.com/wp-content/uploads/2021/11/lush_oxford_street_shop_opening_75-1-1-scaled-2.jpg
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
9add91804e516f754e0064839b34cc04c7f0964dafddaf4580b60bd567b4287d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:57 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=0; includeSubDomains
cf-polished
origSize=782030
x-powered-by
NIMHOST
content-length
748523
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
cf-bgj
imgq:100,h2pri
last-modified
Thu, 06 Jul 2023 15:14:21 GMT
server
cloudflare
etag
"beece-5ffd2f88df92c"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
nimbus-cache
HIT
accept-ranges
bytes
cf-ray
8c4f2d010c17f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:57 GMT
Screenshot-2024-05-22-at-09.21.40.png
res.cloudinary.com/wearelush/images/f_auto,q_auto/v1716366132/Screenshot-2024-05-22-at-09.21.40/
290 KB
291 KB
Image
General
Full URL
https://res.cloudinary.com/wearelush/images/f_auto,q_auto/v1716366132/Screenshot-2024-05-22-at-09.21.40/Screenshot-2024-05-22-at-09.21.40.png?_i=AA
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
32996e01b7210b5505eb095b93e5a3e9a8abf1236b139b729c535b1dc113f2db
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="Screenshot-2024-05-22-at-09.21.40.png?_i=AA"
server-timing
cld-fastly;mitm=p;dur=6;cpu=3;start=2024-09-18T06:10:56.835Z;desc=hit,rtt;dur=1,content-info;desc="width=1920,height=1371,bytes=297088,owidth=1920,oheight=1371,obytes=4052102,ef=(1,11,14,17)"
content-length
297088
last-modified
Wed, 22 May 2024 08:26:50 GMT
server
Cloudinary
etag
"81e6575865267eabbb370e7c50a8238f"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
Catagory-page_Self_preserving_-
res.cloudinary.com/wearelush/video/upload/f_auto,q_auto/v1691175867/
4 MB
0
Media
General
Full URL
https://res.cloudinary.com/wearelush/video/upload/f_auto,q_auto/v1691175867/Catagory-page_Self_preserving_-?_i=AA
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
Content-Range
bytes 0-5109740/5109741
server-timing
cld-fastly;mitm=p;dur=3;cpu=2;start=2024-09-18T06:10:56.835Z;desc=hit,rtt;dur=1,content-info;desc="width=1920,height=1080,abps=168527,fps=25.0,du=30.32,vc=\"h264\",bytes=5109741,owidth=1920,oheight=1080,oabps=201586,ofps=25.0,odu=30.32,ovc=\"h264\",obytes=6112095,oformat=\"mp4\""
Content-Length
5109741
last-modified
Fri, 24 Nov 2023 09:41:11 GMT
server
Cloudinary
etag
"3479611bc4ca35199a777ea4c2c7b284"
vary
Save-Data
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
Make-products-for-every-need-sml-1.gif
res.cloudinary.com/wearelush/images/c_scale,w_180,h_180/f_auto,q_auto/v1688371399/Make-products-for-every-need-sml-1/
1 MB
1 MB
Image
General
Full URL
https://res.cloudinary.com/wearelush/images/c_scale,w_180,h_180/f_auto,q_auto/v1688371399/Make-products-for-every-need-sml-1/Make-products-for-every-need-sml-1.gif?_i=AA
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
75a523dd554314309162a07524a2297e82194865e9d03f4595d7bf0dda49218c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="Make-products-for-every-need-sml-1.gif?_i=AA"
server-timing
cld-fastly;mitm=p;dur=3;start=2024-09-18T06:10:56.835Z;desc=hit,rtt;dur=1,content-info;desc="width=180,height=180,owidth=180,oheight=180,obytes=1318173"
content-length
1262960
last-modified
Mon, 03 Jul 2023 08:08:15 GMT
server
Cloudinary
etag
"4cc756161c21efc72be4e40c76ea0020"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
Be-number-one-sml-1.gif
res.cloudinary.com/wearelush/images/c_scale,w_180,h_180/e_blur:2000,q_1,f_auto/Be-number-one-sml-1/
532 KB
532 KB
Image
General
Full URL
https://res.cloudinary.com/wearelush/images/c_scale,w_180,h_180/e_blur:2000,q_1,f_auto/Be-number-one-sml-1/Be-number-one-sml-1.gif
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
721eb367b0a5437f15b81568d2dc0e90318440325841bcb6a0bd2a31dea2628e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:57 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="Be-number-one-sml-1.gif"
server-timing
cld-fastly;mitm=p;dur=310;cpu=1;start=2024-09-18T06:10:56.835Z;desc=miss,rtt;dur=1,content-info;desc="width=180,height=180,owidth=180,oheight=180,obytes=1380357",cloudinary;dur=133;start=2024-09-18T06:10:56.926Z
content-length
544452
last-modified
Mon, 03 Jul 2023 08:07:54 GMT
server
Cloudinary
etag
"d27713c90b3ea75aca2fb9a47ad7d7cf"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/
293 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WDDPNWP9KX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-93585949-38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3d49a977ad06fddddbd6ba5dbcd76b03f7d0319e542b9063b3ee1814279a3bba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101808
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 18 Sep 2024 06:10:56 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-93585949-38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 18 Sep 2024 05:45:33 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1523
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 18 Sep 2024 07:45:33 GMT
collect
www.google-analytics.com/j/
1 B
205 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2005322431&t=pageview&_s=1&dl=https%3A%2F%2Fweare.lush.com%2F&ul=ja-jp&de=UTF-8&dt=We%20are%20Lush%20%E2%80%94%20And%20this%20will%20be%20the%20company%20we%20want%20it%20to%20be&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1251623288&gjid=1338523365&cid=305571349.1726639857&tid=UA-93585949-38&_gid=95775758.1726639857&_r=1&gtm=457e4990za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&jsscut=1&z=1992099501
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2024 06:10:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://weare.lush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
23 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2005322431&t=pageview&_s=1&dl=https%3A%2F%2Fweare.lush.com%2F&ul=ja-jp&de=UTF-8&dt=We%20are%20Lush%20%E2%80%94%20And%20this%20will%20be%20the%20company%20we%20want%20it%20to%20be&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=952615505&gjid=968308544&cid=305571349.1726639857&tid=UA-93585949-38&_gid=95775758.1726639857&_r=1&_slc=1&gtm=45He4990n81NTXWPV7za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=1465832245
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.14 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2024 06:10:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://weare.lush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-WDDPNWP9KX&gtm=45je4990v9112149620za200&_p=1726639856729&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=305571349.1726639857&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1726639857&sct=1&seg=0&dl=https%3A%2F%2Fweare.lush.com%2F&dt=We%20are%20Lush%20%E2%80%94%20And%20this%20will%20be%20the%20company%20we%20want%20it%20to%20be&en=page_view&_fv=1&_ss=1&tfd=1167
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WDDPNWP9KX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2024 06:10:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://weare.lush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
253 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WDDPNWP9KX&cid=305571349.1726639857&gtm=45je4990v9112149620za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WDDPNWP9KX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c01::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2024 06:10:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://weare.lush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame 486D
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-WDDPNWP9KX&gacid=305571349.1726639857&gtm=45je4990v9112149620za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1398189473
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WDDPNWP9KX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weare.lush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Sep 2024 06:10:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.co.jp/ads/
42 B
63 B
Image
General
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WDDPNWP9KX&cid=305571349.1726639857&gtm=45je4990v9112149620za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=504828315
Requested by
Host: weare.lush.com
URL: https://weare.lush.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2024 06:10:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon-32x32.png
weare.lush.com/
306 B
646 B
Other
General
Full URL
https://weare.lush.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
866b55f6194d427d247f332a01e83deccf81bdb1c1d16cc03dc5c219d5f32a17
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:10:57 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
2514
cf-polished
origFmt=png, origSize=1260
x-powered-by
NIMHOST
content-disposition
inline; filename="favicon-32x32.webp"
content-length
306
x-served-by
33d9eccbdef8a00bd36ff20435242f6b
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 May 2022 17:02:50 GMT
server
cloudflare
etag
"4ec-5deab4b79c9c8"
vary
Accept
content-type
image/webp
cache-control
public, max-age=14400
nimbus-cache
REVALIDATED
accept-ranges
bytes
cf-ray
8c4f2d04d8a3f6b9-NRT
expires
Wed, 18 Sep 2024 10:10:57 GMT
Catagory-page_Self_preserving_-
res.cloudinary.com/wearelush/video/upload/f_auto,q_auto/v1691175867/
64 KB
0
Media
General
Full URL
https://res.cloudinary.com/wearelush/video/upload/f_auto,q_auto/v1691175867/Catagory-page_Self_preserving_-?_i=AA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.lush.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=4000652-

Response headers

date
Wed, 18 Sep 2024 06:10:56 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Nov 2023 09:41:11 GMT
server
Cloudinary
etag
"3479611bc4ca35199a777ea4c2c7b284"
vary
Save-Data
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
Content-Range
bytes 4000652-5109740/5109741
access-control-expose-headers
Content-Length,Content-Range,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
server-timing
cld-fastly;mitm=p;dur=3;cpu=2;start=2024-09-18T06:10:56.835Z;desc=hit,rtt;dur=1,content-info;desc="width=1920,height=1080,abps=168527,fps=25.0,du=30.32,vc=\"h264\",bytes=5109741,owidth=1920,oheight=1080,oabps=201586,ofps=25.0,odu=30.32,ovc=\"h264\",obytes=6112095,oformat=\"mp4\""
accept-ranges
bytes
timing-allow-origin
*
Content-Length
1109089

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| CLDLB function| CLDBind function| initFallback object| runtime object| regeneratorRuntime object| React object| wp object| ReactDOM function| sprintf function| vsprintf function| Mousetrap function| gtag object| dataLayer string| GOOGLE_SHEETS_API_KEY string| ALGOLIA_INDEX string| ALGOLIA_APPLICATION_ID string| ALGOLIA_SEARCH_ONLY_KEY string| WP_JSON_URL string| LANG_SLUG object| webpackChunkwearelush object| lazySizes function| initMap function| Hammer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| elements function| iFrameResize object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady

7 Cookies

Domain/Path Name / Value
.lush.com/ Name: __cf_bm
Value: 4tCEOjp2uVeU5G64IliMtYRhRdpIT_38OjlDS4RJNts-1726639856-1.0.1.1-KfqhRXJ8W6M9YvRfCFavWCb0FvO0oq_MHbaGLfz.tk3h7S1DQBmrGtYdBd8_x8xo3sjsDS3eMDEtZ.WuIe9l2w
.lush.com/ Name: _gid
Value: GA1.2.95775758.1726639857
.lush.com/ Name: _gat_gtag_UA_93585949_38
Value: 1
.lush.com/ Name: _gat_UA-93585949-38
Value: 1
.lush.com/ Name: _ga_WDDPNWP9KX
Value: GS1.1.1726639857.1.0.1726639857.60.0.0
.lush.com/ Name: _ga
Value: GA1.1.305571349.1726639857
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
assets.onldspk.cc
fonts.googleapis.com
fonts.gstatic.com
res.cloudinary.com
stats.g.doubleclick.net
td.doubleclick.net
weare.lush.com
www.google-analytics.com
www.google.co.jp
www.googletagmanager.com
142.250.196.99
142.251.222.14
172.217.175.104
2404:6800:4004:818::2002
2404:6800:4004:81f::2008
2404:6800:4004:821::200e
2404:6800:4004:828::2003
2404:6800:4004:828::200e
2404:6800:4008:c00::5f
2404:6800:4008:c01::9c
2606:4700:20::ac43:4a8c
2606:4700::6812:de71
2a04:4e42:600::393
0629e8915ed2b42422da402d63254658233386a57b041be477137b8586b8aa9e
0a0ec823f43eab5d5e008983923508c62b1c53d2fcff5784297c941090fde4e4
100cc029535a3be566618b073bb9815fea13ea722b029fd858b3a466396d50f5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
21826e531e656e94ed03199882cdc37f4af9946aeed1a3f63c1e9218ae8142f5
26d9f2e550861802d6b4f40ccb84f3d733476a805578f9264c776b4355882d5d
2bf717dd1ffaa71e7584ba8c9f286b0f10f3bebb45cc79f9982247c2c8dfb083
31482fef13771a9276a24b55a2108b80a5c9e723d96523e3a7b504f3e6694610
32996e01b7210b5505eb095b93e5a3e9a8abf1236b139b729c535b1dc113f2db
32d2a47f18c51028f37d8319def31044e08b0c3d4979722b839369336fac7ad6
35cb2cf97a6c66b0179e27e5c95617e22125a13e273a081b5361000df0ead636
37720dbcab5427116c276e8b750bb4a7da41a7d3d5662ccdf92a3fee530fc28d
38f8206d84ed8658e4f4fee5a71d757d475b03767e5e7eb1e7cb770f6ab2cd3e
3cca5cf5bfa14b32647fc12c6e52b050c2504f12794184725a74f49fe68e84d9
3d49a977ad06fddddbd6ba5dbcd76b03f7d0319e542b9063b3ee1814279a3bba
3f117548bac568e3834835bc4598d5a97a757c4f19cf52f09c33d72e494963db
55ea5e0fdcf9316bb1570d4115f076b13a53ab2b2ae69bad55326caab6977cd4
65fbd55a9cf38ce19192f5a1f59a30af4caf2c02fae7b951b5b06f32ed7e3eb4
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
721eb367b0a5437f15b81568d2dc0e90318440325841bcb6a0bd2a31dea2628e
75a523dd554314309162a07524a2297e82194865e9d03f4595d7bf0dda49218c
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
866b55f6194d427d247f332a01e83deccf81bdb1c1d16cc03dc5c219d5f32a17
8910eb7147c93440e1664fa8d3f0a992d6b2dfbbe20d4b05f448a26a7869f85e
9419f750f00df685ba52ca8554ee9b8f472e57099275f05776c93d1c8e2ffd21
9add91804e516f754e0064839b34cc04c7f0964dafddaf4580b60bd567b4287d
a21da61d636ea66bd58bb96e3ddb6c249c9d6f47fe371d084c71bee2099444f1
a5269d439e2aa47977f00c5f081bd67aaeac593fb08b41a55f49a30c0ba23bbb
a6f5167232ba44767a2835ed87d6fbe7d6b211a1abbc93ddc199219ae02845cd
b09bdbf565d50102894b31146a8ecea9cff952ed9a365753185ce4b22fd818cf
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
cfb6ea70d464c88b03728fe77f38a7400f7a3b1b5b0eaaae5817844d730e8cbd
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
dcef257b2daa8e3cf39bbb7e682704a20c59c0f2e5e9a50522cf1e8b818ac54c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f886c8534bbb69d1bdf0a6fe8dcfcb1f78d215f71b65509b3ef9a1bd287a4e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efce7d4dfdff6ca56599601f0d4fdd12a19fd7e448109fddfad9a9a0f10df6e2
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f515f1c6a4546f227dacabc4c6e2c0cdb15158ee1e0e5d7686fa00f7d3fc417e
fa3159ad1e5deb4efdc091354d34e2fcbc511a9a2778775384786425af09b8c8