Submitted URL: https://pinkbank.benefitcosmetics.com/
Effective URL: https://pinkbank.benefitcosmetics.com/connect/
Submission: On November 02 via api from US — Scanned from DE

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 45 HTTP transactions. The main IP is 52.8.79.12, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is pinkbank.benefitcosmetics.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on April 3rd 2024. Valid for: a year.
This is the only time pinkbank.benefitcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 52.8.79.12 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
15 2600:9000:26d... 16509 (AMAZON-02)
9 216.198.53.3 209242 (CLOUDFLAR...)
1 34.120.195.249 396982 (GOOGLE-CL...)
1 2a05:d014:58f... 16509 (AMAZON-02)
1 52.8.179.245 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
4 216.198.54.1 209242 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 18.66.122.31 16509 (AMAZON-02)
2 52.219.113.120 16509 (AMAZON-02)
45 12
Apex Domain
Subdomains
Transfer
18 creatoriq.com
cdn1.creatoriq.com — Cisco Umbrella Rank: 572124
static.creatoriq.com — Cisco Umbrella Rank: 898093
925 KB
9 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2226
ekr.zdassets.com — Cisco Umbrella Rank: 2547
212 KB
4 zendesk.com
socialedge2.zendesk.com
1 KB
4 gstatic.com
fonts.gstatic.com
31 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
3 KB
3 benefitcosmetics.com
pinkbank.benefitcosmetics.com
api-pinkbank.benefitcosmetics.com
11 KB
2 amazonaws.com
s3.us-west-1.amazonaws.com
255 KB
2 livesession.io
cdn.livesession.io — Cisco Umbrella Rank: 120756
rs.livesession.io — Cisco Umbrella Rank: 114046
47 KB
1 sentry.io
o409202.ingest.us.sentry.io
276 B
45 9
Domain Requested by
15 cdn1.creatoriq.com pinkbank.benefitcosmetics.com
cdn1.creatoriq.com
8 static.zdassets.com pinkbank.benefitcosmetics.com
static.zdassets.com
4 socialedge2.zendesk.com static.zdassets.com
4 fonts.gstatic.com fonts.googleapis.com
3 static.creatoriq.com
3 fonts.googleapis.com pinkbank.benefitcosmetics.com
cdn1.creatoriq.com
2 s3.us-west-1.amazonaws.com
2 pinkbank.benefitcosmetics.com 1 redirects
1 rs.livesession.io cdn.livesession.io
1 api-pinkbank.benefitcosmetics.com cdn1.creatoriq.com
1 cdn.livesession.io pinkbank.benefitcosmetics.com
1 ekr.zdassets.com static.zdassets.com
1 o409202.ingest.us.sentry.io pinkbank.benefitcosmetics.com
45 13

This site contains links to these domains. Also see Links.

Domain
r.lvmh-static.com
www.benefitcosmetics.com
creatorsupport.creatoriq.com
Subject Issuer Validity Valid
pinkbank.benefitcosmetics.com
Amazon RSA 2048 M03
2024-04-03 -
2025-05-02
a year crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.creatoriq.com
Amazon RSA 2048 M03
2024-01-21 -
2025-02-19
a year crt.sh
zdassets.com
WE1
2024-09-05 -
2024-12-04
3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-03 -
2025-07-29
10 months crt.sh
cdn.livesession.io
E6
2024-09-04 -
2024-12-03
3 months crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
socialedge2.zendesk.com
E6
2024-11-01 -
2025-01-30
3 months crt.sh
livesession.io
WE1
2024-10-19 -
2025-01-17
3 months crt.sh
*.s3-us-west-1.amazonaws.com
Amazon RSA 2048 M01
2024-10-10 -
2025-09-28
a year crt.sh

This page contains 2 frames:

Primary Page: https://pinkbank.benefitcosmetics.com/connect/
Frame ID: A9995D57AD470DEB5C759EFA40250522
Requests: 34 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7767f7f.js
Frame ID: E40BA713C3804C3BD7780E39CBB05FAD
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Pink Bank Creator Portal | Benefit Cosmetics

Page URL History Show full URLs

  1. https://pinkbank.benefitcosmetics.com/ HTTP 302
    https://pinkbank.benefitcosmetics.com/connect/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

45
Requests

100 %
HTTPS

42 %
IPv6

9
Domains

13
Subdomains

12
IPs

2
Countries

1485 kB
Transfer

3976 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pinkbank.benefitcosmetics.com/ HTTP 302
    https://pinkbank.benefitcosmetics.com/connect/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
pinkbank.benefitcosmetics.com/connect/
Redirect Chain
  • https://pinkbank.benefitcosmetics.com/
  • https://pinkbank.benefitcosmetics.com/connect/
57 KB
9 KB
Document
General
Full URL
https://pinkbank.benefitcosmetics.com/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.8.79.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-79-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
780f9e949c23e2d1c5fb810c174607f8f884d8711d2b53fb831b583059edd7c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
8583
content-security-policy-report-only
script-src 'nonce-VLmnUG8xuGxtYmAc' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: http:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; connect-src 'self' https: wss: data: stats.g.doubleclick.net; worker-src 'self' blob:; font-src 'self' https: wss: data:; media-src 'self' https: blob: data:; frame-src 'self' blob: td.doubleclick.net ui2.tipalti.com widget.trolley.com *.youtube.com ui2.sandbox.tipalti.com hipodi.com player.vimeo.com drive.google.com accounts.google.com app.spekit.co www.facebook.com embedded.hellosign.com tr.snapchat.com www.priceblink.com creatoriq-gr.ada.support *.amazonaws.com *.google.com srch.dealtruck.net www.bing.com r.search.yahoo.com www.etsy.com shopmy.us www.homedepot.com cdn.livesession.io cdn1.creatoriq.com; object-src 'none'; base-uri 'self'; report-uri https://o409202.ingest.us.sentry.io/api/4506320900653056/security/?sentry_key=13985f607775b5b699abb274e2016541;
content-type
text/html
date
Sat, 02 Nov 2024 12:12:34 GMT
referrer-policy
origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-apigw-id
AniP6HzzSK4EI1w=
x-amzn-requestid
1fc809eb-75c2-453c-a612-b2072088b467
x-amzn-trace-id
Root=1-67261732-027a4fe4236962db44bcadd2;Parent=5caf139e234752c8;Sampled=0;Lineage=1:c4cdb801:0
x-content-type-options
nosniff
x-frame-options
DENY
x-pod
8585f889bd-fd29s
x-xss-protection
1; mode=block

Redirect headers

content-length
138
content-type
text/html
date
Sat, 02 Nov 2024 12:12:34 GMT
location
https://pinkbank.benefitcosmetics.com/connect/
referrer-policy
origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-pod
8585f889bd-z2ktl
x-xss-protection
1; mode=block
css
fonts.googleapis.com/
3 KB
542 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,500,600,700
Requested by
Host: pinkbank.benefitcosmetics.com
URL: https://pinkbank.benefitcosmetics.com/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02bf5cedb5b63c29d5d166c066c426e37865e446d4b017828f9f1244e7b93fab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 12:12:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 12:12:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 02 Nov 2024 12:07:20 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
11 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Heebo:400,500,700&subset=latin,cyrillic
Requested by
Host: pinkbank.benefitcosmetics.com
URL: https://pinkbank.benefitcosmetics.com/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae216603ac15b1393afe88e79a0f82ccdb64975bb0dc8f5ec52b2309101a166c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 12:12:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 12:12:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 02 Nov 2024 12:12:35 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
variables.css
cdn1.creatoriq.com/common/controls/2.6.11/
6 KB
2 KB
Stylesheet
General
Full URL
https://cdn1.creatoriq.com/common/controls/2.6.11/variables.css
Requested by
Host: pinkbank.benefitcosmetics.com
URL: https://pinkbank.benefitcosmetics.com/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6400:3:ff69:3940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1676630e51f4c7ff4737d836f6ad5c733af0c9cc148cc26370f318a42528b61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

content-encoding
gzip
x-amz-version-id
null
etag
W/"d555e91e2ed1828377558974dc83107b"
age
17448419
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Ib3y5MTmRIghdRvh4Pxjyck7SuG0F78xcxaP0MQ_e3fURsRlJw58SQ==
date
Sun, 14 Apr 2024 13:25:37 GMT
content-type
text/css
vary
Accept-Encoding, Origin
last-modified
Fri, 02 Jun 2023 10:51:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=74bde9a0-3346-45bd-aa3e-8ed2505d89e1
Requested by
Host: pinkbank.benefitcosmetics.com
URL: https://pinkbank.benefitcosmetics.com/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5e73ae42ed4f068014f2ac26f036966e4997aa1fd32c2182859e3163dd1f71a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"d90dbb2a9f98c3c53cd0f1d480381e2e"
x-amz-version-id
FkgGJxeVVNjmEhoAGFYT4yGKQLf728f6
age
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9fOQ4K2LHFheZKje7Hhacka5PfjJo7fDn4cTgDH1B6vWMxx8tH1lHIp4FtY6%2FjvXusy531o78mYG%2BQiUr8u8MCapRYwhHBsYSljF12X5VXmnCCv0hV27OmXNMCdpLM2JHqA5Oj4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
date
Sat, 02 Nov 2024 12:12:35 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 11:42:28 GMT
vary
Accept-Encoding
x-amz-id-2
9KtU6MtOJ7LKIc1VoVafZb+x24kh+qs87/iMKo78zdthLAixwvw3XWy8mm5sPfCsNpYT/M5bs7yWroxdlX++QA==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=3600, s-maxage=60
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DKHXDPCNX6PBTPJK
cf-ray
8dc4089f0bc3a073-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
banner.js
cdn1.creatoriq.com/common/ciq-cookie-banner/1.1.3/
48 KB
16 KB
Script
General
Full URL
https://cdn1.creatoriq.com/common/ciq-cookie-banner/1.1.3/banner.js
Requested by
Host: pinkbank.benefitcosmetics.com
URL: https://pinkbank.benefitcosmetics.com/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6400:3:ff69:3940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d02dd435351c8bd9989994783de0fbf214028c284f4e62cb11527e4845ceca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

content-encoding
gzip
x-amz-version-id
null
etag
W/"53858d5c9f58172fd47bb972880eea06"
age
3771681
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Dxvrwlk6i2Kp_NLwfHiZnXKUa-gKkNfHFGoIy5hTYe1YKSNFZQI_Rg==
date
Thu, 19 Sep 2024 20:31:15 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
last-modified
Thu, 08 Dec 2022 12:39:55 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
/
o409202.ingest.us.sentry.io/api/4506320900653056/security/
0
276 B
Other
General
Full URL
https://o409202.ingest.us.sentry.io/api/4506320900653056/security/?sentry_key=13985f607775b5b699abb274e2016541
Requested by
Host: pinkbank.benefitcosmetics.com
URL: https://pinkbank.benefitcosmetics.com/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/csp-report
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 02 Nov 2024 12:12:35 GMT
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
css2
fonts.googleapis.com/
10 KB
844 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
Requested by
Host: cdn1.creatoriq.com
URL: https://cdn1.creatoriq.com/common/controls/2.6.11/variables.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dae65e43ce0ffcb9722f0ac5dc5a774548f0134883a1e046b981aed48b69dfa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cdn1.creatoriq.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 12:12:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 12:12:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 02 Nov 2024 10:51:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
74bde9a0-3346-45bd-aa3e-8ed2505d89e1
ekr.zdassets.com/compose/
1 KB
1 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/74bde9a0-3346-45bd-aa3e-8ed2505d89e1
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=74bde9a0-3346-45bd-aa3e-8ed2505d89e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3112b5244879e68773ae5806965ee5d8117653c282401ec41d436702bc1dfa49
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

access-control-max-age
7200
x-request-id
8da4fb260979fa22-SEA, 8da4fb260979fa22-SEA, 8da4fb260979fa22-SEA
access-control-expose-headers
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"3112b5244879e68773ae5806965ee5d8"
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FfLvatLO80uta0uApar71C9y1amXKPKeVH8VKO3pl%2BzqOyfVA4W2T1PKwSHdzMM%2Bba8DJwfKVq%2BA3vACx3TGHgWq2hPDukbVI7SPx8AK67y1lMfAOUmmj9oA8sZP1ayWyX0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
date
Sat, 02 Nov 2024 12:12:35 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin, Accept-Encoding
x-runtime
0.005417
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
cdn-cache-control
max-age=60
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8dc408a00ab2d2f7-FRA
access-control-allow-origin
*
x-zendesk-zorg
yes, yes
x-xss-protection
1; mode=block
server
cloudflare
runtime.81d14a25ebfa3d11e465.js
cdn1.creatoriq.com/creator-dashboard/dist/
9 KB
5 KB
Fetch
General
Full URL
https://cdn1.creatoriq.com/creator-dashboard/dist/runtime.81d14a25ebfa3d11e465.js
Requested by
Host: pinkbank.benefitcosmetics.com
URL: https://pinkbank.benefitcosmetics.com/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6400:3:ff69:3940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61388f11268edecdbf68785044963f837ba7fb4da644f1d1d43ee4223e6e4bc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
W/"2a66a50587ed0ef706696d57ce761203"
x-amz-version-id
null
age
357707
access-control-allow-methods
GET, HEAD, PUT
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
XACJ0MKkCN-LVMe_jXBffJ_8bgv4cv2WFrUS5tKShctXfyPPi85zdg==
date
Tue, 29 Oct 2024 08:50:49 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 28 Oct 2024 18:03:45 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
track.js
cdn.livesession.io/
178 KB
46 KB
Script
General
Full URL
https://cdn.livesession.io/track.js
Requested by
Host: pinkbank.benefitcosmetics.com
URL: https://pinkbank.benefitcosmetics.com/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6200::65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
1d3530a695c5135ef2d1426ea3894d2d04f243bb791fa15b7a869ad2c02976a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
"fc967bdfba3031cff7d816601049116f-ssl-df"
age
59394
accept-ranges
bytes
access-control-allow-origin
*
content-length
46434
x-nf-request-id
01JBPCN81VD5M93MSEJ7Y721AN
cache-status
"Netlify Edge"; hit
date
Sat, 02 Nov 2024 12:12:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Netlify
init.72efddde60175494475d.css
cdn1.creatoriq.com/creator-dashboard/dist/
299 KB
48 KB
Stylesheet
General
Full URL
https://cdn1.creatoriq.com/creator-dashboard/dist/init.72efddde60175494475d.css
Requested by
Host: pinkbank.benefitcosmetics.com
URL: https://pinkbank.benefitcosmetics.com/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6400:3:ff69:3940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17dc26a999e38f9db0c8d81ffb7c08725999cb3aebddeeaaaab10a36cd0f59ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pinkbank.benefitcosmetics.com
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
W/"7aa56df3d993c81128f47cb2e57f4f24"
x-amz-version-id
null
age
3902177
access-control-allow-methods
GET, HEAD, PUT
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
QFlsye6EU_DFVi0oVnHAFOO2mkNH4HabsL7CHDPjWGaieShlGPVFfw==
date
Wed, 18 Sep 2024 08:16:19 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Wed, 18 Sep 2024 08:10:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
runtime.81d14a25ebfa3d11e465.js
cdn1.creatoriq.com/creator-dashboard/dist/
9 KB
528 B
Script
General
Full URL
https://cdn1.creatoriq.com/creator-dashboard/dist/runtime.81d14a25ebfa3d11e465.js
Requested by
Host: pinkbank.benefitcosmetics.com
URL: https://pinkbank.benefitcosmetics.com/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6400:3:ff69:3940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61388f11268edecdbf68785044963f837ba7fb4da644f1d1d43ee4223e6e4bc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pinkbank.benefitcosmetics.com
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
null
age
357707
etag
W/"2a66a50587ed0ef706696d57ce761203"
access-control-allow-methods
GET, HEAD, PUT
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
eg-cYUN9w5-Pm4SFeSjAm1q05-JHA53LFTTon00HijVHGhXDRZQI7w==
date
Sat, 02 Nov 2024 12:12:35 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 28 Oct 2024 18:03:45 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
init.3c9c083e477515607d58.js
cdn1.creatoriq.com/creator-dashboard/dist/
401 KB
117 KB
Script
General
Full URL
https://cdn1.creatoriq.com/creator-dashboard/dist/init.3c9c083e477515607d58.js
Requested by
Host: pinkbank.benefitcosmetics.com
URL: https://pinkbank.benefitcosmetics.com/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6400:3:ff69:3940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f2b35d7fde510134af8c95d1a85b7a4359de794d51ff753aca5c8a54d8f2e14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pinkbank.benefitcosmetics.com
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
W/"ff89469a85bebfa02ced59c8fb0a29be"
x-amz-version-id
null
age
418214
access-control-allow-methods
GET, HEAD, PUT
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
ado50kfL-V5GfhCrRH31GPcjilZA-TpHONqbk8-huSQOcTt-LaI8MA==
date
Mon, 28 Oct 2024 16:02:21 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 28 Oct 2024 15:56:08 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
web-widget-main-7767f7f.js
static.zdassets.com/web_widget/messenger/latest/ Frame E40B
438 KB
138 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7767f7f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=74bde9a0-3346-45bd-aa3e-8ed2505d89e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8ea257fb082f88bd1cf41884b57df105f329783529a545a80e1760738bdf4ad
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"8163db600ad3914cc5dff8be1f8bb1f5"
x-amz-version-id
cnYaDyy3CtHYx5g0rWxQ8CxR4b7rR5gd
age
33060
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GXNPPqCM3s3XRd0aQfZX%2Bv8dwAkpmA4sjaLYKVXjGgh10kWcqRgHSrNDP8tjm2fWc2PlmqJo%2FnOKUYxAK3vPSI5dyS%2Fzd7AjsklVvTZSgPBVtmLCJtyN1lzlwBAuM%2F5GJpVlC2E%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Fri, 24 Oct 2025 10:29:11 GMT
date
Sat, 02 Nov 2024 12:12:35 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 10:29:12 GMT
vary
Accept-Encoding
x-amz-id-2
GVfhwYkzG/ZS3I7MReMnPalGH7CPk2i3CMZIE5T7ocI0Yb0TRbdHOOG+vCMF5Ro7Xe8RgDo9aetBlozl+GQyrQ==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HR9CBXV54Z221FP8
cf-ray
8dc408a1ae35a073-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
style.css
cdn1.creatoriq.com/common/ciq-icons/1.1.2/
33 KB
5 KB
Stylesheet
General
Full URL
https://cdn1.creatoriq.com/common/ciq-icons/1.1.2/style.css
Requested by
Host: cdn1.creatoriq.com
URL: https://cdn1.creatoriq.com/creator-dashboard/dist/init.3c9c083e477515607d58.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6400:3:ff69:3940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
403d63d0c3303997136fe860c0f3232d6a5ce4fd0656745ff188f655da6039e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

content-encoding
gzip
x-amz-version-id
null
etag
W/"1b114958fc95309162c6a5d4670844a0"
age
5798765
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Gt6RJnXmNuHBDPtrV6qxoQSARhPy84CjuwCg2cJGUTvPMGXqgAASpw==
date
Tue, 27 Aug 2024 09:26:31 GMT
content-type
text/css
vary
Accept-Encoding, Origin
last-modified
Thu, 08 Aug 2024 11:59:25 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
session
api-pinkbank.benefitcosmetics.com/api/
0
1 KB
Fetch
General
Full URL
https://api-pinkbank.benefitcosmetics.com/api/session?timestamp=1730549555589
Requested by
Host: cdn1.creatoriq.com
URL: https://cdn1.creatoriq.com/creator-dashboard/dist/init.3c9c083e477515607d58.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.8.179.245 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-179-245.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

access-control-max-age
1728000
access-control-expose-headers
X-Authorization,X-Reason,X-Refresh-Token,Content-Disposition,x-csrf-token
content-encoding
gzip
access-control-allow-methods
OPTIONS,GET,POST,PUT,PATCH,DELETE
x-content-type-options
nosniff
x-pod
65d84bc685-n8l8k
date
Sat, 02 Nov 2024 12:12:36 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type,X-SOCIALEDGE-ID,X-SOCIALEDGE-TOKEN,X-Authorization,Authorization,X-Requested-With,X-ONESHEETS-RENDERING,x-csrf-token,x-app-id,X-API-KEY
strict-transport-security
max-age=31536000; includeSubDomains
x-csrf-token
2eb94105d8ea656c90439a3f
cache-control
no-cache
access-control-allow-credentials
true
referrer-policy
origin
access-control-allow-origin
https://pinkbank.benefitcosmetics.com
x-xss-protection
1; mode=block
server
nginx
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pinkbank.benefitcosmetics.com
Referer
https://fonts.googleapis.com/

Response headers

age
360095
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 08:11:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 08:11:01 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
en-us-json-7767f7f.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame E40B
22 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-7767f7f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7767f7f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
034e3e9fee331ffd6f57ca9caa698aad4f7d9a9fc4cec17d4283555f2252b87e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"71dc3fadb4ae9ca587d402d24f8b7307"
x-amz-version-id
YEHaaqUA4Vronu2syLU5WihKTdS4VSSP
age
26344
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vDqo7v0xqbBEQ0yp3UCfBGG2pn2kb3iH%2FLCWH3xaglaXtEz0ed2rUxYFu1LAf8CMHM%2BMH6b0HElLMGiP26KYip4Vb6AagBdDVdtB7ekToodfKV2GlX5DHMwa7MkCg%2F9a27xgP4Q%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Fri, 24 Oct 2025 10:29:12 GMT
date
Sat, 02 Nov 2024 12:12:35 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 10:29:13 GMT
vary
Accept-Encoding
x-amz-id-2
rs+9/DbXdPbDp7x/ZHCVmVXEcuD+f8FtKabQ7IiE8uDwisXMaQo9gFkG36i2lSVBFyy3PaXvvGrwNCQ673/91A==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
H8HEX6XB2AETD04D
cf-ray
8dc408a2ef7aa073-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-9606-7767f7f.js
static.zdassets.com/web_widget/messenger/latest/ Frame E40B
135 KB
45 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9606-7767f7f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7767f7f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c079922f22a5b0f90a5dbf336aca62d0ec1a50a720cae96f0b746d0b3bd3b45
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"4c37342db5ad594d06ebbd1c0ba47d13"
x-amz-version-id
X7HF00rBsulNsHYFgGU0.twDYR1WmL1V
age
335709
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y4G%2FLJZqOa8evk5ZoRlH0XsiL1MzuxfwM9ucjwlhePQFOZZIlBg%2BUx04TN%2BU%2BC3dYM6g2amf3nuRK8UG%2FbjnvipCDg4IvUyFok2oZFn9azbVsfzNwZwsU5yjsLriAEsOiSg9I2I%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Fri, 24 Oct 2025 10:29:11 GMT
date
Sat, 02 Nov 2024 12:12:35 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 10:29:12 GMT
vary
Accept-Encoding
x-amz-id-2
zyngNO9s00u67xgb2gA3PuvHDmHOCjSCBOjoe5us/0jaQQMAuQ14qGFAgWov7z2herMXKqQDGYQ=
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
H8H3DEDK2AVNA3VT
cf-ray
8dc408a2ef7da073-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-7437-7767f7f.js
static.zdassets.com/web_widget/messenger/latest/ Frame E40B
14 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-7437-7767f7f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7767f7f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
25046de857066e2a87b729d55871729a63ed7273be1ba2b62b0274a04b097cf3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"aa3fed8e69b72f1b6965afd8512f3a6a"
x-amz-version-id
SBpx.DAsH5Lr.zGzfuqHgqi6qQCZthcA
age
335709
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IuWXJhKwJKofnBhofGa5fR%2BMEospQGBJA6bYpp6h2S17IhMUMfJBlS%2F9qdrQhzkBWgm28b%2Fc52jkr6GypopFdFr4WU%2FXMaxRwAvxk%2FeiqA%2F%2F6mYui7RmyLO70cvwsnrah51U5qE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Fri, 24 Oct 2025 10:29:11 GMT
date
Sat, 02 Nov 2024 12:12:35 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 10:29:12 GMT
vary
Accept-Encoding
x-amz-id-2
SGEjt3hJ72hb2Xx6cBHMoPwW3aZtScJ0tzOnpkRSm4vwgUVShXZESsYCSL7wknON2qvdxXb49oNbKwF/XDigAw==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
H8H54YBWVN3CRMXK
cf-ray
8dc408a2ef7fa073-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-3190-7767f7f.js
static.zdassets.com/web_widget/messenger/latest/ Frame E40B
14 KB
4 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-3190-7767f7f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7767f7f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c507bc491a38277126a37eef721cae58cc6764dac8c0a953d5fab4228b2efa4f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"5d49a0b59f00ef03b01f4b95a02c64ac"
x-amz-version-id
Wr9IJDq4NVVYbHChmEq1a8JrLELBBBJM
age
335709
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K06uvApIBtIY%2F8teB%2B0zSIrOJLRmcvWrq2thXbh%2BBApLr5ofF87g0X5dWtGB8KJeU5slCnuuXItWJk7TnIr3MsVytImPDUMFip3%2FkhOobxAmHJckAdX3IHS9gMdHqIMxxFdZs8I%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Fri, 24 Oct 2025 10:29:10 GMT
date
Sat, 02 Nov 2024 12:12:35 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 10:29:11 GMT
vary
Accept-Encoding
x-amz-id-2
iBxMAce7vvX8x8wQCVmPkwLhC0yw4/+pdQbrKpcY7G2cRNufhVXBhrBx9C78l1aRLW73M3n36uYadNdl+c5p2Q==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
H8H2X86N8BY7ZKDH
cf-ray
8dc408a2ef80a073-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-8173-7767f7f.js
static.zdassets.com/web_widget/messenger/latest/ Frame E40B
10 KB
4 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-8173-7767f7f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7767f7f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b6ba0e6eed66ab5345210b7d09665ad5ab7e8b737b6f6cb0ae65d267372cc44
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"6ee6bafd5311611f1980bb49422bbfc9"
x-amz-version-id
Q14JFoKiufgKzKyJQ8C6uPjEwawRm9fw
age
335709
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BK3wE1ysnttXQQfp5AZgrvfLwNbtJUBRXhPMg%2BuKX4NAJwt%2FUHNTG5Orsk1zChvP114DROep%2BAV2Z%2BI5L7iYKS8ko5DyWbpoirm%2BCKscLbL382A6k3wG636A7egEX4KbAOGkofc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Fri, 24 Oct 2025 10:29:11 GMT
date
Sat, 02 Nov 2024 12:12:35 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 10:29:12 GMT
vary
Accept-Encoding
x-amz-id-2
af/OXeRHB55PDFjiEqxIC1gbeS1oA/E8l6GShf3H7gdPnYb2n0LnrLH25h9RN6PxnXf2bA7zCiw=
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
S2W6QP6G7B23A7X6
cf-ray
8dc408a2ef81a073-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-9961-7767f7f.js
static.zdassets.com/web_widget/messenger/latest/ Frame E40B
13 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9961-7767f7f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7767f7f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b6e98b85f8c643cc8a1c28e197b81329465e9da317fc62c90f233ceaaddf7e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"175e50983bbd72fe9cb87b59f4ed07fc"
x-amz-version-id
vOoHSsnDLdk6v3mXkL0Omq2qI0wMJ6hB
age
36532
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ds4EtqZNoIrV61N7V%2F%2FffbhWXU%2BiOtt%2BHqsdn1RF5haRH4lGrcFMeL%2Bk038n7mnhMfraYR1T3A%2B2PYpmwwW8f4oWwQiPYp4emI92kVVZUQLVawSDvJ%2FxNL%2B%2FgiN%2F5i%2FOurbUnZ4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Fri, 24 Oct 2025 10:29:11 GMT
date
Sat, 02 Nov 2024 12:12:35 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 10:29:12 GMT
vary
Accept-Encoding
x-amz-id-2
c4V0muElVHLFDHCQ63zcPenpNZhGoZS9TH2gfu4mLR6DkOxobhekc26akS6GiJXJsvM+lbQKeFvPvGyk5IwDgDUJpQmKKVFZ
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
H8H0DPCTRGF0SQ42
cf-ray
8dc408a2ef83a073-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
pv
socialedge2.zendesk.com/frontendevents/ Frame E40B
0
0
Fetch
General
Full URL
https://socialedge2.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7767f7f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.54.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

x-request-id
8dc408a89810925c-FRA
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eMLF4Oz9ZvPq9Uvf%2F6rqqwh3uvQd5JPSiJJhclcdvKI2W%2BhcwOtcRoaUcsuvQLe9oXw0WKWEWYpqIybbpCbf%2F3pzLzBId5y25iUTRuIUf2IWM%2B9lhS0NobshZBym2vIf4BMjqVzzfEDe"}],"group":"cf-nel","max_age":604800}
cf-ray
8dc408a89810925c-FRA
access-control-allow-origin
*
content-length
0
x-zendesk-zorg
yes
date
Sat, 02 Nov 2024 12:12:36 GMT
vary
Origin
server
cloudflare
config
socialedge2.zendesk.com/embeddable/ Frame E40B
897 B
1 KB
Fetch
General
Full URL
https://socialedge2.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7767f7f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.54.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a28ad11f73172b5d7d45715d24d61dce6ff1feae481050021f471e027070cc44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
7200
x-request-id
8dc408a76f35925c-FRA
access-control-expose-headers
x-zendesk-origin-server
embeddable-app-server-6f7b666b64-hg58d
cf-cache-status
EXPIRED
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=atA9%2FxsRe4GB0JpHUeZbGcs81r%2FGRJOi2JG%2B42lyTowUWixfh2udmPio3tv5trpRsPGyBU2ttbz%2BglMu5z8UKA0dZeV0C%2F3%2FMtb8QotlcAAuRe81zTQZtob1jv5Tl8FtR8C6fT%2FVSd9Q"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
date
Sat, 02 Nov 2024 12:12:36 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-runtime
0.003732
last-modified
Sat, 02 Nov 2024 12:12:36 GMT
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc408a76f35925c-FRA
access-control-allow-origin
*
x-zendesk-zorg
yes
x-cached
MISS
server
cloudflare
init
rs.livesession.io/visitors/
533 B
1 KB
XHR
General
Full URL
https://rs.livesession.io/visitors/init?account_id=785304c9&website_id=93b1c5f5
Requested by
Host: cdn.livesession.io
URL: https://cdn.livesession.io/track.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e4acc3c4a8af5e36215d0798a64701736005eee3da758501451dc0913b2414b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pT7yg1GCQskWKfDUqwdbYi%2BuwzsC016TUV28cKVgAJYxs2%2BUE2NaiMI5Ct2FK09lTYa9pQOIEtOGQMaF1yHO9x%2BqCgT25T3v0fsDnJ0UOsNeIc7q6MMbjZ05vYzIdCxFvX8M8PDtLj2cocYSLSPsug%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8dc408a76f46d203-FRA
access-control-allow-origin
https://pinkbank.benefitcosmetics.com
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10825&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4182&recv_bytes=4455&delivery_rate=676&cwnd=12000&unsent_bytes=0&cid=77c57a0994f369d8&ts=447&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 12:12:36 GMT
content-type
application/json; charset=UTF-8
vary
Origin
server
cloudflare
priority
u=1,i
pv
socialedge2.zendesk.com/frontendevents/ Frame
0
0
Preflight
General
Full URL
https://socialedge2.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.54.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pinkbank.benefitcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
8dc408a76f37925c-FRA
date
Sat, 02 Nov 2024 12:12:36 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZDtH1l5KCb6QnxhspJF4R558osuIP%2FJ2HgoNax4gTBEoDvD2ISNvmo2YR63DQgU5a2wl2nGljyqOTKrTER8ZmvqFceMUDYkT3oKbo2IZXmiG8nWfUxxPByM7uuTk6nuTimLDlMSv6r71"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
8dc408a76f37925c-FRA
x-zendesk-zorg
yes
favicon_ciq.ico
static.creatoriq.com/
15 KB
15 KB
Other
General
Full URL
https://static.creatoriq.com/favicon_ciq.ico?rev=d55bc546e46b733fb8473d91c9f83bf1ae942400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-31.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
82744e6ee9e40f7d8a1e0fe11a45f1b3e9b8600ca79cb8da5982676a0146535d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

etag
"6724f4f9-3aee"
age
72825
x-content-type-options
nosniff
x-pod
8585f889bd-qklbk
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
BtMy12xa9D_kxZ9UGTMSZOI83Cs6JfsU8T8kMbncLAVi8673KTB8gg==
date
Fri, 01 Nov 2024 15:58:51 GMT
content-type
image/x-icon
last-modified
Fri, 01 Nov 2024 15:34:17 GMT
access-control-allow-headers
Content-Type,X-SOCIALEDGE-ID,X-SOCIALEDGE-TOKEN, Accept
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=315360000
referrer-policy
origin
via
1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
15086
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P2
server
nginx
1413.638a81e0fc825c87d157.css
cdn1.creatoriq.com/creator-dashboard/dist/
22 KB
3 KB
Stylesheet
General
Full URL
https://cdn1.creatoriq.com/creator-dashboard/dist/1413.638a81e0fc825c87d157.css
Requested by
Host: cdn1.creatoriq.com
URL: https://cdn1.creatoriq.com/creator-dashboard/dist/runtime.81d14a25ebfa3d11e465.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6400:3:ff69:3940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85e4085a1813ca8da6ba0484de06763188ab33f3d7ac5c398c686a819e7e860f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

content-encoding
gzip
x-amz-version-id
null
etag
W/"cc722de22c324ce7aa8e0fec6cbacb64"
age
10032993
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
pNEwmnfml8CSOXu8Fd8A2XSjhuk9fEfuVPvuYDIdwcwzJYY9X2sEUQ==
date
Tue, 09 Jul 2024 09:16:04 GMT
content-type
text/css
vary
Accept-Encoding, Origin
last-modified
Tue, 09 Jul 2024 07:00:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
1413.4645e0134636fcf6998f.js
cdn1.creatoriq.com/creator-dashboard/dist/
1 MB
543 KB
Script
General
Full URL
https://cdn1.creatoriq.com/creator-dashboard/dist/1413.4645e0134636fcf6998f.js
Requested by
Host: cdn1.creatoriq.com
URL: https://cdn1.creatoriq.com/creator-dashboard/dist/runtime.81d14a25ebfa3d11e465.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6400:3:ff69:3940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
69b5e8c6b5b7d9c15f31e3e01ac50b2b173f23695808b723dbbf056875a8446d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

content-encoding
gzip
x-amz-version-id
null
etag
W/"7e626dd8e1dedfa2553eccf000c9370a"
age
1034675
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
W4VCfLaZjapDyJR-qAYuzjQnbQ5UeSnfnkOu8rkpCx7YafXW_8ec7g==
date
Mon, 21 Oct 2024 12:48:02 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
last-modified
Mon, 21 Oct 2024 12:36:20 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
app.dd26c378a36cb19fa25c.css
cdn1.creatoriq.com/creator-dashboard/dist/
83 KB
10 KB
Stylesheet
General
Full URL
https://cdn1.creatoriq.com/creator-dashboard/dist/app.dd26c378a36cb19fa25c.css
Requested by
Host: cdn1.creatoriq.com
URL: https://cdn1.creatoriq.com/creator-dashboard/dist/runtime.81d14a25ebfa3d11e465.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6400:3:ff69:3940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08ce3422c2c12b8a9bb2ec732e3b37e27212bb5cd371065b22eef0eb921bfa5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

content-encoding
gzip
x-amz-version-id
null
etag
W/"3d1bde4062dfbc05a8def1fc2be81aa2"
age
7699840
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
kgsRQu7xac_L7Tkc2JIIyPeovjkEtAzW12eS7g_pBoK8HlRDVZrs1Q==
date
Mon, 05 Aug 2024 09:21:57 GMT
content-type
text/css
vary
Accept-Encoding, Origin
last-modified
Fri, 02 Aug 2024 15:40:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
app.2346a0b004af876c064d.js
cdn1.creatoriq.com/creator-dashboard/dist/
481 KB
109 KB
Script
General
Full URL
https://cdn1.creatoriq.com/creator-dashboard/dist/app.2346a0b004af876c064d.js
Requested by
Host: cdn1.creatoriq.com
URL: https://cdn1.creatoriq.com/creator-dashboard/dist/runtime.81d14a25ebfa3d11e465.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6400:3:ff69:3940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae6a2e4c34605838094df4f766e66d69f19ccabefdd342d3bf64884823f26a25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

content-encoding
gzip
x-amz-version-id
null
etag
W/"7a3528cb91cade46288d609d0319e8a6"
age
418213
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
XUKgDbsEZgR8OrnxwUvPYqWiYmxhAFsjwURWVdFzQ9VwNxGOqOTWSQ==
date
Mon, 28 Oct 2024 16:02:24 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
last-modified
Mon, 28 Oct 2024 15:56:07 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
887.e11af86f386ffc6a6262.js
cdn1.creatoriq.com/creator-dashboard/dist/
0
36 KB
Other
General
Full URL
https://cdn1.creatoriq.com/creator-dashboard/dist/887.e11af86f386ffc6a6262.js
Requested by
Host: cdn1.creatoriq.com
URL: https://cdn1.creatoriq.com/creator-dashboard/dist/runtime.81d14a25ebfa3d11e465.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6400:3:ff69:3940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

content-encoding
gzip
x-amz-version-id
null
etag
W/"4c60551e1864e83c7e5701946a78c18e"
age
3902143
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
TgtaVCwpAz7pbaSn6uuBGaDC3aOTemNPi1SeXzTKRH2Tz13nAqiNyw==
date
Wed, 18 Sep 2024 08:16:54 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
last-modified
Wed, 18 Sep 2024 08:10:51 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
dashboard.749879dc76631f528e9c.js
cdn1.creatoriq.com/creator-dashboard/dist/
0
13 KB
Other
General
Full URL
https://cdn1.creatoriq.com/creator-dashboard/dist/dashboard.749879dc76631f528e9c.js
Requested by
Host: cdn1.creatoriq.com
URL: https://cdn1.creatoriq.com/creator-dashboard/dist/runtime.81d14a25ebfa3d11e465.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6400:3:ff69:3940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

content-encoding
gzip
x-amz-version-id
null
etag
W/"1c10140c6e69576278ee4b1eef7d01cf"
age
1696057
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
cOdgsjRyCAeUkVuPGtKeESeqoF1sWqvsI0kHMO6X3qbiabLMYGfn3g==
date
Sun, 13 Oct 2024 21:04:59 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
last-modified
Thu, 10 Oct 2024 13:09:35 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
Webp.net_resizeimage_1_.png
s3.us-west-1.amazonaws.com/whitelabelling.creatoriq.com/
2 KB
2 KB
Image
General
Full URL
https://s3.us-west-1.amazonaws.com/whitelabelling.creatoriq.com/Webp.net_resizeimage_1_.png
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.113.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8a38ca597bbe81a74ce3319eaa59077103bc58f5975d7b781c9cdabd088dee47

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

x-amz-id-2
Io8AdGhN9ObVvZ+Los02Nl4UnWToDlbAiX0Zp2bKJzF7HaydBGacCCXV/MD9lTX+e8Ff2Lezr5k=
ETag
"9f101171e9c4f3ab329efd3594a3d5de"
x-amz-version-id
EwROVQrgcNZyjWVYGCkcJoBHE9qGp86v
x-amz-request-id
YSRESV6SEXQW4SQR
Accept-Ranges
bytes
Content-Length
1874
Date
Sat, 02 Nov 2024 12:12:38 GMT
Last-Modified
Wed, 06 Mar 2024 17:48:57 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pinkbank.benefitcosmetics.com
Referer
https://fonts.googleapis.com/

Response headers

age
331805
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 16:02:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 16:02:32 GMT
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pinkbank.benefitcosmetics.com
Referer
https://fonts.googleapis.com/

Response headers

age
247199
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:32:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:32:38 GMT
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
8423.5cffae4fab28b2213004.css
cdn1.creatoriq.com/creator-dashboard/dist/
1 KB
897 B
Stylesheet
General
Full URL
https://cdn1.creatoriq.com/creator-dashboard/dist/8423.5cffae4fab28b2213004.css
Requested by
Host: cdn1.creatoriq.com
URL: https://cdn1.creatoriq.com/creator-dashboard/dist/runtime.81d14a25ebfa3d11e465.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6400:3:ff69:3940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
514e510f933c10364cb86e74b19c8a37d3b178b89edb5cf10a346e6ec987393b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

content-encoding
gzip
x-amz-version-id
null
etag
W/"3594fc9e408bc23f7e9432e210d26be3"
age
7615384
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
hBfZjaEf5m6ERLKqe_3yjuYPiKzzAWWer3AD05L0KR54I5vCZBsGGg==
date
Tue, 06 Aug 2024 08:49:34 GMT
content-type
text/css
vary
Accept-Encoding, Origin
last-modified
Mon, 05 Aug 2024 09:28:31 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
8423.3772c97793bd6b546295.js
cdn1.creatoriq.com/creator-dashboard/dist/
3 KB
2 KB
Script
General
Full URL
https://cdn1.creatoriq.com/creator-dashboard/dist/8423.3772c97793bd6b546295.js
Requested by
Host: cdn1.creatoriq.com
URL: https://cdn1.creatoriq.com/creator-dashboard/dist/runtime.81d14a25ebfa3d11e465.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6400:3:ff69:3940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae34589702f7bb8dd2e0fe11edf203a94337cf68745ea085a442068a176c10f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

content-encoding
gzip
x-amz-version-id
null
etag
W/"63e81b7f11febcea15d2e32434b2eb29"
age
7615384
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
MxDlBBmAE6EOyIYbJ-kiiLMXachD3PhnDL07YvNgCYW6MfeG3ziYgw==
date
Tue, 06 Aug 2024 08:49:34 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
last-modified
Mon, 05 Aug 2024 09:28:31 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
favicon_ciq.ico
static.creatoriq.com/
15 KB
0
Other
General
Full URL
https://static.creatoriq.com/favicon_ciq.ico?rev=d55bc546e46b733fb8473d91c9f83bf1ae942400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-31.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
82744e6ee9e40f7d8a1e0fe11a45f1b3e9b8600ca79cb8da5982676a0146535d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

etag
"6724f4f9-3aee"
age
72825
x-content-type-options
nosniff
x-pod
8585f889bd-qklbk
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
BtMy12xa9D_kxZ9UGTMSZOI83Cs6JfsU8T8kMbncLAVi8673KTB8gg==
date
Fri, 01 Nov 2024 15:58:51 GMT
content-type
image/x-icon
last-modified
Fri, 01 Nov 2024 15:34:17 GMT
access-control-allow-headers
Content-Type,X-SOCIALEDGE-ID,X-SOCIALEDGE-TOKEN, Accept
x-frame-options
SAMEORIGIN
cache-control
max-age=315360000
referrer-policy
origin
via
1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
15086
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P2
server
nginx
favicon_ciq.ico
static.creatoriq.com/
15 KB
0
Other
General
Full URL
https://static.creatoriq.com/favicon_ciq.ico?rev=d55bc546e46b733fb8473d91c9f83bf1ae942400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-31.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
82744e6ee9e40f7d8a1e0fe11a45f1b3e9b8600ca79cb8da5982676a0146535d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

etag
"6724f4f9-3aee"
age
72825
x-content-type-options
nosniff
x-pod
8585f889bd-qklbk
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
BtMy12xa9D_kxZ9UGTMSZOI83Cs6JfsU8T8kMbncLAVi8673KTB8gg==
date
Fri, 01 Nov 2024 15:58:51 GMT
content-type
image/x-icon
last-modified
Fri, 01 Nov 2024 15:34:17 GMT
access-control-allow-headers
Content-Type,X-SOCIALEDGE-ID,X-SOCIALEDGE-TOKEN, Accept
x-frame-options
SAMEORIGIN
cache-control
max-age=315360000
referrer-policy
origin
via
1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
15086
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P2
server
nginx
CreatorPaymentTool_HomepageImage.jpg
s3.us-west-1.amazonaws.com/whitelabelling.creatoriq.com/
253 KB
253 KB
Image
General
Full URL
https://s3.us-west-1.amazonaws.com/whitelabelling.creatoriq.com/CreatorPaymentTool_HomepageImage.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.113.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5519b740a2bac977523176b59c40b086921bae3c2eeeb45888834561af1e3bcd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pinkbank.benefitcosmetics.com/

Response headers

x-amz-id-2
Z8qmwNuDf8g7U8VDbytu3uHQ+Yb7YKCu2JLlvdqx+97D7QQeJkO43Rj4JvKX81D8QMPqDCFH5NY=
ETag
"6672d725ed38ff8e04ffcb760b6d2ff1"
x-amz-version-id
reZgl_CXOIdfAnyjH_uedVELRjuwm.Q_
x-amz-request-id
YSR51K6Y8EYB2G2B
Accept-Ranges
bytes
Content-Length
258742
Date
Sat, 02 Nov 2024 12:12:38 GMT
Last-Modified
Thu, 29 Feb 2024 15:36:23 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pinkbank.benefitcosmetics.com
Referer
https://fonts.googleapis.com/

Response headers

age
245727
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:57:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:57:10 GMT
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
pv
socialedge2.zendesk.com/frontendevents/ Frame E40B
0
0
Fetch
General
Full URL
https://socialedge2.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7767f7f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.54.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

x-request-id
8dc408b00cc3925c-FRA
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wyr9YHhDGEumy3OF3c01zyxbNpNxOlQ4Tsi2bgnhLq9qiVoIuxoz9urNEeN7C6xefF8wSN7RutpgqYJJJEvluIJe95AETJMolrx%2F7srTWuk%2BWHojt8Y6OjnpxJAR%2FJ%2FWgUoawaorKg7g"}],"group":"cf-nel","max_age":604800}
cf-ray
8dc408b00cc3925c-FRA
access-control-allow-origin
*
content-length
0
x-zendesk-zorg
yes
date
Sat, 02 Nov 2024 12:12:37 GMT
vary
Origin
server
cloudflare

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| presets object| zEWebpackACJsonp function| zE function| zEmbed function| loadResource function| checkCdn function| isCdnCheckRequired function| saveCdnCheck function| onCdnError function| bodyLoaded object| webpackManifest function| __ls object| webpackChunkcampaigns boolean| zEACLoaded object| SENTRY_RELEASE object| SENTRY_RELEASES object| platform object| init string| basename number| __ls_inited object| __lsRecorder string| __lsAID string| __lsWID object| GRI function| encrypt function| _

2 Cookies

Domain/Path Name / Value
.api-pinkbank.benefitcosmetics.com/ Name: s
Value: f04c14e6fbc0e510295bc3d26e90894adcb51d82
api-pinkbank.benefitcosmetics.com/ Name: jwt_anonymous
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwYXJ0bmVySWQiOjM3MzAsImp0aSI6ImVkMjYwNDUyMDI1NjcyZmJkYmM0NjFmMWJiMjYyZTE4OTMwNTVkNjEiLCJpYXQiOjE3MzA1NDk1NTYsImV4cCI6MTczMDU1MDE1NiwiY3NyZlByb3RlY3Rpb24iOnRydWV9.P-j9ZJ8NWgV-7R7ajKIJ8VYRoaYPGhaDHzPKH3azrEk

2 Console Messages

Source Level URL
Text
security error URL: https://pinkbank.benefitcosmetics.com/connect/
Message:
[Report Only] Refused to load the script 'https://static.zdassets.com/ekr/snippet.js?key=74bde9a0-3346-45bd-aa3e-8ed2505d89e1' because it violates the following Content Security Policy directive: "script-src 'nonce-VLmnUG8xuGxtYmAc' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: http:". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network error URL: https://api-pinkbank.benefitcosmetics.com/api/session?timestamp=1730549555589
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-pinkbank.benefitcosmetics.com
cdn.livesession.io
cdn1.creatoriq.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
o409202.ingest.us.sentry.io
pinkbank.benefitcosmetics.com
rs.livesession.io
s3.us-west-1.amazonaws.com
socialedge2.zendesk.com
static.creatoriq.com
static.zdassets.com
18.66.122.31
216.198.53.3
216.198.54.1
2600:9000:26db:6400:3:ff69:3940:93a1
2606:4700:3031::ac43:a619
2a00:1450:4001:809::2003
2a00:1450:4001:82f::200a
2a05:d014:58f:6200::65
34.120.195.249
52.219.113.120
52.8.179.245
52.8.79.12
02bf5cedb5b63c29d5d166c066c426e37865e446d4b017828f9f1244e7b93fab
034e3e9fee331ffd6f57ca9caa698aad4f7d9a9fc4cec17d4283555f2252b87e
08ce3422c2c12b8a9bb2ec732e3b37e27212bb5cd371065b22eef0eb921bfa5d
0e4acc3c4a8af5e36215d0798a64701736005eee3da758501451dc0913b2414b
1676630e51f4c7ff4737d836f6ad5c733af0c9cc148cc26370f318a42528b61f
17dc26a999e38f9db0c8d81ffb7c08725999cb3aebddeeaaaab10a36cd0f59ab
1d3530a695c5135ef2d1426ea3894d2d04f243bb791fa15b7a869ad2c02976a1
25046de857066e2a87b729d55871729a63ed7273be1ba2b62b0274a04b097cf3
2b6ba0e6eed66ab5345210b7d09665ad5ab7e8b737b6f6cb0ae65d267372cc44
3112b5244879e68773ae5806965ee5d8117653c282401ec41d436702bc1dfa49
3d02dd435351c8bd9989994783de0fbf214028c284f4e62cb11527e4845ceca3
403d63d0c3303997136fe860c0f3232d6a5ce4fd0656745ff188f655da6039e3
514e510f933c10364cb86e74b19c8a37d3b178b89edb5cf10a346e6ec987393b
5519b740a2bac977523176b59c40b086921bae3c2eeeb45888834561af1e3bcd
61388f11268edecdbf68785044963f837ba7fb4da644f1d1d43ee4223e6e4bc1
69b5e8c6b5b7d9c15f31e3e01ac50b2b173f23695808b723dbbf056875a8446d
6c079922f22a5b0f90a5dbf336aca62d0ec1a50a720cae96f0b746d0b3bd3b45
6f2b35d7fde510134af8c95d1a85b7a4359de794d51ff753aca5c8a54d8f2e14
780f9e949c23e2d1c5fb810c174607f8f884d8711d2b53fb831b583059edd7c9
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
82744e6ee9e40f7d8a1e0fe11a45f1b3e9b8600ca79cb8da5982676a0146535d
85e4085a1813ca8da6ba0484de06763188ab33f3d7ac5c398c686a819e7e860f
8a38ca597bbe81a74ce3319eaa59077103bc58f5975d7b781c9cdabd088dee47
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a28ad11f73172b5d7d45715d24d61dce6ff1feae481050021f471e027070cc44
a8ea257fb082f88bd1cf41884b57df105f329783529a545a80e1760738bdf4ad
ae216603ac15b1393afe88e79a0f82ccdb64975bb0dc8f5ec52b2309101a166c
ae34589702f7bb8dd2e0fe11edf203a94337cf68745ea085a442068a176c10f3
ae6a2e4c34605838094df4f766e66d69f19ccabefdd342d3bf64884823f26a25
c507bc491a38277126a37eef721cae58cc6764dac8c0a953d5fab4228b2efa4f
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d5e73ae42ed4f068014f2ac26f036966e4997aa1fd32c2182859e3163dd1f71a
d6b6e98b85f8c643cc8a1c28e197b81329465e9da317fc62c90f233ceaaddf7e
dae65e43ce0ffcb9722f0ac5dc5a774548f0134883a1e046b981aed48b69dfa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149