affiliate.goplaycosmetics.com Open in urlscan Pro
162.55.161.122 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://affiliate.goplaycosmetics.com/
Submission: On December 18 via api (December 18th 2024, 4:44:25 pm UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 17 domains to perform 56 HTTP transactions. The main IP is 162.55.161.122, located in Mammelzen, Germany and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is affiliate.goplaycosmetics.com.
TLS certificate: Issued by E6 on November 12th 2024. Valid for: 3 months.

This is the only time affiliate.goplaycosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	162.55.161.122 162.55.161.122	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	172.67.74.127 172.67.74.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	49.12.33.254 49.12.33.254	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	104.18.67.220 104.18.67.220	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1 2	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:b70... 2a02:26f0:b700:289::1931	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	54.171.46.158 54.171.46.158	16509 (AMAZON-02) (AMAZON-02)
2	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
1	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1f::9a	15169 (GOOGLE) (GOOGLE)
2	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
5	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
4	172.67.4.125 172.67.4.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1	18.245.60.19 18.245.60.19	16509 (AMAZON-02) (AMAZON-02)
3	2a05:d018:1af... 2a05:d018:1af:ff00:78df:4f0:145e:c42d	16509 (AMAZON-02) (AMAZON-02)
2	99.80.34.205 99.80.34.205	16509 (AMAZON-02) (AMAZON-02)
56	22

11 162.55.161.122 (Mammelzen, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.122.161.55.162.clients.your-server.de

affiliate.goplaycosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.74.127 (United States)

ASN13335 (CLOUDFLARENET, US)

api.goaffpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 49.12.33.254 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: creatives.goaffpro.com

creatives.goaffpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.67.220 (None, )

ASN13335 (CLOUDFLARENET, US)

images.pexels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:b700:289::1931 (Hamburg, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.46.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-46-158.eu-west-1.compute.amazonaws.com

smct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1f::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.128.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.4.125 (United States)

ASN13335 (CLOUDFLARENET, US)

js.smct.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ls.smct.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-19.fra60.r.cloudfront.net

d2d7do8qaecbru.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:1af:ff00:78df:4f0:145e:c42d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

cognito-identity.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.34.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-34-205.eu-west-1.compute.amazonaws.com

firehose.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	goplaycosmetics.com affiliate.goplaycosmetics.com	231 KB
7	goaffpro.com api.goaffpro.com — Cisco Umbrella Rank: 60674 creatives.goaffpro.com — Cisco Umbrella Rank: 780678	1 MB
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 953	6 KB
5	amazonaws.com cognito-identity.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 10253 firehose.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 15786	3 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	476 KB
4	smct.io js.smct.io — Cisco Umbrella Rank: 35509 ls.smct.io — Cisco Umbrella Rank: 47170	35 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	24 B
2	google.de www.google.de — Cisco Umbrella Rank: 10745	127 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 135 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	578 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	214 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1065	25 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	62 KB
1	cloudfront.net d2d7do8qaecbru.cloudfront.net
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 96	3 KB
1	smct.co smct.co — Cisco Umbrella Rank: 16624	5 KB
1	pexels.com images.pexels.com — Cisco Umbrella Rank: 41041	145 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
56	17

	Domain	Requested by
11	affiliate.goplaycosmetics.com	affiliate.goplaycosmetics.com
6	ct.pinterest.com	s.pinimg.com
5	www.googletagmanager.com	affiliate.goplaycosmetics.com www.googletagmanager.com
5	creatives.goaffpro.com
3	cognito-identity.eu-west-1.amazonaws.com	js.smct.io
3	js.smct.io	smct.co js.smct.io
2	firehose.eu-west-1.amazonaws.com	js.smct.io
2	www.google.de
2	www.facebook.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.google.com	1 redirects www.googletagmanager.com
2	connect.facebook.net	affiliate.goplaycosmetics.com connect.facebook.net
2	api.goaffpro.com	affiliate.goplaycosmetics.com
1	d2d7do8qaecbru.cloudfront.net	js.smct.io
1	ls.smct.io	js.smct.io
1	googleads.g.doubleclick.net	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	smct.co	www.googletagmanager.com
1	images.pexels.com
1	fonts.googleapis.com	affiliate.goplaycosmetics.com
56	22

This site contains links to these domains. Also see Links.

Domain
goplaycosmetics.com
play.google.com
apps.apple.com

Subject Issuer	Validity	Valid
affiliate.goplaycosmetics.com E6	`2024-11-12` - `2025-02-10`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
goaffpro.com WE1	`2024-11-21` - `2025-02-19`	3 months	crt.sh
creatives.goaffpro.com R11	`2024-10-26` - `2025-01-24`	3 months	crt.sh
images.pexels.com E5	`2024-10-23` - `2025-01-21`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-26` - `2024-12-25`	3 months	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-02` - `2025-08-07`	a year	crt.sh
smct.co Amazon RSA 2048 M02	`2024-12-01` - `2025-12-30`	a year	crt.sh
*.googleadservices.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.de WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
smct.io WE1	`2024-11-02` - `2025-01-31`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
cognito-identity.eu-west-1.amazonaws.com Amazon RSA 2048 M03	`2024-02-23` - `2025-03-23`	a year	crt.sh
firehose.eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2024-12-07` - `2025-11-22`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://affiliate.goplaycosmetics.com/
Frame ID: 7099B8D024CB01BBD0236780D5E4FF40
Requests: 49 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Faffiliate.goplaycosmetics.com
Frame ID: E5D69BACEEC7BDCFC1ED0D6D48238302
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 03E5F95E727B021EC28ADD7AA48A28AA
Requests: 1 HTTP requests in this frame

Frame: https://ls.smct.io/lse1.3.html
Frame ID: 45DAF355B45B59C3A2BFEB7AC3EEA572
Requests: 1 HTTP requests in this frame

Frame: https://d2d7do8qaecbru.cloudfront.net/live/lse1.1.html
Frame ID: 6F66858ECBFDD05A244D1EAAA59EFEA3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Affiliate Portal

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

56
Requests

95 %
HTTPS

27 %
IPv6

17
Domains

22
Subdomains

22
IPs

5
Countries

2168 kB
Transfer

4022 kB
Size

20
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://goplaycosmetics.com/
Title: goplaycosmetics.com

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.goaffpro.app

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/pro-affiliates/id1489316147?ls=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/694891522/?random=267179293&cv=11&fst=1734540261157&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v889906747z8811858134za201zb811858134&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Faffiliate.goplaycosmetics.com%2F&label=O6zZCJruiLQBEILorMsC&hn=www.googleadservices.com&frm=0&tiba=Affiliate%20Portal&value=0&npa=1&pscdl=noapi&auid=256909108.1734540261&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkondHJpZ2dlciwgZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&eitems=ChAIgIKKuwYQ_qKWx4XM1YoeEh0ASb_cSjPW2IPogcV6_NHn2LBvVNjWng1vihkUTw&pscrd=IhMImYX5gOKxigMVsPARCB1ZATVJMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiZodHRwczovL2FmZmlsaWF0ZS5nb3BsYXljb3NtZXRpY3MuY29tL0JWQ2hBSWdJS0t1d1lRdDZHbTV0MmY2Y05yRWl3QUlIN1BzY1ZzWnVpMEo0WFF6a05qTlNDdHdUeGppSFJnWW01NnlpRUh1bkR1S2tuU214b3NuNU9EbHc HTTP 302
https://www.google.com/pagead/1p-conversion/694891522/?random=267179293&cv=11&fst=1734540261157&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v889906747z8811858134za201zb811858134&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Faffiliate.goplaycosmetics.com%2F&label=O6zZCJruiLQBEILorMsC&hn=www.googleadservices.com&frm=0&tiba=Affiliate%20Portal&value=0&npa=1&pscdl=noapi&auid=256909108.1734540261&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkondHJpZ2dlciwgZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMImYX5gOKxigMVsPARCB1ZATVJMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiZodHRwczovL2FmZmlsaWF0ZS5nb3BsYXljb3NtZXRpY3MuY29tL0JWQ2hBSWdJS0t1d1lRdDZHbTV0MmY2Y05yRWl3QUlIN1BzY1ZzWnVpMEo0WFF6a05qTlNDdHdUeGppSFJnWW01NnlpRUh1bkR1S2tuU214b3NuNU9EbHc&is_vtc=1&cid=CAQSGwCa7L7dWEiJj1lcD7HmhAZGnTjLfoXpmrBHBQ&eitems=ChAIgIKKuwYQ_qKWx4XM1YoeEh0ASb_cSk1YRUjpJrfgw5Eg_OwHSREWpQo4y3f8VA&random=4242047507 HTTP 302
https://www.google.de/pagead/1p-conversion/694891522/?random=267179293&cv=11&fst=1734540261157&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v889906747z8811858134za201zb811858134&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Faffiliate.goplaycosmetics.com%2F&label=O6zZCJruiLQBEILorMsC&hn=www.googleadservices.com&frm=0&tiba=Affiliate%20Portal&value=0&npa=1&pscdl=noapi&auid=256909108.1734540261&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkondHJpZ2dlciwgZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMImYX5gOKxigMVsPARCB1ZATVJMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiZodHRwczovL2FmZmlsaWF0ZS5nb3BsYXljb3NtZXRpY3MuY29tL0JWQ2hBSWdJS0t1d1lRdDZHbTV0MmY2Y05yRWl3QUlIN1BzY1ZzWnVpMEo0WFF6a05qTlNDdHdUeGppSFJnWW01NnlpRUh1bkR1S2tuU214b3NuNU9EbHc&is_vtc=1&cid=CAQSGwCa7L7dWEiJj1lcD7HmhAZGnTjLfoXpmrBHBQ&eitems=ChAIgIKKuwYQ_qKWx4XM1YoeEh0ASb_cSk1YRUjpJrfgw5Eg_OwHSREWpQo4y3f8VA&random=4242047507&ipr=y

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
affiliate.goplaycosmetics.com/ 6 KB
2 KB 105ms
10ms Document
text/html 162.55.161.122
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.goplaycosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.161.122 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.122.161.55.162.clients.your-server.de
Software: Caddy /
Resource Hash: ce188c100e25e66ca6f9d6761bbd6f91671ac0e8c56b257502a0b3b58cf82ead

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
content-encoding: zstd
content-length: 2241
content-type: text/html; charset=utf-8
date: Wed, 18 Dec 2024 16:44:20 GMT
etag: "soosll4dt"
last-modified: Wed, 18 Dec 2024 11:15:21 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 index-BawRg02u.js Show response
affiliate.goplaycosmetics.com/assets/ 483 KB
162 KB 34ms
33ms Script
text/javascript 162.55.161.122
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.goplaycosmetics.com/assets/index-BawRg02u.js
Requested by: Host: affiliate.goplaycosmetics.com
URL: https://affiliate.goplaycosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.161.122 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.122.161.55.162.clients.your-server.de
Software: Caddy /
Resource Hash: d71a675565722df5d87a3792e3193d9a9e759b792e6b92a249672a804247a259

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://affiliate.goplaycosmetics.com
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: zstd
etag: "soosm1alug"
alt-svc: h3=":443"; ma=2592000
date: Wed, 18 Dec 2024 16:44:20 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 18 Dec 2024 11:15:37 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 index-DvyCiYjx.css
affiliate.goplaycosmetics.com/assets/ 226 KB
35 KB 22ms
21ms Stylesheet
text/css 162.55.161.122
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.goplaycosmetics.com/assets/index-DvyCiYjx.css
Requested by: Host: affiliate.goplaycosmetics.com
URL: https://affiliate.goplaycosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.161.122 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.122.161.55.162.clients.your-server.de
Software: Caddy /
Resource Hash: c2db6ddc37fc6f1a90c8cf338164fbad65dca8bce3eff646343ae8b97c1adc1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://affiliate.goplaycosmetics.com
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: zstd
etag: "soosm24yvc"
alt-svc: h3=":443"; ma=2592000
date: Wed, 18 Dec 2024 16:44:20 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 18 Dec 2024 11:15:38 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 72ms
21ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;700&display=swap

Requested by

Host: affiliate.goplaycosmetics.com
URL: https://affiliate.goplaycosmetics.com/assets/index-DvyCiYjx.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07ffe99bbad6a01eefc554124b34927e60911ed74c21b5bb4e7361ddfc4e2845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 18 Dec 2024 16:44:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 16:44:20 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 18 Dec 2024 15:33:23 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 / Show response
api.goaffpro.com/partner/ 6 KB
3 KB 74ms
73ms Fetch
application/json 172.67.74.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.goaffpro.com/partner/

Requested by

Host: affiliate.goplaycosmetics.com
URL: https://affiliate.goplaycosmetics.com/assets/index-BawRg02u.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8e3a2aba2ad2df32e3825d80f963d77e50f9c6143a8e7b240166214170d470e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"19c6-f8eyJUID76IjJ5PjRgcoe5s1ot0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OqqRR%2Bgzb8hctR8I4dtp4URNzH5nxI7Zvpnu6Un6L8zK%2FOkYaPnfuDjrJFuSlYMNcJLmgz%2FXEej3Y%2FMQwbtV8hRC1EZwR%2F44EWIJHW8v3K4eDPbr4i3FPao29kF3kq3PJF0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9845&min_rtt=7801&rtt_var=2778&sent=11&recv=10&lost=0&retrans=0&sent_bytes=2678&recv_bytes=4333&delivery_rate=843&cwnd=12000&unsent_bytes=0&cid=69f3214070740f61&ts=59&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 16:44:20 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
x-frame-options: DENY
x-cache-status: MISS
strict-transport-security: max-age=15768000; includeSubdomains; preload
content-security-policy: default-src 'self' 'unsafe-inline'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8f409df5ad16380a-FRA
access-control-allow-origin: https://affiliate.goplaycosmetics.com
x-xss-protection: 1;mode=block
x-powered-by: Express
server: cloudflare

OPTIONS
H3 200 /
api.goaffpro.com/partner/ Frame 0
0 64ms
31ms Preflight 172.67.74.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.goaffpro.com/partner/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://affiliate.goplaycosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,X-Shop,content-type,x-site-id,x-goaffpro-public-key,x-goaffpro-public-token,x-goaffpro-access-token
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://affiliate.goplaycosmetics.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 8f409df55ec44d5a-FRA
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline'
date: Wed, 18 Dec 2024 16:44:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=1,i
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BtLxxrtAKmtpkRmf0gL2HsFuTlpeS3DBVVyR%2F3dL1mnq8ihstRjOL2B1kLX66ijLsuQXG2rpUqUbxLhhkGlGKc3dwmWG%2Fzy%2B17qMqV1bMcpaDWd1L3WbLZ1QFVoUKet5sqA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=7854&min_rtt=7506&rtt_var=2144&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4310&recv_bytes=4441&delivery_rate=76708&cwnd=12000&unsent_bytes=0&cid=df52803dbdd298e8&ts=42&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=15768000; includeSubdomains; preload
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 1;mode=block

GET
H3 200 favicon.ico
affiliate.goplaycosmetics.com/ 6 KB
2 KB 19ms
19ms Other
text/html 162.55.161.122
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.goplaycosmetics.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.55.161.122 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.122.161.55.162.clients.your-server.de
Software: Caddy /
Resource Hash: ce188c100e25e66ca6f9d6761bbd6f91671ac0e8c56b257502a0b3b58cf82ead

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: zstd
etag: "soosll4dt"
content-length: 2241
date: Wed, 18 Dec 2024 16:44:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: Caddy
last-modified: Wed, 18 Dec 2024 11:15:21 GMT

GET
H3 200 en-DFjPdPZU.js Show response
affiliate.goplaycosmetics.com/assets/ 16 KB
6 KB 13ms
13ms Script
text/javascript 162.55.161.122
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.goplaycosmetics.com/assets/en-DFjPdPZU.js
Requested by: Host: affiliate.goplaycosmetics.com
URL: https://affiliate.goplaycosmetics.com/assets/index-BawRg02u.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.55.161.122 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.122.161.55.162.clients.your-server.de
Software: Caddy /
Resource Hash: b06b8084c09dcae165a0c51fe813e9ee7db135b7c89af7685b2dfeedb8dd1bdc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://affiliate.goplaycosmetics.com
Referer: https://affiliate.goplaycosmetics.com/assets/index-BawRg02u.js

Response headers

content-encoding: zstd
etag: "soosm1cd2"
date: Wed, 18 Dec 2024 16:44:20 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 18 Dec 2024 11:15:37 GMT
server: Caddy
vary: Accept-Encoding

GET
H/1.1 200
OK -t-xNgO91xP.png
creatives.goaffpro.com/41878/files/ 78 KB
78 KB 40ms
15ms Other
image/png 49.12.33.254
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.goaffpro.com/41878/files/-t-xNgO91xP.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.33.254 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: creatives.goaffpro.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 140276aac80f391c8d9e86db956777a2cceb5c030eb689d16768b6eb959e4174

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

X-Cache-Status: HIT
Cache-Control: max-age=31536000
ETag: "2ecc0606793b3444eb6c5edb6e66deb8"
Connection: keep-alive
x-amz-request-id: 0D0G4F3TPGX464JP
Accept-Ranges: bytes
Content-Length: 79591
Date: Wed, 18 Dec 2024 16:44:20 GMT
Content-Type: image/png
Last-Modified: Thu, 24 Feb 2022 05:54:10 GMT
Server: nginx/1.14.0 (Ubuntu)
x-amz-id-2: mN1BbibVOTXSlPGoxkNOe071SgMXlWu/o8FhM1SyOfrZHGbSzDsuzzgwCB7MF90M+lt9E7D2V/4=

GET
H3 200 Dropdown_Internal-9bNlCzWc.js Show response
affiliate.goplaycosmetics.com/assets/ 661 B
561 B 13ms
12ms Script
text/javascript 162.55.161.122
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.goplaycosmetics.com/assets/Dropdown_Internal-9bNlCzWc.js
Requested by: Host: affiliate.goplaycosmetics.com
URL: https://affiliate.goplaycosmetics.com/assets/index-BawRg02u.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.55.161.122 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.122.161.55.162.clients.your-server.de
Software: Caddy /
Resource Hash: e66270b362442ecb928cb84a0b2e335ace770b4e1357dc989aa8754d1ed0a2b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://affiliate.goplaycosmetics.com
Referer

Response headers

content-encoding: zstd
etag: "sooslxid"
content-length: 437
date: Wed, 18 Dec 2024 16:44:20 GMT
last-modified: Wed, 18 Dec 2024 11:15:33 GMT
vary: Accept-Encoding
server: Caddy
content-type: text/javascript; charset=utf-8

GET
H3 200 Dropdown-xEb3OJ6x.js Show response
affiliate.goplaycosmetics.com/assets/ 37 KB
15 KB 13ms
12ms Script
text/javascript 162.55.161.122
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.goplaycosmetics.com/assets/Dropdown-xEb3OJ6x.js
Requested by: Host: affiliate.goplaycosmetics.com
URL: https://affiliate.goplaycosmetics.com/assets/index-BawRg02u.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.55.161.122 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.122.161.55.162.clients.your-server.de
Software: Caddy /
Resource Hash: 1f306cff870ee476cd1dd6f273bf3557084df16739047b50a9ffd985b8ef8165

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://affiliate.goplaycosmetics.com
Referer

Response headers

content-encoding: zstd
date: Wed, 18 Dec 2024 16:44:20 GMT
etag: "sooslxtcv"
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Caddy
last-modified: Wed, 18 Dec 2024 11:15:33 GMT

GET
H3 200 useMergedRefs-DPHRbBM7.js Show response
affiliate.goplaycosmetics.com/assets/ 3 KB
2 KB 13ms
12ms Script
text/javascript 162.55.161.122
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.goplaycosmetics.com/assets/useMergedRefs-DPHRbBM7.js
Requested by: Host: affiliate.goplaycosmetics.com
URL: https://affiliate.goplaycosmetics.com/assets/index-BawRg02u.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.55.161.122 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.122.161.55.162.clients.your-server.de
Software: Caddy /
Resource Hash: 456fc32bb6d426e1f04f2700e14ca5c8f3cd85f51e00448fb528a4068446097a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://affiliate.goplaycosmetics.com
Referer

Response headers

content-encoding: zstd
etag: "soosm32dg"
content-length: 1522
date: Wed, 18 Dec 2024 16:44:20 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 18 Dec 2024 11:15:39 GMT
vary: Accept-Encoding
server: Caddy

GET css
fonts.googleapis.com/ 0
0

GET
H3 200 euro-coins-currency-money-106152.jpeg
images.pexels.com/photos/106152/ 145 KB
145 KB 62ms
35ms Image
image/jpeg 104.18.67.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.pexels.com/photos/106152/euro-coins-currency-money-106152.jpeg?auto=compress&cs=tinysrgb&h=650&w=940

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.67.220 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d44a0cf44652a3e4c7dd45056097053280d50eecbb0f8e5f97216e4f3a3f5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 7410
x-content-type-options: nosniff
expires: Thu, 18 Dec 2025 16:44:20 GMT
cf-polished: status=not_needed
x-cache: MISS, HIT
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Dec 2024 16:44:20 GMT
content-type: image/jpeg
last-modified: Fri, 15 Nov 2024 01:39:51 GMT
x-served-by: cache-chi-kigq8000115-CHI, cache-dfw-kdfw8210086-DFW
priority: u=1,i
vary: Accept-Encoding
server-timing: cfExtPri
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 8f409df66e988f3f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 148159
server: cloudflare
x-imgix-id: cd7f61c2266413ca416bd458a27656a60d57bf42

GET
H3 200 FacebookChatViaPage-C_elEFQx.js Show response
affiliate.goplaycosmetics.com/assets/ 836 B
620 B 11ms
10ms Script
text/javascript 162.55.161.122
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.goplaycosmetics.com/assets/FacebookChatViaPage-C_elEFQx.js
Requested by: Host: affiliate.goplaycosmetics.com
URL: https://affiliate.goplaycosmetics.com/assets/index-BawRg02u.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.55.161.122 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.122.161.55.162.clients.your-server.de
Software: Caddy /
Resource Hash: 7397f08287ef5e11dabcc8b2826f16124b80deba2b31bf4f9e233d4054e66472

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://affiliate.goplaycosmetics.com
Referer: https://affiliate.goplaycosmetics.com/assets/index-BawRg02u.js

Response headers

content-encoding: zstd
etag: "sooslxn8"
content-length: 495
date: Wed, 18 Dec 2024 16:44:20 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 18 Dec 2024 11:15:33 GMT
server: Caddy
vary: Accept-Encoding

GET
H/1.1 200
OK 6779E7qvO6r.png
creatives.goaffpro.com/41878/files/ 136 KB
136 KB 37ms
18ms Image
image/png 49.12.33.254
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.goaffpro.com/41878/files/6779E7qvO6r.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.33.254 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: creatives.goaffpro.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2daaa9759513b7af0d9a75b9242fcbb8c48a083252cb78901208e644c4dd303d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

X-Cache-Status: HIT
Cache-Control: max-age=31536000
ETag: "409dd81b9e1962d548bc331e082cc4bd"
Connection: keep-alive
x-amz-request-id: X8R36ARB0MQJKYW2
Accept-Ranges: bytes
Content-Length: 139078
Date: Wed, 18 Dec 2024 16:44:20 GMT
Content-Type: image/png
Last-Modified: Thu, 24 Feb 2022 05:53:56 GMT
Server: nginx/1.14.0 (Ubuntu)
x-amz-id-2: gdbXW08pAQTsmV1L56jBtf9xNbxSWNw5vsDLop6FrWjIVU3PsEYxcO/t3drBxdUybW7r1sCTKbM=

GET
H/1.1 200
OK wpzecsvw.jpg
creatives.goaffpro.com/41878/files/ 329 KB
330 KB 31ms
13ms Image
image/jpeg 49.12.33.254
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.goaffpro.com/41878/files/wpzecsvw.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.33.254 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: creatives.goaffpro.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6f16806329bde849eed4eb83460d3b0eecf6fa748c69c009cc83ddf2900dc550

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

X-Cache-Status: HIT
Cache-Control: max-age=31536000
ETag: "de2534dba88207ab932fe590f8ac9b35"
Connection: keep-alive
x-amz-request-id: H45CS7D9C77P5CEZ
Accept-Ranges: bytes
Content-Length: 337110
Date: Wed, 18 Dec 2024 16:44:20 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 12 Nov 2024 06:49:50 GMT
Server: nginx/1.14.0 (Ubuntu)
x-amz-id-2: qZLZefuGuIXE91OH72GZ7BSWMPmxJU3K+O8IiBeltqscLB5w7w43fdTyPwPGk7kZIDaDTD5vM7I=

GET
H/1.1 200
OK sskrbwhq.jpg
creatives.goaffpro.com/41878/files/ 313 KB
313 KB 43ms
22ms Image
image/jpeg 49.12.33.254
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.goaffpro.com/41878/files/sskrbwhq.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.33.254 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: creatives.goaffpro.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 147df5426279fa56c2864ad86e30154ce3590805d5eddecba69383ba003a6c69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

X-Cache-Status: HIT
Cache-Control: max-age=31536000
ETag: "829086b1536b19019977a4767d81c670"
Connection: keep-alive
x-amz-request-id: 77C7C7DY11SW489W
Accept-Ranges: bytes
Content-Length: 320341
Date: Wed, 18 Dec 2024 16:44:20 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 12 Nov 2024 06:50:29 GMT
Server: nginx/1.14.0 (Ubuntu)
x-amz-id-2: SIvyAmjsT6mx1gV/prJjxlHQDfHq6BmPYKEBQSH8XKCMf9y4CBQnAwWkxbjcDDSBGfWbdDowhEQ=

GET
H/1.1 200
OK zrjmbzwz.jpg
creatives.goaffpro.com/41878/files/ 314 KB
314 KB 45ms
24ms Image
image/jpeg 49.12.33.254
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.goaffpro.com/41878/files/zrjmbzwz.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.33.254 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: creatives.goaffpro.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 565376c4e925bc3094e11ad9198184ff32abbb97fa5ae4e61edf31117398a8da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

X-Cache-Status: HIT
Cache-Control: max-age=31536000
ETag: "7527b8d4dfacd8ac6ba2d8babc528b45"
Connection: keep-alive
x-amz-request-id: TRB5E8Q8DBQ572GE
Accept-Ranges: bytes
Content-Length: 321335
Date: Wed, 18 Dec 2024 16:44:20 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 12 Nov 2024 06:52:24 GMT
Server: nginx/1.14.0 (Ubuntu)
x-amz-id-2: sor7Z1c44YO8rpakLbT7Lj9wRthrnqNJL5ls/S11thMANUwfptCy8CGSAOIctwKapzbFSRi79pY=

GET
H3 200 Get_it_on_Google_play.svg
affiliate.goplaycosmetics.com/images/ 7 KB
3 KB 14ms
12ms Image
image/svg+xml 162.55.161.122
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affiliate.goplaycosmetics.com/images/Get_it_on_Google_play.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.55.161.122 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.122.161.55.162.clients.your-server.de
Software: Caddy /
Resource Hash: 8730178e79bc18991b88d1df9d49f8216ada8fbbccdf32e33cf6b591d46e0823

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: zstd
etag: "soosm35jq"
content-length: 2583
date: Wed, 18 Dec 2024 16:44:20 GMT
last-modified: Wed, 18 Dec 2024 11:15:39 GMT
vary: Accept-Encoding
server: Caddy
content-type: image/svg+xml

GET
H3 200 Download_on_the_App_Store_Badge.svg
affiliate.goplaycosmetics.com/images/ 8 KB
3 KB 13ms
10ms Image
image/svg+xml 162.55.161.122
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affiliate.goplaycosmetics.com/images/Download_on_the_App_Store_Badge.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.55.161.122 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.122.161.55.162.clients.your-server.de
Software: Caddy /
Resource Hash: 05e45b655c73afe569461747b01647c0e87a1b715c84b8e41f232dc4350fdf46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: zstd
etag: "soosm36a1"
content-length: 3394
date: Wed, 18 Dec 2024 16:44:20 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: Caddy
last-modified: Wed, 18 Dec 2024 11:15:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 280 KB
99 KB 80ms
46ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-ND9JVM5

Requested by

Host: affiliate.goplaycosmetics.com
URL: https://affiliate.goplaycosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

360c96efe6d7a4f11d891e57c36db2adeeff0553ff195bbfe5d001d6dda4c397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 18 Dec 2024 16:44:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 16:44:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 18 Dec 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100393
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
99 KB 158ms
124ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GTM-ND9JVM5

Requested by

Host: affiliate.goplaycosmetics.com
URL: https://affiliate.goplaycosmetics.com/assets/index-BawRg02u.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ebec9bd168a50dc9bf673426b9b7fc85ff7de7e6f2d0a6e4db87cbcc8f45899

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 18 Dec 2024 16:44:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 16:44:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 18 Dec 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100526
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 24ms
11ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: affiliate.goplaycosmetics.com
URL: https://affiliate.goplaycosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-OJOGl1fx' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Dec 2024 16:44:20 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-OJOGl1fx' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=23, mss=1232, tbw=4495, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 8UoAnS1WLkKjfxwik5uXRG5IT59GBDNB0WjpLfYDHRSqbZ1q+M2i85DZk2g6/TmNeGPkkXFaG2C2t3KuvWAyjA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62287
x-xss-protection: 0
origin-agent-cluster: ?1

GET xfbml.customerchat.js
connect.facebook.net/en_US/sdk/ 0
0

GET
H3 200 2197944193854828 Show response
connect.facebook.net/signals/config/ 2 KB
1 KB 137ms
137ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2197944193854828?v=2.9.179&r=stable&domain=affiliate.goplaycosmetics.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

ceca6f87149b40a5c7669b0f6bd2bd080b08643d378a68c53b70b9f0053e32fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-1af5teqE' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-1af5teqE' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=1, c=80, mss=1232, tbw=74526, tp=76, tpl=1, uplat=125, ullat=0
pragma: public
x-fb-debug: RGMYBYAwIxTZE/wAA4tCq63ZAxIsYSciT2sFJcu+G1rWFiL1bfFB+W5YB1yKop/TXV+uTYNMM6YE69tQuPk4Wg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 444 KB
139 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-694891522&l=dataLayer&cx=c&gtm=45He4cc1v811858134za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND9JVM5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

975d1a28634951672b1d0b7779eb07cc9ecc195d5e5e60cfd91402e74838710f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 18 Dec 2024 16:44:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 142214
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
www.google.com/ccm/ 0
0 44ms
21ms Ping
text/plain 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Faffiliate.goplaycosmetics.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1046415982.1734540261&dt=Affiliate%20Portal&auid=256909108.1734540261&navt=n&npa=1&gtm=45He4cc1v811858134za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734540261066&tfd=650&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND9JVM5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 444 KB
139 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-694891522&l=dataLayer&cx=c&gtm=45He4cc1v811858134za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND9JVM5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e409b37b501c5f760c8c93c3ecd8ade64a238d1ce9d8efe157b5419ffb34de90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 18 Dec 2024 16:44:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 142231
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 172ms
35ms Script
application/javascript 2a02:26f0:b700:289::1931
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND9JVM5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:b700:289::1931 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 46811578437caf8eac61ac10112c43b46ede17063b29ac96b866c7027b6fd1d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

access-control-max-age: 86400
cache-control: max-age=7200
access-control-expose-headers: X-CDN
content-encoding: br
etag: "11c76370dfab0397b8a31fe800363638"
x-cdn: akamai
access-control-allow-methods: GET
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
access-control-allow-origin: *
content-length: 1863
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 / Show response
smct.co/tm/ 15 KB
5 KB 264ms
130ms Script
application/javascript 54.171.46.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smct.co/tm/?t=goplaycosmetics.com
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND9JVM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.171.46.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-46-158.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.62 (Ubuntu) /
Resource Hash: ed1cbe749d9f91b3c031d6401a4f447314f9da4324a72ffec85e90b61d0af1a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
pragma: cache
expires: Wed, 18 Dec 2024 16:59:21 GMT
content-length: 5367
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: Apache/2.4.62 (Ubuntu)

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 32ms
14ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2197944193854828&ev=PageView&dl=https%3A%2F%2Faffiliate.goplaycosmetics.com%2F&rl=&if=false&ts=1734540261071&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=28&it=1734540260909&coo=false&exp=j1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=23, mss=1232, tbw=4543, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 172ms
154ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2197944193854828&ev=PageView&dl=https%3A%2F%2Faffiliate.goplaycosmetics.com%2F&rl=&if=false&ts=1734540261071&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=28&it=1734540260909&coo=false&exp=j1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449793695675241373"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: xCaq7lPKFMeOEEtA3RlW8q6O3A2Hk2640bHmPV89XA23kdg1NKkRhQUDBfJ0xWLBu48AwJ+R9TszA7zbLK2H5Q==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449793695675241373", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=23, mss=1232, tbw=4911, tp=13, tpl=0, uplat=145, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame E5D6 0
0 55ms
29ms Document
text/html 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Faffiliate.goplaycosmetics.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND9JVM5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Dec 2024 16:44:21 GMT
expires: Thu, 18 Dec 2025 16:44:21 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/694891522/ 5 KB
3 KB 83ms
38ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/694891522/?random=1734540261157&cv=11&fst=1734540261157&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v889906747z8811858134za201zb811858134&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Faffiliate.goplaycosmetics.com%2F&label=O6zZCJruiLQBEILorMsC&hn=www.googleadservices.com&frm=0&tiba=Affiliate%20Portal&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=256909108.1734540261&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-694891522&l=dataLayer&cx=c&gtm=45He4cc1v811858134za200

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5cddd539571be6a089a87c494a5333f5198fe5afe3ea5fa3e4d13b33ad92190f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2633
date: Wed, 18 Dec 2024 16:44:21 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 52ms
17ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M2KSFTC68G&gtm=45be4cc1v889906747z8811858134za200zb811858134&_p=1734540260840&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=77755051.1734540261&ecid=1767054662&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_eu=EA&_s=1&sid=1734540261&sct=1&seg=0&dl=https%3A%2F%2Faffiliate.goplaycosmetics.com%2F&dt=Affiliate%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=770
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-694891522&l=dataLayer&cx=c&gtm=45He4cc1v811858134za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://affiliate.goplaycosmetics.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
554 B 70ms
19ms Ping
text/plain 2a00:1450:400c:c1f::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M2KSFTC68G&cid=77755051.1734540261&gtm=45be4cc1v889906747z8811858134za200zb811858134&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-694891522&l=dataLayer&cx=c&gtm=45He4cc1v811858134za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://affiliate.goplaycosmetics.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 59ms
33ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M2KSFTC68G&cid=77755051.1734540261&gtm=45be4cc1v889906747z8811858134za200zb811858134&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1518518382

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 18 Dec 2024 16:44:21 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 main.7d8116bd.js Show response
s.pinimg.com/ct/lib/ 81 KB
23 KB 34ms
32ms Script
application/javascript 2a02:26f0:b700:289::1931
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.7d8116bd.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:b700:289::1931 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: fb322d9e801b20f445402380d99d144e674abdc4821c6b5d30936c0ecfe381ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

access-control-max-age: 86400
cache-control: max-age=1209600
access-control-expose-headers: X-CDN
content-encoding: br
etag: "b7968e6e7735284fd26091b6f049515c"
x-cdn: akamai
access-control-allow-methods: GET
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23467
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H3

200

/
www.google.de/pagead/1p-conversion/694891522/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/694891522/?random=267179293&cv=11&fst=1734540261157&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v889906747z8811858134za201zb811858134&gcd=...
https://www.google.com/pagead/1p-conversion/694891522/?random=267179293&cv=11&fst=1734540261157&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v889906747z8811858134za201zb811858134&gcd=13l3lPl2l1l1&dma_cps=...
https://www.google.de/pagead/1p-conversion/694891522/?random=267179293&cv=11&fst=1734540261157&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v889906747z8811858134za201zb811858134&gcd=13l3lPl2l1l1&dma_cps=s...

42 B
64 B

26ms
26ms

Image
image/gif

216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/694891522/?random=267179293&cv=11&fst=1734540261157&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v889906747z8811858134za201zb811858134&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Faffiliate.goplaycosmetics.com%2F&label=O6zZCJruiLQBEILorMsC&hn=www.googleadservices.com&frm=0&tiba=Affiliate%20Portal&value=0&npa=1&pscdl=noapi&auid=256909108.1734540261&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkondHJpZ2dlciwgZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMImYX5gOKxigMVsPARCB1ZATVJMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiZodHRwczovL2FmZmlsaWF0ZS5nb3BsYXljb3NtZXRpY3MuY29tL0JWQ2hBSWdJS0t1d1lRdDZHbTV0MmY2Y05yRWl3QUlIN1BzY1ZzWnVpMEo0WFF6a05qTlNDdHdUeGppSFJnWW01NnlpRUh1bkR1S2tuU214b3NuNU9EbHc&is_vtc=1&cid=CAQSGwCa7L7dWEiJj1lcD7HmhAZGnTjLfoXpmrBHBQ&eitems=ChAIgIKKuwYQ_qKWx4XM1YoeEh0ASb_cSk1YRUjpJrfgw5Eg_OwHSREWpQo4y3f8VA&random=4242047507&ipr=y

Protocol

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 18 Dec 2024 16:44:21 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/694891522/?random=267179293&cv=11&fst=1734540261157&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v889906747z8811858134za201zb811858134&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Faffiliate.goplaycosmetics.com%2F&label=O6zZCJruiLQBEILorMsC&hn=www.googleadservices.com&frm=0&tiba=Affiliate%20Portal&value=0&npa=1&pscdl=noapi&auid=256909108.1734540261&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkondHJpZ2dlciwgZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMImYX5gOKxigMVsPARCB1ZATVJMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiZodHRwczovL2FmZmlsaWF0ZS5nb3BsYXljb3NtZXRpY3MuY29tL0JWQ2hBSWdJS0t1d1lRdDZHbTV0MmY2Y05yRWl3QUlIN1BzY1ZzWnVpMEo0WFF6a05qTlNDdHdUeGppSFJnWW01NnlpRUh1bkR1S2tuU214b3NuNU9EbHc&is_vtc=1&cid=CAQSGwCa7L7dWEiJj1lcD7HmhAZGnTjLfoXpmrBHBQ&eitems=ChAIgIKKuwYQ_qKWx4XM1YoeEh0ASb_cSk1YRUjpJrfgw5Eg_OwHSREWpQo4y3f8VA&random=4242047507&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 18 Dec 2024 16:44:21 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
686 B 57ms
32ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612416582076&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1734540261310&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.7d8116bd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: 112b175ec770b3e9adc621fdd7583c60
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=604800
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPVpqWTRPR0kxWkRjdE1HTm1OaTAwT1dFNExXRTNNek10WVdJeVl6ZzJPVE00WW1Vdw
pinterest-version: 3d92257897107be8ea2c6613dcfb8dbea319fa46
access-control-allow-origin: https://affiliate.goplaycosmetics.com
content-length: 186
x-pinterest-rid: 1252173318807356

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
327 B 62ms
37ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612416582076&cb=1734540261310&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.7d8116bd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: 2fb32dfe156ddd3e43c607874a5f473a
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=604800
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU5EVmtPREE1WlRJdE1qYzVNeTAwTkdRMUxXSTNNVFF0WXpKbVptSm1NVEJpWldSaA
pinterest-version: 3d92257897107be8ea2c6613dcfb8dbea319fa46
access-control-allow-origin: https://affiliate.goplaycosmetics.com
content-length: 186
x-pinterest-rid: 4883599123579619

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
209 B 60ms
35ms Fetch
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2612416582076&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Faffiliate.goplaycosmetics.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%227d8116bd%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1734540261311
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.7d8116bd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 1085b711315e9bcc6ff1ccd5ccccf0e5
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 3d92257897107be8ea2c6613dcfb8dbea319fa46
access-control-allow-origin: https://affiliate.goplaycosmetics.com
alt-svc: h3=":443";ma=604800
content-length: 35
date: Wed, 18 Dec 2024 16:44:21 GMT
x-pinterest-rid: 8066453626233352
content-type: image/gif

HEAD
H3 200 csp.js Show response
js.smct.io/csp/ 0
493 B 176ms
146ms XHR
text/html 172.67.4.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.smct.io/csp/csp.js
Requested by: Host: smct.co
URL: https://smct.co/tm/?t=goplaycosmetics.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.4.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: br
cf-cache-status: MISS
x-amz-version-id: null
access-control-allow-methods: GET, HEAD
expires: Fri, 17 Jan 2025 16:44:21 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: QDZC88uOXEqcEmtVH23892eMqR9X8LA9EBOVsl4V6gqWKXuj-i4YIg==
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: text/html
last-modified: Wed, 23 Oct 2019 09:31:23 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
priority: u=1,i
server-timing: cfExtPri
cache-control: public, max-age=2592000
via: 1.1 7011da69940360ddebc87f61490ffecc.cloudfront.net (CloudFront)
cf-ray: 8f409df988d891dd-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P8
server: cloudflare

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 9ms
8ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.7d8116bd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 85ab852bfb2016bce3933a1c7107b1bce807179f46364db291ab1f86b89addbb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
etag: "6d0ca67bea866259c359c2d1e93bf622"
age: 5087
x-cdn: fastly
alt-svc: h3=":443";ma=604800
content-length: 4054
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 ct.html
ct.pinterest.com/ Frame 03E5 0
0 51ms
36ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.7d8116bd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://affiliate.goplaycosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443";ma=604800
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Wed, 18 Dec 2024 16:44:21 GMT
pinterest-version: 3d92257897107be8ea2c6613dcfb8dbea319fa46
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 9786378762933226
x-pinterest-rid-128bit: 87bd3a4510a91e9687d033a26a0fcb4b

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
356 B 35ms
35ms Fetch
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612416582076&cb=1734540261374&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVpqWTRPR0kxWkRjdE1HTm1OaTAwT1dFNExXRTNNek10WVdJeVl6ZzJPVE00WW1Vdw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Faffiliate.goplaycosmetics.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%227d8116bd%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.7d8116bd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: f0148cad354707a748e9040085d568b1
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 3d92257897107be8ea2c6613dcfb8dbea319fa46
access-control-allow-origin: https://affiliate.goplaycosmetics.com
alt-svc: h3=":443";ma=604800
content-length: 35
date: Wed, 18 Dec 2024 16:44:21 GMT
x-pinterest-rid: 5253734840596261
content-type: image/gif

GET
H3 200 tag-v5.98.js Show response
js.smct.io/t/ 71 KB
25 KB 29ms
19ms Script
application/javascript 172.67.4.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.smct.io/t/tag-v5.98.js
Requested by: Host: smct.co
URL: https://smct.co/tm/?t=goplaycosmetics.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.4.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ffcf0032e38e4f889f5b2f7439776243c7c99acfebb49a253a6968160a7f2b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"7fc24b4fbceda7be229bf98c1c61de47"
x-amz-version-id: 7Wce67cddyBIH51VXDecfWxC_k66ko74
age: 1247425
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Sp77J80jDGF7H-8upkn37HfagwdtR-3kzFaudq35oEghxJL693p9jQ==
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: application/javascript
last-modified: Thu, 29 Jun 2023 15:30:56 GMT
vary: accept-encoding
priority: u=3,i=?0
server-timing: cfExtPri
cache-control: max-age=2678400
via: 1.1 360184e3d21355e6dfcea5cbe81a7f44.cloudfront.net (CloudFront)
cf-ray: 8f409dfa8c4ed37a-FRA
x-amz-cf-pop: FRA60-P8
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 lse1.3.html
ls.smct.io/ Frame 45DA 0
0 70ms
28ms Document
text/html 172.67.4.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.smct.io/lse1.3.html
Requested by: Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.98.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.4.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://affiliate.goplaycosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 1941368
alt-svc: h3=":443"; ma=86400
cache-control: max-age=2678400
cf-cache-status: HIT
cf-ray: 8f409dfb3f264dcb-FRA
content-encoding: br
content-type: text/html
date: Wed, 18 Dec 2024 16:44:21 GMT
last-modified: Thu, 13 Aug 2020 15:19:56 GMT
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
vary: accept-encoding
via: 1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
x-amz-cf-id: 6H7wUEfTqfELyit6VEoFdU7Wn-FcYz17TLLHSFhUeY7ioqQvXd7KBA==
x-amz-cf-pop: FRA60-P9
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H3 200 events-1.6.0.min.js Show response
js.smct.io/e/ 28 KB
10 KB 18ms
17ms Script
application/javascript 172.67.4.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.smct.io/e/events-1.6.0.min.js?tv=5.98
Requested by: Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.98.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.4.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cef05fac44885210172633f42c2fe0bee2958cb5118485e07f77e36735c1a29e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: 86Alo3RvPHIXLLAe0m5WQhsYLYOyKnIX
etag: W/"a1075fa3d276bd62722dbc87d77a8e62"
age: 1602810
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: O8RCfJ554dnXH6T2dTrNHxcPdv2Ea9gTJHMsvxoEeo6CD6av7zFx8Q==
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: application/javascript
last-modified: Mon, 22 Mar 2021 13:16:37 GMT
vary: accept-encoding
priority: u=3,i=?0
server-timing: cfExtPri
cache-control: max-age=2678400
via: 1.1 ccd3e547bd5d86bbfbaca15b4307ce70.cloudfront.net (CloudFront)
cf-ray: 8f409dfacd10d37a-FRA
x-amz-cf-pop: FRA60-P9
server: cloudflare

GET
H2 200 lse1.1.html
d2d7do8qaecbru.cloudfront.net/live/ Frame 6F66 0
0 86ms
42ms Document
text/html 18.245.60.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2d7do8qaecbru.cloudfront.net/live/lse1.1.html
Requested by: Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js?tv=5.98
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-19.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://affiliate.goplaycosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 18 Dec 2024 16:44:22 GMT
etag: W/"1de5ff62ceb05bb85f2813d8103b063a"
last-modified: Wed, 06 Nov 2019 12:06:42 GMT
server: AmazonS3
vary: accept-encoding
via: 1.1 ce0a6880f9416cb3a7b5da0d937e47be.cloudfront.net (CloudFront)
x-amz-cf-id: voHqsR3PNZiuoc_pGsCjoACNFMbnYcd7yuZbTGhq5Syfokl9PiB4Uw==
x-amz-cf-pop: FRA60-P5
x-amz-version-id: 3RRTSIWom4dpK6VxcP0BNx5_6oQ0Pvyu
x-cache: RefreshHit from cloudfront

OPTIONS
H2 200 /
cognito-identity.eu-west-1.amazonaws.com/ Frame 0
0 105ms
31ms Preflight 2a05:d018:1af:ff00:78df:4f0:145e:c42d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:1af:ff00:78df:4f0:145e:c42d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-amz-target
Access-Control-Request-Method: POST
Origin: https://affiliate.goplaycosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-amz-target
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Wed, 18 Dec 2024 16:44:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: 7059c6b7-97e0-491c-979a-cadb39aefe87

POST
H2 200 / Show response
cognito-identity.eu-west-1.amazonaws.com/ 63 B
317 B 38ms
35ms XHR
application/x-amz-json-1.1 2a05:d018:1af:ff00:78df:4f0:145e:c42d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Requested by

Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js?tv=5.98

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:1af:ff00:78df:4f0:145e:c42d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

171df2ae0e276c775f258a6eb37b970195bfc8fc77cc46edd039eb062b1a901f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-AMZ-TARGET: AWSCognitoIdentityService.GetId
Referer: https://affiliate.goplaycosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

x-amzn-requestid: f72d3771-9132-414a-a1e2-97e6f707a7e2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
content-length: 63
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: application/x-amz-json-1.1

POST
H2 200 / Show response
cognito-identity.eu-west-1.amazonaws.com/ 2 KB
2 KB 53ms
51ms XHR
application/x-amz-json-1.1 2a05:d018:1af:ff00:78df:4f0:145e:c42d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Requested by

Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js?tv=5.98

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:1af:ff00:78df:4f0:145e:c42d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

53ab180bc520ca17ef27eebbd14b1daba894b2d27b7fcdee74d4e5094a2f3834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-AMZ-TARGET: AWSCognitoIdentityService.GetCredentialsForIdentity
Referer: https://affiliate.goplaycosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

x-amzn-requestid: 77151640-f8e9-43d7-86d2-81b0ddedc900
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
content-length: 1760
date: Wed, 18 Dec 2024 16:44:21 GMT
content-type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
firehose.eu-west-1.amazonaws.com/ Frame 0
0 261ms
152ms Preflight 99.80.34.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.eu-west-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.80.34.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-34-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-security-token,x-amz-target
Access-Control-Request-Method: POST
Origin: https://affiliate.goplaycosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-security-token,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Encoding: gzip
Content-Length: 20
Date: Wed, 18 Dec 2024 16:44:22 GMT
x-amzn-RequestId: c78471c7-3ea7-8640-9858-8fe174fc4710

POST
H/1.1 200
OK / Show response
firehose.eu-west-1.amazonaws.com/ 299 B
740 B 52ms
50ms XHR
application/x-amz-json-1.1 99.80.34.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.eu-west-1.amazonaws.com/
Requested by: Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js?tv=5.98
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.80.34.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-34-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0af61a1bda6d878a556fc511f08b19170dea23b4f6fcf570ee5fd0d592fbf65f

Request headers

x-amz-security-token: IQoJb3JpZ2luX2VjEJn//////////wEaCWV1LXdlc3QtMSJHMEUCIQCutuiURwd1x7Mse9wyM0LUH0t6QbkRS78snM3Glth6xAIgGKoVk6ZImG64DjbNLyosOijJIctqlsRa1+y0Ll/yLoYqsQUIYhAEGgw1MzcxMTQ4MDY1ODUiDH6+kjgzvulaUggDfSqOBZr2/BpWSzFh8G2TcIz7uHeBYcy6xrues1WH8myVpm+DxAWtkNpEjsBNhUr6SPab238rlMiMH9HBhefvG3Q3jmQYkk2VgIRMCxwlW03CO1gB0JbZL/GVNiqcfPf0InQIwunZpdpyXJujjntWOAhCkroQ7j8OaLHZ4ym7DE/Os6FmnZZPEOKXqfu1rIaqNbzu1+x+Q1Fe3CBcbaDRQ8B+t+YrSwd+f1TTl9CUfwYerGCn7skAZdJcZd0/3BdWwTIg0Bq5sYjIR/+KrFuPN7tYu0QMtIOWn4xAEvEG69zfLRwexrOoXd29KLe4P4W/BUJDAl0xIT2vsRbrtqeJGCh02xnQ45MW/WMMIsxGaIa7pPzoQpSHtMZMPTbUQTBw9puAJhrTVshELNfRHx7VLN1TD2KszEA4RWz/fT9LxZV9OKxHUa4q7yJF68jnUKW1OfR4yl5xZrg+kK/5IzF3R/VHS9gdKRg2Dg0QBPYbSa2H2ubLB/YysOZ719DjW99/1Lot5fk7awERx+EjTkKPyfuALoEKQjkcPaodoFRXMZAMoznCKvUwD9JQfXGCDCVIh2hyTQRUOz1Bq8fWXNlOxAZT6KmsOkMdDfMt0HNiBqmnvBbHr+gQffG8aZ9Hm6O9eg9SSEVyURnzVuJTH/+6DxfUK23HClTOrAfS7Ih7GDbFbtYBYn6FTqbjO14Lv4qR9fJs4ahgial9CfXX9t8L4mPlY6v8Ngl1wvH/yFXg+GPIDl6touuC+EJ1A81dQD/hpqup1U4DxE6CCUKSpkw8HFoRfmc5Vtrns0Jvfe6PO92Swt0JrfWGguLrhU9CIjCG4SDJ8YWH4u8A2QPu5KP3apv5UHpkKpvr/qRmHo3xZKcSrzDl94u7BjrdAj1DXarpqSgGCB8Fg/0n0TnydE2cv+mP/JrUlEN/00sXDWVGAvo+JQdsotvgpJFsgAyKrl79Tgqq0uxepjZiSnSLep+z332q2UztmikQMmMP6xpCSjHjN79fWxR1fc2MRE4mYTjR5iADMs5YZt26hGFkNrhPC0kWwuY7SuWfcG/WoDd/s4/gfhZjAoJ8hj7Ki8l+FBldk45LmAnseb9pbRfmwdM6Yp8d3t4NT0G3J6owtrTSIG9t/9SObat/vGJqPrDahgnhiBV6zLfXrM/A1uQwBv8/G7JQSmgyR7VC+s+PH2gOkpz4tEB9QsZPHAUpM59qob0k7hhRV7SgCSBDKPbfZomx81FpSBccVaOEVfYkgIOILwKSyzi6fqaHhfHq5dJ5Nm1+XukLFFKXatA+Pu2PjkZk+TWzv9CCaDiCzBURHigfTgzklhVvoyYNhXiFDmQrapJ/kbBoGUvTauo=
x-amz-date: 20241218T164421Z
x-amz-target: Firehose_20150804.PutRecordBatch
Authorization: AWS4-HMAC-SHA256 Credential=ASIAX2DUJRE4VQUYWI55/20241218/eu-west-1/firehose/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token;x-amz-target, Signature=7ebcf2faf4fbdd8bfdda475ded967495ed4fdc1a872717b8bfd51aaea5b6a46f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://affiliate.goplaycosmetics.com/
content-type: application/x-amz-json-1.1

Response headers

Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Encoding: gzip
x-amzn-RequestId: ecba15a4-a710-1195-b366-eb82ed4bd0c5
Access-Control-Allow-Origin: *
Content-Length: 280
Date: Wed, 18 Dec 2024 16:44:22 GMT
Content-Type: application/x-amz-json-1.1
x-amz-id-2: 0YaImzNvJ+YNGGwvs8zW1hE8O+zAc7retcdwh8rpMJqJsg6k0J86cUi8fFxdDiwjNdOdoWGUR0Y3bjlLIgKe4dM4gCXporxo

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=poppins

Domain: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.goplaycosmetics.com/	1970-01-21 02:33:38	Name: goaffpro_affiliate_profile Value:
affiliate.goplaycosmetics.com/	1969-12-31 23:59:59	Name: goaffpro_entry_url Value: %7B%22url%22%3A%22https%3A%2F%2Faffiliate.goplaycosmetics.com%2F%22%7D
.pexels.com/	1970-01-21 01:49:02	Name: __cf_bm Value: w5_OcFg_SmnkcuPrR6bfZeXo2ywVZ15GtMTi4hiGAxk-1734540260-1.0.1.1-N8eDLz.vDBFGX5XI_LybaHcke.Ui21XlQAZ.EjJgYHxliQEuEaUs4GqNO6h3nY7q2AN0o5eKT_aClliBem__kg
.pexels.com/	1969-12-31 23:59:59	Name: _cfuvid Value: g50_Alt5LU9538OAGhhVuKO197uk__Tx7qluJpJLJ_s-1734540260888-0.0.1.1-604800000
.goplaycosmetics.com/	1970-01-21 03:58:36	Name: _gcl_au Value: 1.1.256909108.1734540261
.goplaycosmetics.com/	1970-01-21 11:25:00	Name: _ga Value: GA1.1.77755051.1734540261
.goplaycosmetics.com/	1970-01-21 11:25:00	Name: _ga_M2KSFTC68G Value: GS1.1.1734540261.1.0.1734540261.60.0.1767054662
.doubleclick.net/	1970-01-21 01:49:01	Name: test_cookie Value: CheckForPermission
.affiliate.goplaycosmetics.com/	1970-01-21 10:34:36	Name: _pin_unauth Value: dWlkPVpqWTRPR0kxWkRjdE1HTm1OaTAwT1dFNExXRTNNek10WVdJeVl6ZzJPVE00WW1Vdw
.pinterest.com/	1970-01-21 10:34:36	Name: ar_debug Value: 1
.ct.pinterest.com/	1970-01-21 10:34:36	Name: _pinterest_ct_ua Value: "TWc9PSYzVFcvdmhqK0U1SUxMZDZLZXd1YTIyWVNiN0k4c2l3VmsvVjNkVHdGNlU1Y2RvQ3czcnR1czlLOHc0S1YwU1NGeHVhMzVDaGo5ZTZlak96bFFaZHdiaFF6c3A0MEFaaGJrMzFad1ZoVHFYRT0mVVZmVVFPU0FrUVZHVHBRYmlmZWpxdFNuV25BPQ=="
.goplaycosmetics.com/	1970-01-21 11:25:00	Name: smc_uid Value: 1734540261553840
.goplaycosmetics.com/	1970-01-21 10:34:36	Name: smc_tag Value: eyJpZCI6NTU5NywibmFtZSI6ImdvcGxheWNvc21ldGljcy5jb20ifQ%3D%3D
.goplaycosmetics.com/	1969-12-31 23:59:59	Name: smc_session_id Value: EqaZgtJ2VeOv5eN1An8HoSl0gUYTbOv8
.goplaycosmetics.com/	1970-01-21 11:25:00	Name: smc_refresh Value: 30908
.goplaycosmetics.com/	1970-01-21 11:25:00	Name: smc_tpv Value: 1
.goplaycosmetics.com/	1969-12-31 23:59:59	Name: smc_spv Value: 1
.goplaycosmetics.com/	1970-01-21 11:25:00	Name: smc_sesn Value: 1
.goplaycosmetics.com/	1970-01-21 11:25:00	Name: smc_not Value: default
.goplaycosmetics.com/	1969-12-31 23:59:59	Name: smct_session Value: %7B%22s%22%3A1734540262560%2C%22l%22%3A1734540264560%2C%22lt%22%3A1734540264560%2C%22t%22%3A3%2C%22p%22%3A3%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliate.goplaycosmetics.com
api.goaffpro.com
cognito-identity.eu-west-1.amazonaws.com
connect.facebook.net
creatives.goaffpro.com
ct.pinterest.com
d2d7do8qaecbru.cloudfront.net
firehose.eu-west-1.amazonaws.com
fonts.googleapis.com
googleads.g.doubleclick.net
images.pexels.com
js.smct.io
ls.smct.io
region1.analytics.google.com
s.pinimg.com
smct.co
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
connect.facebook.net
fonts.googleapis.com
104.18.67.220
142.250.185.100
142.250.186.162
151.101.128.84
151.101.64.84
157.240.0.35
157.240.253.1
162.55.161.122
172.67.4.125
172.67.74.127
18.245.60.19
2001:4860:4802:32::36
216.58.206.35
216.58.206.66
2a00:1450:4001:810::200a
2a00:1450:4001:827::2008
2a00:1450:400c:c1f::9a
2a02:26f0:b700:289::1931
2a05:d018:1af:ff00:78df:4f0:145e:c42d
49.12.33.254
54.171.46.158
99.80.34.205
05e45b655c73afe569461747b01647c0e87a1b715c84b8e41f232dc4350fdf46
07ffe99bbad6a01eefc554124b34927e60911ed74c21b5bb4e7361ddfc4e2845
0af61a1bda6d878a556fc511f08b19170dea23b4f6fcf570ee5fd0d592fbf65f
140276aac80f391c8d9e86db956777a2cceb5c030eb689d16768b6eb959e4174
147df5426279fa56c2864ad86e30154ce3590805d5eddecba69383ba003a6c69
171df2ae0e276c775f258a6eb37b970195bfc8fc77cc46edd039eb062b1a901f
1ebec9bd168a50dc9bf673426b9b7fc85ff7de7e6f2d0a6e4db87cbcc8f45899
1f306cff870ee476cd1dd6f273bf3557084df16739047b50a9ffd985b8ef8165
2daaa9759513b7af0d9a75b9242fcbb8c48a083252cb78901208e644c4dd303d
360c96efe6d7a4f11d891e57c36db2adeeff0553ff195bbfe5d001d6dda4c397
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
456fc32bb6d426e1f04f2700e14ca5c8f3cd85f51e00448fb528a4068446097a
46811578437caf8eac61ac10112c43b46ede17063b29ac96b866c7027b6fd1d2
4d44a0cf44652a3e4c7dd45056097053280d50eecbb0f8e5f97216e4f3a3f5fa
53ab180bc520ca17ef27eebbd14b1daba894b2d27b7fcdee74d4e5094a2f3834
565376c4e925bc3094e11ad9198184ff32abbb97fa5ae4e61edf31117398a8da
5cddd539571be6a089a87c494a5333f5198fe5afe3ea5fa3e4d13b33ad92190f
6f16806329bde849eed4eb83460d3b0eecf6fa748c69c009cc83ddf2900dc550
6ffcf0032e38e4f889f5b2f7439776243c7c99acfebb49a253a6968160a7f2b5
7397f08287ef5e11dabcc8b2826f16124b80deba2b31bf4f9e233d4054e66472
85ab852bfb2016bce3933a1c7107b1bce807179f46364db291ab1f86b89addbb
8730178e79bc18991b88d1df9d49f8216ada8fbbccdf32e33cf6b591d46e0823
8e3a2aba2ad2df32e3825d80f963d77e50f9c6143a8e7b240166214170d470e2
975d1a28634951672b1d0b7779eb07cc9ecc195d5e5e60cfd91402e74838710f
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b06b8084c09dcae165a0c51fe813e9ee7db135b7c89af7685b2dfeedb8dd1bdc
c2db6ddc37fc6f1a90c8cf338164fbad65dca8bce3eff646343ae8b97c1adc1c
ce188c100e25e66ca6f9d6761bbd6f91671ac0e8c56b257502a0b3b58cf82ead
ceca6f87149b40a5c7669b0f6bd2bd080b08643d378a68c53b70b9f0053e32fa
cef05fac44885210172633f42c2fe0bee2958cb5118485e07f77e36735c1a29e
d71a675565722df5d87a3792e3193d9a9e759b792e6b92a249672a804247a259
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e409b37b501c5f760c8c93c3ecd8ade64a238d1ce9d8efe157b5419ffb34de90
e66270b362442ecb928cb84a0b2e335ace770b4e1357dc989aa8754d1ed0a2b2
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
ed1cbe749d9f91b3c031d6401a4f447314f9da4324a72ffec85e90b61d0af1a5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb322d9e801b20f445402380d99d144e674abdc4821c6b5d30936c0ecfe381ab

affiliate.goplaycosmetics.com Open in urlscan Pro 162.55.161.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

95 %HTTPS

27 %IPv6

17 Domains

22 Subdomains

22 IPs

5 Countries

2168 kBTransfer

4022 kBSize

20 Cookies

3 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

affiliate.goplaycosmetics.com Open in urlscan Pro
162.55.161.122 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

95 %
HTTPS

27 %
IPv6

17
Domains

22
Subdomains

22
IPs

5
Countries

2168 kB
Transfer

4022 kB
Size

20
Cookies

56 HTTP transactions
0 data transactions