urlscan.io logo urlscan.io
SecurityTrails logo

avon.com.sa Open in urlscan Pro
95.177.178.246  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://avon.com.sa/
Effective URL: https://avon.com.sa/
Submission: On September 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 37 HTTP transactions. The main IP is 95.177.178.246, located in Riyadh, Saudi Arabia and belongs to NDC-CLOUD, SA. The main domain is avon.com.sa.
TLS certificate: Issued by R11 on July 24th 2024. Valid for: 3 months.
This is the only time avon.com.sa was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

21    95.177.178.246 (Riyadh, Saudi Arabia)

ASN201771 (NDC-CLOUD, SA)
avon.com.sa
1    18.245.31.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-94.fra56.r.cloudfront.net
cdn-sandbox.tamara.co
4    2400:52e0:1e00::1080:1 (Germany)

ASN60068 (CDN77 _, GB)
plausible.io
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2606:4700:20::ac43:4910 (United States)

ASN13335 (CLOUDFLARENET, US)
avonksa.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
21 avon.com.sa
avon.com.sa
6 MB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
4 KB
4 plausible.io
plausible.io — Cisco Umbrella Rank: 9439
4 KB
2 gstatic.com
fonts.gstatic.com
63 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
73 KB
1 avonksa.com
avonksa.com
4 MB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 74
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 tamara.co
cdn-sandbox.tamara.co
12 KB
37 9
Domain Requested by
21 avon.com.sa avon.com.sa
4 www.facebook.com avon.com.sa
4 plausible.io avon.com.sa
plausible.io
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net avon.com.sa
connect.facebook.net
1 avonksa.com avon.com.sa
1 www.youtube.com avon.com.sa
1 fonts.googleapis.com avon.com.sa
1 cdn-sandbox.tamara.co avon.com.sa
37 9

This site contains links to these domains. Also see Links.

Domain
avonksa.com
brochure.avon.com.sa
www.snapchat.com
www.odoo.com
Subject Issuer Validity Valid
avon.com.sa
R11		 2024-07-24 -
2024-10-22		 3 months crt.sh
tamara.co
Amazon RSA 2048 M03		 2024-01-20 -
2025-02-17		 a year crt.sh
plausible.io
R10		 2024-09-02 -
2024-12-01		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-28 -
2024-09-26		 3 months crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
avonksa.com
WE1		 2024-08-26 -
2024-11-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://avon.com.sa/
Frame ID: 22ED8F6E3D77FC0E6C0C7464C1E87369
Requests: 36 HTTP requests in this frame

Frame: https://www.youtube.com/embed/3w2hLdHX0d8?rel=0&autoplay=1&mute=1&enablejsapi=1&controls=0
Frame ID: AD0F8FDA088D05537FF1811114BDCA82
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Avon Beauty Arabia Internal Website

Page URL History Show full URLs

  1. http://avon.com.sa/ HTTP 307
    https://avon.com.sa/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • plausible\.io/js/plausible\.js

Page Statistics

37
Requests

100 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

10276 kB
Transfer

10566 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://avon.com.sa/ HTTP 307
    https://avon.com.sa/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
avon.com.sa/
Redirect Chain
  • http://avon.com.sa/
  • https://avon.com.sa/
55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://avon.com.sa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cb28de258bdfa1db426a6ce4f22c46922f8cb87a8fdec0a754a8432c58cb2c83

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 18 Sep 2024 02:24:13 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Location
https://avon.com.sa/
Non-Authoritative-Reason
HttpsUpgrades
fontawesome-webfont.woff2
avon.com.sa/web/static/src/libs/fontawesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://avon.com.sa/web/static/src/libs/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://avon.com.sa/
Origin
https://avon.com.sa
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:13 GMT
Last-Modified
Sun, 28 Jan 2024 12:51:13 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"1706446273-77160-4024445407"
Content-Type
font/woff2
Cache-Control
public, max-age=604800
Content-Disposition
inline; filename=fontawesome-webfont.woff2
Connection
keep-alive
Content-Length
77160
Expires
Wed, 25 Sep 2024 02:24:13 GMT
web.assets_frontend.min.css
avon.com.sa/web/assets/330971-cdb619b/1/rtl/ 		803 KB
804 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://avon.com.sa/web/assets/330971-cdb619b/1/rtl/web.assets_frontend.min.css
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ef9914aad335cfe4c2d3426afd8d2d2d2e57c58073a4d5af380a0efae1148dc2

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:14 GMT
Last-Modified
Sun, 15 Sep 2024 13:59:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"19574a4824214d1a9af5d7b10286e7f03b0102b1"
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=31536000, immutable
Content-Disposition
inline; filename=web.assets_frontend.min.css
Connection
keep-alive
Content-Length
822682
Expires
Thu, 18 Sep 2025 02:24:14 GMT
web.assets_frontend_minimal.min.js
avon.com.sa/web/assets/186976-caabf34/1/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avon.com.sa/web/assets/186976-caabf34/1/web.assets_frontend_minimal.min.js
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ff58ca8ad0e7348a0199b81f230410543364f0aced709cff39249d156843e8ad

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:14 GMT
Last-Modified
Wed, 24 Jan 2024 23:58:33 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"72f2b1c1ccae4c7e0f0eec8237fdf2a74b83d336"
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=31536000, immutable
Content-Disposition
inline; filename=web.assets_frontend_minimal.min.js
Connection
keep-alive
Content-Length
22222
Expires
Thu, 18 Sep 2025 02:24:14 GMT
tamara-widget.js
cdn-sandbox.tamara.co/widget-v2/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-sandbox.tamara.co/widget-v2/tamara-widget.js
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29553a20653a3eaa18c7c931645df21d77c51fe5abfc452c45e9d77a27d3ccef

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 02:20:51 GMT
content-encoding
br
via
1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
last-modified
Wed, 14 Aug 2024 15:15:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
638
x-amz-server-side-encryption
AES256
etag
W/"7df8a78da0add4b233ac4146b7b04417"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
dSGngaH2v6eECHEU6qdQkX5A1Zsc8C8QQUfgoLCkIqIFsOCq-jWGkQ==
expires
Wed, 28 Aug 2024 15:15:50 GMT
script.js
plausible.io/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plausible.io/js/script.js
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
965387ce9489d0167cf33444ab52d064bb3fab35e94b12082ff5eb00a34c070c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 02:24:14 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1081
cdn-cachedat
09/17/2024 07:17:00
cdn-pullzone
682664
cross-origin-resource-policy
cross-origin
application
127.0.0.1
alt-svc
h3=":9443"; ma=2592000
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
public, must-revalidate, max-age=86400
permissions-policy
interest-cohort=()
cdn-requestid
d4540242e509e2ad0602af8ac8aef453
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
google-font-Lato
avon.com.sa/web/content/51039/ 		796 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://avon.com.sa/web/content/51039/google-font-Lato
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/web/assets/330971-cdb619b/1/rtl/web.assets_frontend.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0ef260829e056b7c34cebe37ecfb0aee60535c5f5846e2ce3b483cb636175ec3
Security Headers
Name Value
Content-Security-Policy default-src 'none'

Request headers

Referer
https://avon.com.sa/web/assets/330971-cdb619b/1/rtl/web.assets_frontend.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:15 GMT
Content-Security-Policy
default-src 'none'
Last-Modified
Wed, 24 Jan 2024 23:42:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5ddf96e9c22a18e8d160b721d3cb0b437e84cee6"
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache
Content-Disposition
inline; filename=google-font-Lato.css
Connection
keep-alive
Content-Length
796
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cairo:300,300i,400,400i,700,700i&display=swap
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/web/assets/330971-cdb619b/1/rtl/web.assets_frontend.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06003a5e6f2f76aff5bde1fd4150e29a5cb1bbf32506d9b858f7462dcbd6353a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 18 Sep 2024 02:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 18 Sep 2024 02:11:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Sep 2024 02:24:15 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Sep 2024 02:24:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58953
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4410, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
p25yjkSINfUEn8OMO+wk9w3h9KV0jQZLXwz/9x1K1PpQ8zUjh3nd0foAZncy27nhnGCi04dtyU9aYUUTPUnKUQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
3w2hLdHX0d8
www.youtube.com/embed/ Frame AD0F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/3w2hLdHX0d8?rel=0&autoplay=1&mute=1&enablejsapi=1&controls=0
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://avon.com.sa/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Sep 2024 02:24:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
plausible.js
plausible.io/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plausible.io/js/plausible.js
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
965387ce9489d0167cf33444ab52d064bb3fab35e94b12082ff5eb00a34c070c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 02:24:15 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1082
cdn-cachedat
09/18/2024 02:17:44
cdn-pullzone
682664
cross-origin-resource-policy
cross-origin
application
127.0.0.1
alt-svc
h3=":9443"; ma=2592000
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
public, max-age=3600
permissions-policy
interest-cohort=()
cdn-requestid
9f592f7e63301964dd6742b041d4ecea
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
NF3zmpRObM0857210.jpg
avonksa.com/images/media/2023/03/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avonksa.com/images/media/2023/03/NF3zmpRObM0857210.jpg
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
779c47b6e2dd760bffad40903ccc6c233dce53d900a061612f8136c9abfe7fa7

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 02:24:15 GMT
cf-cache-status
MISS
last-modified
Wed, 08 Mar 2023 07:53:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zq8cYiBdaj70ex9kTmRToYw1ExbUf3iXaMi9jkJwLPdaHgG0Qoh9TqQ8VWtUcrTUQ%2F5LV1bHt%2FDr2h9fAw5l4yDhfVpz0Dm69Z6v2GswP4PxQr4H3GcUBxoEzLicwCC%2B3j%2Fc1n1LW8eA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8c4de0f0cc05d2ae-FRA
content-length
3947560
02.svg
avon.com.sa/web_editor/shape/web_editor/Bold/ 		487 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avon.com.sa/web_editor/shape/web_editor/Bold/02.svg?c1=%23E9ECEF&c2=%23FFFFFF&c3=%23F2F2F2
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
46972694bd6ee2279e99dae60aad64e498a09256cb64b0dad26fcb9714b510bd
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:15 GMT
Content-Security-Policy
default-src 'none'
X-Content-Type-Options
nosniff
Server
nginx/1.18.0 (Ubuntu)
Content-Type
image/svg+xml
Cache-control
max-age=31536000
Connection
keep-alive
Content-Length
487
SLXVc1nY6HkvangtZmpQdkhzfH5lkSscQyyS4J0.woff2
fonts.gstatic.com/s/cairo/v28/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cairo/v28/SLXVc1nY6HkvangtZmpQdkhzfH5lkSscQyyS4J0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo:300,300i,400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60d51fea6669a866e3dce8a8583978127ef1808feb14c073b2f5c2a05a45908c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://avon.com.sa
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 13:52:53 GMT
x-content-type-options
nosniff
age
304282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30596
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:51:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Sep 2025 13:52:53 GMT
s-lato-v23-S6uyw4BMUTPHjx4wXg.woff2
avon.com.sa/web/content/51038/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://avon.com.sa/web/content/51038/s-lato-v23-S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/web/content/51039/google-font-Lato
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
Content-Security-Policy default-src 'none'

Request headers

Referer
https://avon.com.sa/web/content/51039/google-font-Lato
Origin
https://avon.com.sa
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:16 GMT
Content-Security-Policy
default-src 'none'
Last-Modified
Wed, 24 Jan 2024 23:43:15 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"fcd4136085f2a03481d9958cc6793a5ed98e714c"
Content-Type
font/woff2
Cache-Control
no-cache
Content-Disposition
inline; filename=s-lato-v23-S6uyw4BMUTPHjx4wXg.woff2
Connection
keep-alive
Content-Length
23580
SLXVc1nY6HkvangtZmpQdkhzfH5lkSscRiyS.woff2
fonts.gstatic.com/s/cairo/v28/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cairo/v28/SLXVc1nY6HkvangtZmpQdkhzfH5lkSscRiyS.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo:300,300i,400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1355605c748ba06b91514ca27feaa9c0c97ac33eb32fed979fc9fabb623d9023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://avon.com.sa
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 11:46:25 GMT
x-content-type-options
nosniff
age
52670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33588
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:52:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Sep 2025 11:46:25 GMT
Avon%20Beauty%20Arabia%20Internal%20Website
avon.com.sa/web/image/website/1/logo/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avon.com.sa/web/image/website/1/logo/Avon%20Beauty%20Arabia%20Internal%20Website?unique=d3da7a0
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
910f7bc41f5f013feb0c9916489065896167dea411253883ddde973e4d6c48c2
Security Headers
Name Value
Content-Security-Policy default-src 'none'

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:15 GMT
Content-Security-Policy
default-src 'none'
Last-Modified
Wed, 24 Jan 2024 23:43:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"648bde19739e58fbb001d6976e5796a713084bac-0x0-crop=False-quality=0"
Content-Type
image/png
Cache-Control
public, max-age=31536000, immutable
Content-Disposition
inline; filename="Avon Beauty Arabia Internal Website.png"
Connection
keep-alive
Content-Length
6693
Expires
Thu, 18 Sep 2025 02:24:15 GMT
Untitled-1Imari%20Naturelle.jpg
avon.com.sa/web/image/320980-0e8db608/ 		304 KB
305 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avon.com.sa/web/image/320980-0e8db608/Untitled-1Imari%20Naturelle.jpg
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
602f49c516c22d1bd79f7f373139d452892c32ecf87f4676dd652abd4278c1df
Security Headers
Name Value
Content-Security-Policy default-src 'none'

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:16 GMT
Content-Security-Policy
default-src 'none'
Last-Modified
Sun, 01 Sep 2024 14:52:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"0e8db608fecdbaaa586f2e681364cfcdd19cb977-0x0-crop=False-quality=0"
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000, immutable
Content-Disposition
inline; filename="Untitled-1Imari Naturelle.jpg"
Connection
keep-alive
Content-Length
311715
Expires
Thu, 18 Sep 2025 02:24:16 GMT
C09.jpg
avon.com.sa/web/image/321230-f47c8214/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avon.com.sa/web/image/321230-f47c8214/C09.jpg
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4625a81e193eeed722e87e17e3438d9839c34cdc2eb1f4781999ce8743c1f58a
Security Headers
Name Value
Content-Security-Policy default-src 'none'

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:16 GMT
Content-Security-Policy
default-src 'none'
Last-Modified
Mon, 02 Sep 2024 10:01:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"f47c82143ae15e4ce05bf0391857ff9647b56a17-0x0-crop=False-quality=0"
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000, immutable
Content-Disposition
inline; filename=C09.jpg
Connection
keep-alive
Content-Length
84863
Expires
Thu, 18 Sep 2025 02:24:16 GMT
5.jpg
avon.com.sa/web/image/520-6dd13faa/ 		688 KB
688 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avon.com.sa/web/image/520-6dd13faa/5.jpg
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c81ecd6567d18166471e2ba74889ee09ae771c7d819c56065fb612381c374063
Security Headers
Name Value
Content-Security-Policy default-src 'none'

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:16 GMT
Content-Security-Policy
default-src 'none'
Last-Modified
Wed, 24 Jan 2024 23:42:42 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6dd13faa80ba889b836acd8894bec18ee93a0b7b-0x0-crop=False-quality=0"
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000, immutable
Content-Disposition
inline; filename=5.jpg
Connection
keep-alive
Content-Length
704520
Expires
Thu, 18 Sep 2025 02:24:16 GMT
2.jpg
avon.com.sa/web/image/11708-cd3f24c7/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avon.com.sa/web/image/11708-cd3f24c7/2.jpg
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
94386e09473c785bde2e0397a9e49c3950c88fbf979fe621f517f1b2e8387450
Security Headers
Name Value
Content-Security-Policy default-src 'none'

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:16 GMT
Content-Security-Policy
default-src 'none'
Last-Modified
Wed, 24 Jan 2024 23:43:11 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"cd3f24c7ee08004772caabc73a7f6234ae7cfe61-0x0-crop=False-quality=0"
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000, immutable
Content-Disposition
inline; filename=2.jpg
Connection
keep-alive
Content-Length
29652
Expires
Thu, 18 Sep 2025 02:24:16 GMT
3.jpg
avon.com.sa/web/image/11711-14af2b87/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avon.com.sa/web/image/11711-14af2b87/3.jpg
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
de957fb9cb5f87161b250711c5444db8909bc51b5db9f09142773b7ad65afec2
Security Headers
Name Value
Content-Security-Policy default-src 'none'

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:16 GMT
Content-Security-Policy
default-src 'none'
Last-Modified
Wed, 24 Jan 2024 23:43:02 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"14af2b873f5798da72a52c028743f136a635ea9e-0x0-crop=False-quality=0"
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000, immutable
Content-Disposition
inline; filename=3.jpg
Connection
keep-alive
Content-Length
41635
Expires
Thu, 18 Sep 2025 02:24:16 GMT
1.jpg
avon.com.sa/web/image/11712-33d18db7/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avon.com.sa/web/image/11712-33d18db7/1.jpg
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a3f446931ed5f44afa05285abbbc43940f0d9ded391490041ce4fcf976e036af
Security Headers
Name Value
Content-Security-Policy default-src 'none'

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:16 GMT
Content-Security-Policy
default-src 'none'
Last-Modified
Wed, 24 Jan 2024 23:42:52 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"33d18db79bf60c979c111d7dede78feffc0e5d25-0x0-crop=False-quality=0"
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000, immutable
Content-Disposition
inline; filename=1.jpg
Connection
keep-alive
Content-Length
92756
Expires
Thu, 18 Sep 2025 02:24:16 GMT
4.jpg
avon.com.sa/web/image/11713-788f1cff/ 		165 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avon.com.sa/web/image/11713-788f1cff/4.jpg
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b798f0889fa6c79f0cbfa547f3836cfc569c64253d23bf537fff7ae135cb40ba
Security Headers
Name Value
Content-Security-Policy default-src 'none'

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:17 GMT
Content-Security-Policy
default-src 'none'
Last-Modified
Wed, 24 Jan 2024 23:43:42 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"788f1cff7bdc8729572d4f2bf0c79e22a3a1c772-0x0-crop=False-quality=0"
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000, immutable
Content-Disposition
inline; filename=4.jpg
Connection
keep-alive
Content-Length
169202
Expires
Thu, 18 Sep 2025 02:24:17 GMT
event
plausible.io/api/ 		2 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plausible.io/api/event
Requested by
Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 18 Sep 2024 02:24:15 GMT
cdn-edgestorageid
1080
cdn-cachedat
09/18/2024 02:24:15
cdn-pullzone
682664
application
127.0.0.1
alt-svc
h3=":9443"; ma=2592000
content-length
2
x-request-id
F_Y1bmqP0Fd-2Goids2B
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
202
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
must-revalidate, max-age=0, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
x-plausible-dropped
1
cdn-requestid
1f85bdafb11f5bb95068411161be4dfd
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
event
plausible.io/api/ 		2 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plausible.io/api/event
Requested by
Host: plausible.io
URL: https://plausible.io/js/plausible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 18 Sep 2024 02:24:15 GMT
cdn-edgestorageid
1080
cdn-cachedat
09/18/2024 02:24:15
cdn-pullzone
682664
application
127.0.0.1
alt-svc
h3=":9443"; ma=2592000
content-length
2
x-request-id
F_Y1bmqVQgJI0K4Ym7uI
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
202
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
must-revalidate, max-age=0, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
x-plausible-dropped
1
cdn-requestid
feba30728bfa7fe0c6e783ac916b2c36
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
637664925189828
connect.facebook.net/signals/config/ 		75 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/637664925189828?v=2.9.167&r=stable&domain=avon.com.sa&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
3de18b9d64bd6a851db45c87b3b7c6985e58ee2bf3434cf9691dfcf301b1b58a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Sep 2024 02:24:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=74, mss=1232, tbw=67112, tp=63, tpl=0, uplat=69, ullat=0
pragma
public
x-fb-debug
pe8zlwAuCBjF4TFYa1wd1p3hRQWbN5mEqXtt0IMIVmEeZBIZB3BfjtrF5gIcICXhYxqwvR2214Lsx0dqNB1imA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=637664925189828&ev=ViewContent&dl=https%3A%2F%2Favon.com.sa%2F&rl=&if=false&ts=1726626255623&sw=1600&sh=1200&v=2.9.167&r=stable&ec=1&o=12318&fbp=fb.2.1726626255621.944330787316338665&cs_est=true&est_source=1377672786184522&ler=empty&cdl=API_unavailable&it=1726626255494&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3131, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 18 Sep 2024 02:24:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=637664925189828&ev=ViewContent&dl=https%3A%2F%2Favon.com.sa%2F&rl=&if=false&ts=1726626255623&sw=1600&sh=1200&v=2.9.167&r=stable&ec=1&o=12318&fbp=fb.2.1726626255621.944330787316338665&cs_est=true&est_source=1377672786184522&ler=empty&cdl=API_unavailable&it=1726626255494&coo=false&es=automatic&tm=3&rqm=FGET
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 18 Sep 2024 02:24:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415803298628988117", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=17, mss=1297, tbw=3287, tp=-1, tpl=-1, uplat=161, ullat=0
pragma
no-cache
x-fb-debug
eEbKoyExvancQjSdCaQ+57SM9xO93q5f3wRHfmBY7A2Xr8xO5SRJtN1QJUXgOHByQ9BRQV+gMZ+LKSxpOGtm6Q==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415803298628988117"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=637664925189828&ev=PageView&dl=https%3A%2F%2Favon.com.sa%2F&rl=&if=false&ts=1726626255624&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.2.1726626255621.944330787316338665&cs_est=true&ler=empty&cdl=API_unavailable&it=1726626255494&coo=false&rqm=GET
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2844, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 18 Sep 2024 02:24:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=637664925189828&ev=PageView&dl=https%3A%2F%2Favon.com.sa%2F&rl=&if=false&ts=1726626255624&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.2.1726626255621.944330787316338665&cs_est=true&ler=empty&cdl=API_unavailable&it=1726626255494&coo=false&rqm=FGET
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 18 Sep 2024 02:24:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415803297913994231", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=17, mss=1297, tbw=6106, tp=-1, tpl=-1, uplat=171, ullat=0
pragma
no-cache
x-fb-debug
Q/LvVVgqpDRX+oCSGkNRBV5drnExeQgB0u+JOrCVRMwqk0/c3AGXI9XvrSWly9U53uLMzkXyYWYm5Pfi+28kJw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415803297913994231"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
web.assets_frontend_lazy.min.js
avon.com.sa/web/assets/330976-64f9998/1/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://avon.com.sa/web/assets/330976-64f9998/1/web.assets_frontend_lazy.min.js
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/web/assets/186976-caabf34/1/web.assets_frontend_minimal.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
79c672ff72ee4d14851b29ef2d6874bf46a7b965181b194f781aa8632ece0fbb

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:17 GMT
Last-Modified
Mon, 08 Jul 2024 10:38:39 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"cce1adff3f4c8df2fabd8a8e7805a061671a7d8d"
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=31536000, immutable
Content-Disposition
inline; filename=web.assets_frontend_lazy.min.js
Connection
keep-alive
Content-Length
3385005
Expires
Thu, 18 Sep 2025 02:24:17 GMT
favicon
avon.com.sa/web/image/website/1/ 		58 KB
58 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://avon.com.sa/web/image/website/1/favicon?unique=d3da7a0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b45ef357cf26026942020ce9167b5a9a5557aab72042ddc6e0d4d7d27edb064d
Security Headers
Name Value
Content-Security-Policy default-src 'none'

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:18 GMT
Content-Security-Policy
default-src 'none'
Last-Modified
Wed, 24 Jan 2024 23:43:39 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"618f4f7468016c755db877aac569271171b34c18-0x0-crop=False-quality=0"
Content-Type
image/vnd.microsoft.icon
Cache-Control
public, max-age=31536000, immutable
Content-Disposition
inline; filename="Avon Beauty Arabia Internal Website.ico"
Connection
keep-alive
Content-Length
59349
Expires
Thu, 18 Sep 2025 02:24:18 GMT
affeaf77f02383b76e57d92b4a0a5633c53d1fbe
avon.com.sa/website/translations/ 		269 KB
269 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avon.com.sa/website/translations/affeaf77f02383b76e57d92b4a0a5633c53d1fbe?lang=ar_001
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/web/assets/330976-64f9998/1/web.assets_frontend_lazy.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
831e7f407eabae5dff1c7b8fae5db62413cad7a57cbc8a606e4e8da050127746

Request headers

Accept
*/*
Referer
https://avon.com.sa/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:18 GMT
Cache-Control
public, max-age=31536000
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
275348
Content-Type
application/json
ar_001
avon.com.sa/web/webclient/locale/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avon.com.sa/web/webclient/locale/ar_001
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/web/assets/330976-64f9998/1/web.assets_frontend_lazy.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cfdf2c6a57b301e61bf79d3771206653526e137c1ba386fe56f73f3a930e9b4a

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:18 GMT
Cache-Control
max-age=604800
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
affeaf77f02383b76e57d92b4a0a5633c53d1fbe
avon.com.sa/website/translations/ 		269 KB
269 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://avon.com.sa/website/translations/affeaf77f02383b76e57d92b4a0a5633c53d1fbe
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/web/assets/330976-64f9998/1/web.assets_frontend_lazy.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
831e7f407eabae5dff1c7b8fae5db62413cad7a57cbc8a606e4e8da050127746

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 18 Sep 2024 02:24:19 GMT
Cache-Control
public, max-age=31536000
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
275348
Content-Type
application/json
fetch_push_configuration
avon.com.sa/social_push_notifications/ 		41 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avon.com.sa/social_push_notifications/fetch_push_configuration
Requested by
Host: avon.com.sa
URL: https://avon.com.sa/web/assets/330976-64f9998/1/web.assets_frontend_lazy.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.177.178.246 Riyadh, Saudi Arabia, ASN201771 (NDC-CLOUD, SA),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
288efad652b1c184badb9a69de1878769ca420574102c2da57e23af9f211f71b

Request headers

Referer
https://avon.com.sa/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 18 Sep 2024 02:24:19 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
41
Content-Type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| odoo object| tamaraWidgetConfig function| fbq function| _fbq object| webpackChunk_tamara_solution_widgets object| TamaraWidgetV2 function| plausible object| luxon object| version object| QWeb2 function| _renderImageOnCanvas function| _ function| moment object| owl object| __OWL_DEVTOOLS__ function| $ function| jQuery object| Popper object| Data object| EventHandler object| Manipulator object| SelectorEngine function| Base function| Alert function| Button number| uidEvent function| Carousel function| Collapse function| Dropdown function| Modal function| Offcanvas function| Tooltip function| Popover function| ScrollSpy function| Tab function| Toast object| Select2 function| ClipboardJS number| ix object| vkbeautify function| TabbyCard object| webpackChunkwidgets function| TabbyPromo function| html2canvas object| firebase function| _Markup

8 Cookies

Domain/Path Name / Value
avon.com.sa/ Name: frontend_lang
Value: ar_001
avon.com.sa/ Name: session_id
Value: 7019da7c0d649ea5e41b66656245198d21132a5f
avon.com.sa/ Name: tz
Value: Europe/Berlin
.youtube.com/ Name: YSC
Value: JSqIzabnVmk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: NoDIpXYptQ0
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgSQ%3D%3D
.avon.com.sa/ Name: _fbp
Value: fb.2.1726626255621.944330787316338665
avon.com.sa/ Name: im_livechat_history
Value: ["/"]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avon.com.sa
avonksa.com
cdn-sandbox.tamara.co
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
plausible.io
www.facebook.com
www.youtube.com
157.240.0.6
18.245.31.94
2400:52e0:1e00::1080:1
2606:4700:20::ac43:4910
2a00:1450:4001:812::200e
2a00:1450:4001:827::200a
2a00:1450:4001:830::2003
2a03:2880:f177:185:face:b00c:0:25de
95.177.178.246
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
06003a5e6f2f76aff5bde1fd4150e29a5cb1bbf32506d9b858f7462dcbd6353a
0ef260829e056b7c34cebe37ecfb0aee60535c5f5846e2ce3b483cb636175ec3
1355605c748ba06b91514ca27feaa9c0c97ac33eb32fed979fc9fabb623d9023
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
288efad652b1c184badb9a69de1878769ca420574102c2da57e23af9f211f71b
29553a20653a3eaa18c7c931645df21d77c51fe5abfc452c45e9d77a27d3ccef
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3de18b9d64bd6a851db45c87b3b7c6985e58ee2bf3434cf9691dfcf301b1b58a
4625a81e193eeed722e87e17e3438d9839c34cdc2eb1f4781999ce8743c1f58a
46972694bd6ee2279e99dae60aad64e498a09256cb64b0dad26fcb9714b510bd
602f49c516c22d1bd79f7f373139d452892c32ecf87f4676dd652abd4278c1df
60d51fea6669a866e3dce8a8583978127ef1808feb14c073b2f5c2a05a45908c
779c47b6e2dd760bffad40903ccc6c233dce53d900a061612f8136c9abfe7fa7
79c672ff72ee4d14851b29ef2d6874bf46a7b965181b194f781aa8632ece0fbb
831e7f407eabae5dff1c7b8fae5db62413cad7a57cbc8a606e4e8da050127746
910f7bc41f5f013feb0c9916489065896167dea411253883ddde973e4d6c48c2
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94386e09473c785bde2e0397a9e49c3950c88fbf979fe621f517f1b2e8387450
965387ce9489d0167cf33444ab52d064bb3fab35e94b12082ff5eb00a34c070c
a3f446931ed5f44afa05285abbbc43940f0d9ded391490041ce4fcf976e036af
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b45ef357cf26026942020ce9167b5a9a5557aab72042ddc6e0d4d7d27edb064d
b798f0889fa6c79f0cbfa547f3836cfc569c64253d23bf537fff7ae135cb40ba
c81ecd6567d18166471e2ba74889ee09ae771c7d819c56065fb612381c374063
cb28de258bdfa1db426a6ce4f22c46922f8cb87a8fdec0a754a8432c58cb2c83
cfdf2c6a57b301e61bf79d3771206653526e137c1ba386fe56f73f3a930e9b4a
de957fb9cb5f87161b250711c5444db8909bc51b5db9f09142773b7ad65afec2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef9914aad335cfe4c2d3426afd8d2d2d2e57c58073a4d5af380a0efae1148dc2
ff58ca8ad0e7348a0199b81f230410543364f0aced709cff39249d156843e8ad