www.faces.com Open in urlscan Pro
104.18.163.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.email-faces.com/?qs=cc58932ede1892e2ba4c0485b248b10cc68d594c5084ce7cf2d2102ea9367b0734f5a33b3c9f04b851ff305c814d...
Effective URL:
https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_sour...
Submission: On November 22 via manual (November 22nd 2021, 9:22:31 am UTC) from SA — Scanned from DE

Summary HTTP 239 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 76 IPs in 9 countries across 62 domains to perform 239 HTTP transactions. The main IP is 104.18.163.218, located in and belongs to CLOUDFLARENET, US. The main domain is www.faces.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 14th 2020. Valid for: 2 years.

This is the only time www.faces.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.241.249 13.111.241.249	22606 (EXACT-7) (EXACT-7)
34	104.18.163.218 104.18.163.218	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:6600:f:ee6c:7180:93a1	16509 (AMAZON-02) (AMAZON-02)
3	54.205.247.222 54.205.247.222	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.100.219 143.204.100.219	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
33	2a02:26f0:6c0... 2a02:26f0:6c00:28e::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.98.93 143.204.98.93	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.230 151.101.193.230	54113 (FASTLY) (FASTLY)
1	143.204.93.53 143.204.93.53	16509 (AMAZON-02) (AMAZON-02)
9	2600:1901:0:6... 2600:1901:0:662c::	15169 (GOOGLE) (GOOGLE)
1	13.32.19.2 13.32.19.2	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:27::... 2620:1ec:27::cafe:2080	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2606:4700::68... 2606:4700::6811:ab72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2.16.186.161 2.16.186.161	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.193.131 151.101.193.131	54113 (FASTLY) (FASTLY)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	143.204.98.47 143.204.98.47	16509 (AMAZON-02) (AMAZON-02)
5	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.159.118.99 18.159.118.99	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:35fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	143.204.98.115 143.204.98.115	16509 (AMAZON-02) (AMAZON-02)
1 4	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	143.204.207.9 143.204.207.9	16509 (AMAZON-02) (AMAZON-02)
1	52.50.71.252 52.50.71.252	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6811:a772	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3 3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1 2	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
8	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	34.255.68.26 34.255.68.26	16509 (AMAZON-02) (AMAZON-02)
1	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1 4	18.194.231.4 18.194.231.4	16509 (AMAZON-02) (AMAZON-02)
1	34.102.166.132 34.102.166.132	15169 (GOOGLE) (GOOGLE)
2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.127.62.220 3.127.62.220	16509 (AMAZON-02) (AMAZON-02)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
1	104.76.200.23 104.76.200.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:20e... 2600:9000:20eb:ce00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.53 143.204.98.53	16509 (AMAZON-02) (AMAZON-02)
1	34.247.9.63 34.247.9.63	16509 (AMAZON-02) (AMAZON-02)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
4	2606:4700:303... 2606:4700:3031::ac43:9eeb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
7	35.187.54.69 35.187.54.69	15169 (GOOGLE) (GOOGLE)
2	35.160.50.174 35.160.50.174	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
20	143.204.98.3 143.204.98.3	16509 (AMAZON-02) (AMAZON-02)
3	143.204.98.112 143.204.98.112	16509 (AMAZON-02) (AMAZON-02)
239	76

1 13.111.241.249 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.email-faces.com

click.email-faces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 104.18.163.218 (None, )

ASN13335 (CLOUDFLARENET, US)

www.faces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6600:f:ee6c:7180:93a1 (United States)

ASN16509 (AMAZON-02, US)

connect.nosto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.205.247.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-247-222.compute-1.amazonaws.com

100039654.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.100.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-100-219.fra50.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a02:26f0:6c00:28e::1d72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-93.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.230 (United States)

ASN54113 (FASTLY, US)

resources.digital-cloud-west.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-53.fra50.r.cloudfront.net

cdn.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1901:0:662c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

rum-http-intake.logs.datadoghq.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.19.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-19-2.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:2080 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:ab72 (United States)

ASN13335 (CLOUDFLARENET, US)

facesuae.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
location.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eitri.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.186.161 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-161.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.131 (United States)

ASN54113 (FASTLY, US)

cb4f355a702f44288c6ab81ae1326e67.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-47.fra50.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.118.99 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-118-99.eu-central-1.compute.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35fc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-115.fra50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.65 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-9.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.71.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-71-252.eu-west-1.compute.amazonaws.com

p.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:a772 (United States)

ASN13335 (CLOUDFLARENET, US)

carrier.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
segment.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.22 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.68.26 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-68-26.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.194.231.4 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-231-4.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.166.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.166.102.34.bc.googleusercontent.com

ad.tpmn.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.62.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-62-220.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.200.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:ce00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-53.fra50.r.cloudfront.net

ad.as.amanad.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.9.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::ac43:9eeb (United States)

ASN13335 (CLOUDFLARENET, US)

app.unali.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.187.54.69 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 69.54.187.35.bc.googleusercontent.com

chalhoub1-app.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.160.50.174 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-50-174.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o457444.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 143.204.98.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-3.fra50.r.cloudfront.net

api.locize.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-112.fra50.r.cloudfront.net

48b2w8mr.twic.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	yotpo.com staticw2.yotpo.com p.yotpo.com	196 KB
34	faces.com www.faces.com	655 KB
20	locize.app api.locize.app	11 KB
14	useinsider.com facesuae.api.useinsider.com carrier.useinsider.com location.api.useinsider.com segment.api.useinsider.com hit.api.useinsider.com assets.api.useinsider.com eitri.api.useinsider.com log.api.useinsider.com	121 KB
9	datadoghq.eu rum-http-intake.logs.datadoghq.eu	578 B
8	facebook.com www.facebook.com	661 B
8	quantummetric.com cdn.quantummetric.com chalhoub1-app.quantummetric.com	64 KB
8	clarity.ms 1 redirects www.clarity.ms f.clarity.ms c.clarity.ms	24 KB
7	criteo.com 2 redirects gum.criteo.com mug.criteo.com sslwidget.criteo.com dis.criteo.com	15 KB
6	facebook.net connect.facebook.net	394 KB
6	doubleclick.net 3 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	3 KB
6	google-analytics.com www.google-analytics.com	57 KB
5	adnxs.com 3 redirects ib.adnxs.com secure.adnxs.com	5 KB
5	tiktok.com analytics.tiktok.com	68 KB
4	unali.io app.unali.io	366 KB
4	bidswitch.net 1 redirects x.bidswitch.net	2 KB
4	yahoo.com 1 redirects ads.yahoo.com sp.analytics.yahoo.com ups.analytics.yahoo.com	2 KB
4	creativecdn.com 1 redirects creativecdn.com cm.creativecdn.com	2 KB
3	twic.pics 48b2w8mr.twic.pics	14 KB
3	snapchat.com tr.snapchat.com	340 B
3	google.de www.google.de	628 B
3	google.com www.google.com analytics.google.com	911 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	64 KB
3	googleapis.com fonts.googleapis.com	3 KB
3	igodigital.com 100039654.collect.igodigital.com nova.collect.igodigital.com	4 KB
2	amplitude.com api.amplitude.com	167 B
2	casalemedia.com 1 redirects r.casalemedia.com	2 KB
2	yandex.ru 1 redirects an.yandex.ru	674 B
2	3lift.com 1 redirects eb2.3lift.com	731 B
2	pubmatic.com simage2.pubmatic.com	859 B
2	addthis.com cw.addthis.com	846 B
2	tapad.com 1 redirects pixel.tapad.com	893 B
2	mediawallahscript.com 1 redirects partner.mediawallahscript.com	1 KB
2	ubembed.com cb4f355a702f44288c6ab81ae1326e67.js.ubembed.com assets.ubembed.com	48 KB
2	criteo.net static.criteo.net	14 KB
2	cquotient.com cdn.cquotient.com p.cquotient.com	13 KB
2	medallia.com resources.digital-cloud-west.medallia.com	82 KB
2	googletagmanager.com www.googletagmanager.com	147 KB
1	sentry.io o457444.ingest.sentry.io	244 B
1	kampyle.com udc-neb.kampyle.com	415 B
1	taboola.com sync-t1.taboola.com	229 B
1	teads.tv criteo-sync.teads.tv	172 B
1	revcontent.com trends.revcontent.com	337 B
1	adtdp.com ad.as.amanad.adtdp.com	843 B
1	smaato.net s.ad.smaato.net	239 B
1	media.net contextual.media.net	781 B
1	kargo.com crb.kargo.com	360 B
1	tpmn.co.kr ad.tpmn.co.kr	591 B
1	outbrain.com sync.outbrain.com	476 B
1	mgid.com cm.mgid.com	811 B
1	rlcdn.com idsync.rlcdn.com	415 B
1	sc-static.net sc-static.net	7 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	twitter.com analytics.twitter.com	675 B
1	bing.com 1 redirects c.bing.com	553 B
1	t.co t.co	470 B
1	cloudflare.com cdnjs.cloudflare.com	4 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com	21 KB
1	nosto.com connect.nosto.com
1	email-faces.com 1 redirects click.email-faces.com	354 B
0	rubiconproject.com Failed pixel.rubiconproject.com Failed
239	62

	Domain	Requested by
34	www.faces.com	www.faces.com www.datadoghq-browser-agent.com
33	staticw2.yotpo.com	www.faces.com staticw2.yotpo.com www.datadoghq-browser-agent.com
20	api.locize.app	www.datadoghq-browser-agent.com
9	rum-http-intake.logs.datadoghq.eu	www.datadoghq-browser-agent.com
8	www.facebook.com	www.faces.com
7	chalhoub1-app.quantummetric.com	www.datadoghq-browser-agent.com
6	connect.facebook.net	www.faces.com connect.facebook.net
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	f.clarity.ms	www.clarity.ms www.datadoghq-browser-agent.com
5	analytics.tiktok.com	www.faces.com analytics.tiktok.com
4	app.unali.io	www.googletagmanager.com app.unali.io
4	x.bidswitch.net	1 redirects
4	carrier.useinsider.com	www.datadoghq-browser-agent.com
3	48b2w8mr.twic.pics	app.unali.io
3	secure.adnxs.com	2 redirects
3	tr.snapchat.com	www.datadoghq-browser-agent.com www.faces.com
3	cm.g.doubleclick.net	3 redirects
3	www.google.de	www.faces.com
3	creativecdn.com	1 redirects www.faces.com
3	gum.criteo.com	2 redirects static.criteo.net
3	fonts.googleapis.com	www.faces.com staticw2.yotpo.com
2	api.amplitude.com	www.datadoghq-browser-agent.com
2	r.casalemedia.com	1 redirects
2	an.yandex.ru	1 redirects
2	eb2.3lift.com	1 redirects
2	simage2.pubmatic.com
2	cw.addthis.com
2	ups.analytics.yahoo.com	1 redirects
2	pixel.tapad.com	1 redirects
2	partner.mediawallahscript.com	1 redirects
2	dis.criteo.com
2	log.api.useinsider.com	www.faces.com
2	ib.adnxs.com	1 redirects creativecdn.com
2	hit.api.useinsider.com	www.datadoghq-browser-agent.com
2	www.google.com	www.faces.com
2	stats.g.doubleclick.net	www.datadoghq-browser-agent.com www.googletagmanager.com
2	nova.collect.igodigital.com	www.faces.com
2	c.clarity.ms	1 redirects www.faces.com
2	facesuae.api.useinsider.com	www.googletagmanager.com facesuae.api.useinsider.com
2	static.criteo.net	www.googletagmanager.com www.faces.com
2	resources.digital-cloud-west.medallia.com	www.faces.com resources.digital-cloud-west.medallia.com
2	www.googletagmanager.com	www.faces.com www.googletagmanager.com
1	o457444.ingest.sentry.io	app.unali.io
1	analytics.google.com	www.googletagmanager.com
1	udc-neb.kampyle.com	www.datadoghq-browser-agent.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	ad.as.amanad.adtdp.com
1	s.ad.smaato.net
1	contextual.media.net
1	crb.kargo.com
1	ad.tpmn.co.kr
1	sync.outbrain.com
1	sp.analytics.yahoo.com
1	ads.yahoo.com
1	cm.mgid.com
1	idsync.rlcdn.com
1	eitri.api.useinsider.com	facesuae.api.useinsider.com
1	assets.api.useinsider.com	facesuae.api.useinsider.com
1	cm.creativecdn.com	creativecdn.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	sslwidget.criteo.com	static.criteo.net
1	segment.api.useinsider.com	www.datadoghq-browser-agent.com
1	location.api.useinsider.com	www.datadoghq-browser-agent.com
1	p.cquotient.com	cdn.cquotient.com
1	vars.hotjar.com	static.hotjar.com
1	sc-static.net	www.faces.com
1	cdn.quantummetric.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	analytics.twitter.com	static.ads-twitter.com
1	p.yotpo.com	www.faces.com
1	mug.criteo.com	gum.criteo.com
1	c.bing.com	1 redirects
1	assets.ubembed.com	cb4f355a702f44288c6ab81ae1326e67.js.ubembed.com
1	t.co	www.faces.com
1	cb4f355a702f44288c6ab81ae1326e67.js.ubembed.com	www.googletagmanager.com
1	www.clarity.ms	www.faces.com
1	cdnjs.cloudflare.com	www.faces.com
1	static.ads-twitter.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	cdn.cquotient.com	www.faces.com
1	static.hotjar.com	www.faces.com
1	www.datadoghq-browser-agent.com	www.faces.com
1	100039654.collect.igodigital.com	www.faces.com
1	connect.nosto.com	www.faces.com
1	click.email-faces.com	1 redirects
0	pixel.rubiconproject.com Failed
239	88

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
*.faces.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2022-04-14`	2 years	crt.sh
*.nosto.com Amazon	`2021-03-04` - `2022-04-02`	a year	crt.sh
*.collect.igodigital.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-25` - `2022-02-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.datadoghq-browser-agent.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-17` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.yotpo.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-02`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.digital-cloud-west.medallia.com SSL.com RSA SSL subCA	`2021-11-15` - `2022-10-20`	a year	crt.sh
*.cquotient.com Amazon	`2021-06-04` - `2022-07-03`	a year	crt.sh
*.logs.datadoghq.eu Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2021-09-20` - `2022-09-19`	a year	crt.sh
*.tiktok.com RapidSSL RSA CA 2018	`2019-11-14` - `2022-01-12`	2 years	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
assets.ubembed.com Amazon	`2021-03-06` - `2022-04-04`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-31` - `2021-11-29`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-25` - `2021-12-15`	2 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
ad.tpmn.co.kr GTS CA 1D4	`2021-11-01` - `2022-01-30`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.dev.kargo.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.as.amanad.adtdp.com Amazon	`2021-04-06` - `2022-05-05`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.unali.io R3	`2021-10-17` - `2022-01-15`	3 months	crt.sh
*.kampyle.com RapidSSL RSA CA 2018	`2020-02-11` - `2022-03-06`	2 years	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-18` - `2022-02-13`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2020-02-18` - `2022-02-13`	2 years	crt.sh
*.ingest.sentry.io R3	`2021-10-24` - `2022-01-22`	3 months	crt.sh
*.locize.app Amazon	`2021-11-09` - `2022-12-07`	a year	crt.sh
*.twic.pics Amazon	`2021-09-07` - `2022-10-06`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Frame ID: 5EC297F7BC7C724BC5670D54419282DE
Requests: 179 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.faces.com&origin=onetag
Frame ID: 7785D5E2813FC8B57408F09740C71E40
Requests: 2 HTTP requests in this frame

Frame: https://creativecdn.com/tags?type=iframe&id=pr_NzbF0wJnObNMyda1oWiD_newoffers&id=pr_NzbF0wJnObNMyda1oWiD_custom_country_SA&id=pr_NzbF0wJnObNMyda1oWiD_custom_lang_ar&id=pr_NzbF0wJnObNMyda1oWiD_lid_Pbda4wF4dlFGRQXAdZPD&su=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&sr=&ts=1637572939224&tc=1
Frame ID: BB4C7D1555980C0FA09DFFC6CC42451B
Requests: 2 HTTP requests in this frame

Frame: https://facesuae.api.useinsider.com/worker-new.html
Frame ID: 18C5F22B3A92A374FB78082BAFC112C5
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: 3C06C1F607EC122E63D8093E1F164709
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/tags?type=iframe&id=pr_NzbF0wJnObNMyda1oWiD_listing_PM_CHANEL_Rouge_Allure_Holiday%2C006615539486%2C274615556318%2C009115540928%2C014815114954%2C026115403160%2C006615539479%2C274615556311%2CPM_MAKE_UP_FOR_EVER_Rouge_Artist_Shine_On%2CPM_SHISEIDO_Ultimune_Power_Infusing_Concentrate%2C274615556310%2C034815539735%2C009114952517%2C019314783533%2C274615556314%2CPM_Rouge_G_de_Guerlain_The_Double_Mirror_Case%2CPM_GUERLAIN_Rouge_G_Luxurious_Velvet%2C014815114961%2C014815114959%2C027815489540%2C014815114955%2C014815114958%2C014815114956%2C014815114957%2CPM_MAKE_UP_FOR_EVER_Rouge_Artist_Metallic%2CPM_MAKE_UP_FOR_EVER_Pro_Glow_Powder%2C021715242631%2C021715242628%2C274615556316%2C274615556315%2C274615556317%2C274615556312%2C274615556313%2C006615539480%2C006615539483%2CPM_CHANEL_Ombre_Premi%C3%A8re_Laque_Glitter%2CPM_GIORGIO_ARMANI_My_Way_Intense_EDP%2CPM_WBF_Flawless_Skin_Foundation%2C274615556301%2C033315585762%2C033315585761%2C033315585758%2C033315585756%2C033315585760%2C033315585759%2C005715329029%2C034815566221%2C034815539737&id=pr_NzbF0wJnObNMyda1oWiD_custom_country_SA&id=pr_NzbF0wJnObNMyda1oWiD_custom_lang_ar&id=pr_NzbF0wJnObNMyda1oWiD_lid_Pbda4wF4dlFGRQXAdZPD&su=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&sr=&ts=1637572939324
Frame ID: 49B315C2BEE21965274633073D33F139
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=565dd7a4-9d58-4128-b94b-d4a5ae0ba783
Frame ID: D5A7246DA8A6FC91CDCE6B812D92D5A7
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 4D5B8E7F7F91B223EE525DE1D7730F29
Requests: 1 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=HmvRCtPMH6FYiMO9V5Dl6D-yQCPpyvTO
Frame ID: 74A50C9DC5055203E7E5298519CAF0B6
Requests: 30 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6BC8C01B79F88699296A4FD7135D1423
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F7FF339CFAAD4767E2111681904B9604
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 819BC8378024A832547C0262C85067A0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DE2CD31ED5BEED8A571104D5746F995A
Requests: 1 HTTP requests in this frame

Frame: https://48b2w8mr.twic.pics/?v1
Frame ID: D8B4C1A95D817819D55448060DEA9D8E
Requests: 2 HTTP requests in this frame

Frame: https://48b2w8mr.twic.pics/?v1
Frame ID: C02303EB06E6FBDB75D9FD9EAD59C031
Requests: 1 HTTP requests in this frame

Frame: https://static.criteo.net/empty.html
Frame ID: D626B56566E85555195473377B66C681
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

تسوّق وصل حديثا اولاين في السعودية • FACES (وجوه)

Page URL History Show full URLs

https://click.email-faces.com/?qs=cc58932ede1892e2ba4c0485b248b10cc68d594c5084ce7cf2d2102ea9367b0734f5a33b... HTTP 302
https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039... Page URL

Page Statistics

239
Requests

93 %
HTTPS

32 %
IPv6

62
Domains

88
Subdomains

76
IPs

9
Countries

2432 kB
Transfer

8933 kB
Size

108
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/FacesBeautyMiddleEast/
Title: فيسبوك

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/FacesWojooh
Title: يوتيوب

Search URL Search Domain Scan URL

URL: https://www.instagram.com/facesbeautymiddleeast/
Title: إنستغرام

Search URL Search Domain Scan URL

URL: https://twitter.com/FacesBeautyME
Title: تويتر

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.email-faces.com/?qs=cc58932ede1892e2ba4c0485b248b10cc68d594c5084ce7cf2d2102ea9367b0734f5a33b3c9f04b851ff305c814dde987522e63c49498c7127b435f186cb79c4 HTTP 302
https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=A0EC77EEB3A14FB1A2E8DDF61B64E225&RedC=c.clarity.ms&MXFR=31660958087A6721047F19AF0C7A6948 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=A0EC77EEB3A14FB1A2E8DDF61B64E225&MUID=0107978150936EDF3F0A877651F86FD0

Request Chain 53

https://gum.criteo.com/sid/json?origin=onetag&domain=faces.com&sn=ChromeSyncframe&so=0&topUrl=www.faces.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=pJrS03xkNTNNTG1mTkY1aTJXRGV4SjBVZjQrTWpVOVIxc2pPZEpONU1zT2dMa2JnUDI4ZW9KRWhmUzh2Wm1qUHZKVlc2U2hCTnI1UkZxMkgrTkgwbkg3ZGhQWG55NFgySHlZZW9walo2ajVHZjFJQVdsbU1jNlBlWkJmeW1idXhIU3VsL3BzSFB5L3pabHRIcXRmU1F4NGZXbFNZV3hXbXRBeFhIZlVPZHhqQ3VIZFRXT2M5NUhaOUk5a3lJa2x6dDBxaEJYcU1qSExJaTVTTU1vQzhkOHczS2hldlN3WUhtSmVaU1haUUJmKzd5WjdYTGE2aE5Payt2cXZFT09FYjBORXczbmN2UXVRMTZtekxKYk0veXNUWnJDUT09fA&cppv=2

Request Chain 97

https://creativecdn.com/tags?type=iframe&id=pr_NzbF0wJnObNMyda1oWiD_newoffers&id=pr_NzbF0wJnObNMyda1oWiD_custom_country_SA&id=pr_NzbF0wJnObNMyda1oWiD_custom_lang_ar&id=pr_NzbF0wJnObNMyda1oWiD_lid_Pbda4wF4dlFGRQXAdZPD&su=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&sr=&ts=1637572939224 HTTP 302
https://creativecdn.com/tags?type=iframe&id=pr_NzbF0wJnObNMyda1oWiD_newoffers&id=pr_NzbF0wJnObNMyda1oWiD_custom_country_SA&id=pr_NzbF0wJnObNMyda1oWiD_custom_lang_ar&id=pr_NzbF0wJnObNMyda1oWiD_lid_Pbda4wF4dlFGRQXAdZPD&su=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&sr=&ts=1637572939224&tc=1

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=OEVmRkUxeUdjamEzSVcyTjhVdUY%3D&pi=adx&tdc=ams&chain= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm=&google_sc=&google_ula=5153224&google_hm=OEVmRkUxeUdjamEzSVcyTjhVdUY%3D&pi=adx&tdc=ams&chain=&google_tc= HTTP 302
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEPIZsXAgodTfYRXeUF7tLYE&google_cver=1&google_ula=5153224,0

Request Chain 137

https://ib.adnxs.com/setuid?entity=315&code=8EfFE1yGcja3IW2N8UuF HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3D8EfFE1yGcja3IW2N8UuF

Request Chain 153

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=HmvRCtPMH6FYiMO9V5Dl6D-yQCPpyvTO

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1NZTBtNmYtNDhscWEtYlR4UUllZjRERjVPMjhJYTVtRFZOYUh6QQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 155

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-Me0m6f-48lqa-bTxQIef4DF5O28Ia5mDVNaHzA&custom=&tag_format=img&tag_action=sync&custom=&cb=0d7ddfa2-ce1e-4ab4-9a78-8e1157ce0dfe HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-Me0m6f-48lqa-bTxQIef4DF5O28Ia5mDVNaHzA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=0d7ddfa2-ce1e-4ab4-9a78-8e1157ce0dfe&final=true&reqid=b1aa0810-4b75-11ec-a253-034f8c55b2d4&timestamp=2021-11-22T09%3A22%3A20.561Z

Request Chain 157

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-Me0m6f-48lqa-bTxQIef4DF5O28Ia5mDVNaHzA HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-Me0m6f-48lqa-bTxQIef4DF5O28Ia5mDVNaHzA

Request Chain 160

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4FXjU_-48lqa-bTxQIef4DF5O2-pK8wZsjlbdA HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4FXjU_-48lqa-bTxQIef4DF5O2-pK8wZsjlbdA&verify=true

Request Chain 165

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-6Z2fHv-48lqa-bTxQIef4DF5O2-DQ-zbO5IleQ&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-6Z2fHv-48lqa-bTxQIef4DF5O2-DQ-zbO5IleQ&expires=30&user_group=5

Request Chain 169

https://eb2.3lift.com/xuid?mid=2711&xuid=k-aXg49f-48lqa-bTxQIef4DF5O280rJ2TZaTdpA&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-aXg49f-48lqa-bTxQIef4DF5O280rJ2TZaTdpA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 170

https://an.yandex.ru/mapuid/criteois/k-x41itP-48lqa-bTxQIef4DF5O2-hIJPLObi5Ew HTTP 302
https://an.yandex.ru/mapuid/criteois/k-x41itP-48lqa-bTxQIef4DF5O2-hIJPLObi5Ew?redir-setuniq=1

Request Chain 172

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-CO2knv-48lqa-bTxQIef4DF5O2_4H5G6xQuexw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-CO2knv-48lqa-bTxQIef4DF5O2_4H5G6xQuexw&C=1

Request Chain 182

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4331465487264750111

239 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request newarrivals Show response
www.faces.com/sa-ar/
Redirect Chain

https://click.email-faces.com/?qs=cc58932ede1892e2ba4c0485b248b10cc68d594c5084ce7cf2d2102ea9367b0734f5a33b3c9f04b851ff305c814dde987522e63c49498c7127b435f186cb79c4
https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip

613 KB
49 KB

629ms
584ms

Document
text/html

104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39827f0fa7859c08fd6d99f388cdc23ac01cf1207f30d3055fc610d3168f4517

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-type: text/html;charset=UTF-8
x-dw-request-base-id: 0Yx3z0lhm2EBAAB_
content-security-policy: frame-ancestors none
x-frame-options: DENY
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
vary: accept-encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b2117ac5f49695e-FRA
content-encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Date: Mon, 22 Nov 2021 09:22:17 GMT
Connection: close
Content-Length: 328

GET
H2 200 main.js Show response
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/js/ 783 KB
182 KB 41ms
40ms Script
application/javascript 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/js/main.js
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f239d9d7e643887c2c66a044a3a312925ee3788b968e493337f4515f7c0f0de7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1380
cf-polished: origSize=802977
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Sun, 21 Nov 2021 08:22:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591852
cf-ray: 6b2117b01faa695e-FRA
x-dw-request-base-id: 0YzLblJbm2EBAAB_
expires: Wed, 22 Dec 2021 09:19:50 GMT

GET
H2 200 search.js Show response
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/js/ 87 KB
24 KB 24ms
23ms Script
application/javascript 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/js/search.js
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed52a7e23a2da561a4db14d43d770b88928a68c3f88877afc6ad846062154e58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 777
cf-polished: origSize=88701
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Sun, 21 Nov 2021 08:22:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591251
cf-ray: 6b2117b01faf695e-FRA
x-dw-request-base-id: 0Ywjb1Nbm2EBAAB_
expires: Wed, 22 Dec 2021 09:09:49 GMT

GET
H2 200 noSrp.js Show response
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/js/ 3 KB
1 KB 17ms
16ms Script
application/javascript 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/js/noSrp.js
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf268ffe6e3f08ae7f7949299451eb7df747bd8b78f1cfa37b500250f2d1136

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 21 Nov 2021 08:22:41 GMT
server: cloudflare
age: 776
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
expires: Wed, 22 Dec 2021 09:09:48 GMT
cache-control: public, max-age=2591250
cross-origin-resource-policy: cross-origin
cf-ray: 6b2117b0a918695e-FRA
x-dw-request-base-id: 0Ywgb1Nbm2EBAAB_
cf-bgj: minify

GET
H2 200 global.css
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/ 725 KB
97 KB 61ms
60ms Stylesheet
text/css 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/global.css
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68913050ec00733d7b6b8271c97a1aadf9c0b76b36ae723372738c0cf8b1a471

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1330
cf-polished: origSize=934606
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Sun, 21 Nov 2021 08:22:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2591801
cf-ray: 6b2117b01fb0695e-FRA
x-dw-request-base-id: 0YyJblBbm2EBAAB_
expires: Wed, 22 Dec 2021 09:18:59 GMT

GET
H2 200 search.css
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/ 25 KB
4 KB 25ms
25ms Stylesheet
text/css 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/search.css
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff074e62e80e66fecca7c9678045a73ca66fd5fe47be72c0e367982218ea986a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 777
cf-polished: origSize=32215
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Sun, 21 Nov 2021 08:22:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2591251
cf-ray: 6b2117b01fb7695e-FRA
x-dw-request-base-id: 0Ywib1Nbm2EBAAB_
expires: Wed, 22 Dec 2021 09:09:49 GMT

GET
H2 403 djtssu2x
connect.nosto.com/include/ 0
0 135ms
106ms Script
application/json 2600:9000:2156:6600:f:ee6c:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.nosto.com/include/djtssu2x
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:f:ee6c:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/js/ 3 KB
1 KB 29ms
28ms Script
application/javascript 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/js/gtm.js
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3f93a11695256158f3b57ed19f064bea9adccd7d8e113a01f7d8ddbee19894b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 21 Nov 2021 08:22:40 GMT
server: cloudflare
age: 1379
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
expires: Wed, 22 Dec 2021 09:19:49 GMT
cache-control: public, max-age=2591851
cross-origin-resource-policy: cross-origin
cf-ray: 6b2117b1cbf7695e-FRA
x-dw-request-base-id: -XuhZVJbm2EBAAB_
cf-bgj: minify

GET
H2 200 collect.js Show response
100039654.collect.igodigital.com/ 9 KB
2 KB 339ms
108ms Script
application/javascript 54.205.247.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://100039654.collect.igodigital.com/collect.js
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.247.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-247-222.compute-1.amazonaws.com
Software: /
Resource Hash: 4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 17:24:29 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 404 logo-white.svg
www.faces.com/on/demandware.static/-/Sites/ar_SA/v1637571401669/ 371 B
371 B 41ms
41ms Image
text/html 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/on/demandware.static/-/Sites/ar_SA/v1637571401669/logo-white.svg
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ecc88a31066efb1975390cd46a9072262fd0a18e4c330691b7094ef8f4b0972

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
cache-control: no-cache, no-store, must-revalidate
x-error: 1
cf-ray: 6b2117b1fc6e695e-FRA
x-dw-request-base-id: -XtRqkphm2EBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 logo.svg
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/default/dw000f8fbe/images/ 9 KB
4 KB 28ms
27ms Image
image/svg+xml 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/default/dw000f8fbe/images/logo.svg
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3433cabe0c2fe8080fa9ab4f8e6e1d8fbf9e51b588f66f566a6ba49a280c8f1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 21 Nov 2021 08:22:41 GMT
server: cloudflare
age: 84842
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591913
cross-origin-resource-policy: cross-origin
cf-ray: 6b2117b23d0f695e-FRA
x-dw-request-base-id: 0YzOAogVmmEBAAB_
expires: Wed, 22 Dec 2021 09:20:51 GMT

GET
H2 200 MB-AR-Sale-HP-SkinAdvisor.jpg
www.faces.com/on/demandware.static/-/Sites/default/dwcbb2a042/ 28 KB
28 KB 37ms
35ms Image
image/webp 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/on/demandware.static/-/Sites/default/dwcbb2a042/MB-AR-Sale-HP-SkinAdvisor.jpg
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31eb0730847f01479c99181c3ed8ae62ab7b15c1847bfbcddcf1b526cb6d49eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
cf-cache-status: HIT
age: 2132055
cf-polished: qual=85, origFmt=jpeg, origSize=58674
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="MB-AR-Sale-HP-SkinAdvisor.webp"
content-length: 28160
last-modified: Tue, 27 Jul 2021 08:19:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 22 Dec 2021 01:31:42 GMT
cache-control: public, max-age=2563764
accept-ranges: bytes
cf-ray: 6b2117b23d29695e-FRA
x-dw-request-base-id: tEEUOKdqemEBAAB_
cf-bgj: imgq:85,h2pri

GET
H2 200 tamara.svg
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/default/dw3581f863/images/ 11 KB
4 KB 34ms
33ms Image
image/svg+xml 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/default/dw3581f863/images/tamara.svg
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39962a4b4f61fb13b0fabeafb761335c000675186d0aa84732ff9c4d61f05889

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 21 Nov 2021 08:22:41 GMT
server: cloudflare
age: 84841
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591951
cross-origin-resource-policy: cross-origin
cf-ray: 6b2117b24d2c695e-FRA
x-dw-request-base-id: 0YwqC68VmmEBAAB_
expires: Wed, 22 Dec 2021 09:21:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,500i,600,700&subset=latin-ext

Requested by

Host: www.faces.com
URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/global.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdad284970e316f119c94f4531d227eba09b4751e17df0f10a7e1f2aee436579

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 09:22:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 09:22:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 09:22:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
633 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:300,300i,400,400i,500,500i,700,700i&display=swap&subset=latin-ext

Requested by

Host: www.faces.com
URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/global.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddaf50ede86101fe62bc2e661cb201a088dff2eb9afebdfc516b7d050e2df215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 09:22:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 09:22:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 09:22:18 GMT

GET
H2 200 datadog-rum.js Show response
www.datadoghq-browser-agent.com/ 64 KB
21 KB 34ms
8ms Script
application/javascript 143.204.100.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.100.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-100-219.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:01 GMT
content-encoding: br
last-modified: Mon, 19 Jul 2021 12:21:08 GMT
server: AmazonS3
age: 17
etag: W/"6f16bc452a225d7da116aa4c430872f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HI9J0mqZeeaPgR9d4wqGMVZphM9ysriW3KOMdqQkV_mL0VHXdco6WQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 300 KB
86 KB 63ms
39ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T8XT3DV

Requested by

Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

506c141e1bfbad9a06f29aff5300c86e407426813f72d33b1f1381e7f410a3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87635
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Nov 2021 09:22:18 GMT

GET
H2 200 widget.js Show response
staticw2.yotpo.com/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/ 448 KB
121 KB 53ms
21ms Script
text/javascript 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

df420a3cdaffbdc0b54c622a15840170639c38e419e8af5216e68839c26db4b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=10
vary: Accept-Encoding
content-length: 122918
x-xss-protection: 1; mode=block
x-request-id: b31f80dd5f88c5d8ffa78b97b037cb11
x-runtime: 0.029669
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"e79092d80a214ddf4f7ee81571608776"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3507
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 hotjar-1098206.js Show response
static.hotjar.com/c/ 11 KB
3 KB 30ms
10ms Script
application/javascript 143.204.98.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1098206.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-93.fra50.r.cloudfront.net

Software

Resource Hash

3eadb2797df48b3ce4f71cf5d240760052ae818f47ccc22ff56ec20c722f327e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:21:26 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 52
etag: W/c5b9c98f1a93f16492ffd1547ed391d4
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: leEDLrpsenBWA5eaXapteuQsxPwYncmX98STLyP13nd12bzR6rfU3w==
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)

GET
H2 200 sa.svg
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/fonts/flags//4x3/ 16 KB
7 KB 37ms
37ms Image
image/svg+xml 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/fonts/flags//4x3/sa.svg
Requested by: Host: www.faces.com
URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/global.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd70283c33b7213c364c793115496c2dc8dd4bd3f04063d95a8528c41809083b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 21 Nov 2021 08:22:40 GMT
server: cloudflare
age: 1321
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591794
cross-origin-resource-policy: cross-origin
cf-ray: 6b2117b25d88695e-FRA
x-dw-request-base-id: -XuwZVNbm2EBAAB_
expires: Wed, 22 Dec 2021 09:18:52 GMT

GET
DATA 200
OK truncated
/ 187 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68b19c99c256263620deb4c12fca5046ccaf4570e22f75422d614bd776b8efd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 DINNextArabic-Regular.woff2
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/fonts/DINNext/ 28 KB
28 KB 29ms
28ms Font
font/woff2 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/fonts/DINNext/DINNextArabic-Regular.woff2
Requested by: Host: www.faces.com
URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/global.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c90c2f8dd927abf03f3e31c1f60d0476e46f82cac8ec80153304ce33bea799

Request headers

Referer: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/global.css
Origin: https://www.faces.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
cf-cache-status: HIT
last-modified: Sun, 21 Nov 2021 08:22:41 GMT
server: cloudflare
age: 1326
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2591799
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cf-ray: 6b2117b26dd3695e-FRA
x-dw-request-base-id: 0Yz3blNbm2EBAAB_
content-length: 28860
expires: Wed, 22 Dec 2021 09:18:57 GMT

GET
H2 200 DINNextLTArabic-Light.woff2
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/fonts/DINNext/ 47 KB
47 KB 33ms
32ms Font
font/woff2 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/fonts/DINNext/DINNextLTArabic-Light.woff2
Requested by: Host: www.faces.com
URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/global.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76421e66df6e29d46596f2c8f79f392d9330d9acd27a9c942857023dba4457c1

Request headers

Referer: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/global.css
Origin: https://www.faces.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
cf-cache-status: HIT
last-modified: Sun, 21 Nov 2021 08:22:41 GMT
server: cloudflare
age: 1326
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2591797
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cf-ray: 6b2117b26dd7695e-FRA
x-dw-request-base-id: 0YyublFbm2EBAAB_
content-length: 47708
expires: Wed, 22 Dec 2021 09:18:55 GMT

GET
H2 200 DINNextArabic-Bold.woff2
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/fonts/DINNext/ 29 KB
30 KB 26ms
25ms Font
font/woff2 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/fonts/DINNext/DINNextArabic-Bold.woff2
Requested by: Host: www.faces.com
URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/global.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53f8eb3baffab8f9c50418403df9c86a0863dbf21a872029209fe28361ba412e

Request headers

Referer: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/global.css
Origin: https://www.faces.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
cf-cache-status: HIT
last-modified: Sun, 21 Nov 2021 08:22:41 GMT
server: cloudflare
age: 1325
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2591796
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cf-ray: 6b2117b26dd9695e-FRA
x-dw-request-base-id: 0YytblFbm2EBAAB_
content-length: 30068
expires: Wed, 22 Dec 2021 09:18:54 GMT

GET
H2 200 scicons.woff2
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/fonts/ 13 KB
13 KB 30ms
29ms Font
font/woff2 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/fonts/scicons.woff2?14530902
Requested by: Host: www.faces.com
URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/global.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c999f2a714b34e10f4ffbcede6835df9e619d29987880bdad42a274e123f876

Request headers

Referer: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/css/global.css
Origin: https://www.faces.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
cf-cache-status: HIT
last-modified: Sun, 21 Nov 2021 08:22:41 GMT
server: cloudflare
age: 1326
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2591799
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cf-ray: 6b2117b26dda695e-FRA
x-dw-request-base-id: 0Yz6blNbm2EBAAB_
content-length: 13652
expires: Wed, 22 Dec 2021 09:18:57 GMT

GET
H2 200 preloader.gif
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/default/dwe7e6aebf/images/ 62 KB
62 KB 27ms
26ms Image
image/gif 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/default/dwe7e6aebf/images/preloader.gif
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b32255bfecf483224c11935cdc7b40f48334ce582bd7ca460bb1f4757ab5548

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
cf-cache-status: HIT
age: 84841
cf-polished: status=not_needed
cross-origin-resource-policy: cross-origin
content-length: 63185
last-modified: Sun, 21 Nov 2021 08:22:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
expires: Wed, 22 Dec 2021 09:20:47 GMT
cache-control: public, max-age=2591909
accept-ranges: bytes
cf-ray: 6b2117b2be8a695e-FRA
x-dw-request-base-id: 0YxRAoUVmmEBAAB_
cf-bgj: imgq:85,h2pri

GET
H2 200 Group%204173.png
www.faces.com/on/demandware.static/-/Library-Sites-FacesSharedLibrary/default/dwc48d1f33/footer/ 484 B
645 B 42ms
40ms Image
image/webp 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/on/demandware.static/-/Library-Sites-FacesSharedLibrary/default/dwc48d1f33/footer/Group%204173.png
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 835948a97295d9d3b4d23658c8ca16a80328e57d0025c1f617db96aacf36c36a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
cf-cache-status: HIT
age: 1174327
cf-polished: origFmt=png, origSize=1563
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="Group%204173.webp"
content-length: 484
last-modified: Sat, 18 Apr 2020 17:11:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 22 Dec 2021 09:22:18 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6b2117b2bea5695e-FRA
x-dw-request-base-id: -XtSthN2iWEBAAB_
cf-bgj: imgq:85,h2pri

GET
H2 200 vat.png
www.faces.com/on/demandware.static/-/Library-Sites-FacesSharedLibrary/ar_SA/dw14f8d77d/ 4 KB
4 KB 30ms
28ms Image
image/webp 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/on/demandware.static/-/Library-Sites-FacesSharedLibrary/ar_SA/dw14f8d77d/vat.png
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93075313167c01c5afb918bd0b994eeb85c05328d603e0df6628126265c44fa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
cf-cache-status: HIT
age: 2124383
cf-polished: origFmt=png, origSize=9791
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="vat.webp"
content-length: 4224
last-modified: Mon, 08 Mar 2021 10:36:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 22 Dec 2021 09:22:18 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6b2117b2beab695e-FRA
x-dw-request-base-id: x14fu-v2emEBAAB_
cf-bgj: imgq:85,h2pri

GET
H2 200 oauth-facebook-icon.svg
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/default/dwcb12e8fa/images/account/ 639 B
566 B 41ms
38ms Image
image/svg+xml 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/default/dwcb12e8fa/images/account/oauth-facebook-icon.svg
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb2e1981420865abb727075259ea0269df9bca24b7018340b4d70d721b0a19c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 21 Nov 2021 08:22:41 GMT
server: cloudflare
age: 84841
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591917
cross-origin-resource-policy: cross-origin
cf-ray: 6b2117b2beae695e-FRA
x-dw-request-base-id: -XvaFY0VmmEBAAB_
expires: Wed, 22 Dec 2021 09:20:55 GMT

GET
H2 200 logo-google.svg
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/default/dw304c86e4/images/ 1 KB
631 B 24ms
22ms Image
image/svg+xml 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/default/dw304c86e4/images/logo-google.svg
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f63c12c0c715582a720fb8b74c920bb3fb693dd24659e36b1b69d2e50bae4e98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 21 Nov 2021 08:22:41 GMT
server: cloudflare
age: 84841
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591921
cross-origin-resource-policy: cross-origin
cf-ray: 6b2117b2beb2695e-FRA
x-dw-request-base-id: -XuOFYsVmmEBAAB_
expires: Wed, 22 Dec 2021 09:20:59 GMT

GET
H2 200 embed.js Show response
resources.digital-cloud-west.medallia.com/wdcwest/79106/onsite/ 2 KB
1 KB 33ms
7ms Script
application/javascript 151.101.193.230
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud-west.medallia.com/wdcwest/79106/onsite/embed.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.230 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

06fb2515ad8ca70c3253d8807c9b8cd15fac5d597ae723b4eef7f667326f65b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: XlaLft1lo0OOSO8lmXtjcmtBZWJxz.wq
content-encoding: gzip
etag: "851fa3d5cf9c3d32715fc716ac3e4725"
age: 697807
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 677
x-amz-id-2: 0iUngUWJHc/deFQMuCnedZPR7IIyPbQSoGdY3Nywn5xAZEWFcJd5BGa3EF8tx/YqLbCzC8ZWBoc=
x-served-by: cache-sea4445-SEA, cache-fra19183-FRA
last-modified: Sun, 14 Nov 2021 07:32:09 GMT
server: AmazonS3
x-timer: S1637572939.704334,VS0,VE0
date: Mon, 22 Nov 2021 09:22:18 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 69EGTN946TGJPRVZ
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 2

GET
H2 200 dwanalytics-21.9.js Show response
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/internal/jscript/ 6 KB
3 KB 54ms
53ms Script
application/javascript 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/internal/jscript/dwanalytics-21.9.js
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1be4481f94f8dbeac0db34fa65981e1211c794231cb7952d7f2d73f73cb6bfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1378
cf-polished: origSize=6532
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Mon, 22 Nov 2021 08:56:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591851
cf-ray: 6b2117b2beb5695e-FRA
x-dw-request-base-id: 0YzNblJbm2EBAAB_
expires: Wed, 22 Dec 2021 09:19:49 GMT

GET
H2 200 dwac-21.7.js Show response
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/internal/jscript/ 5 KB
2 KB 21ms
20ms Script
application/javascript 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/internal/jscript/dwac-21.7.js
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0acc05529b896335e67451050b9d9353d4cd680a470919fecf91c12ff09196d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1377
cf-polished: origSize=5013
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Mon, 22 Nov 2021 08:56:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591848
cf-ray: 6b2117b2beb9695e-FRA
x-dw-request-base-id: 0YyQblBbm2EBAAB_
expires: Wed, 22 Dec 2021 09:19:46 GMT

GET
H2 200 gretel.min.js Show response
cdn.cquotient.com/js/v2/ 36 KB
12 KB 46ms
10ms Script
application/javascript 143.204.93.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cquotient.com/js/v2/gretel.min.js
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-53.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b6b34e69f08fb2fb269c0affa0b91f979eacc9df506d06fcc670e0601f23784

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:11:07 GMT
content-encoding: gzip
etag: W/"4fdd1834cd022d3113e766921bac1ba4"
last-modified: Wed, 27 Oct 2021 16:27:15 GMT
server: AmazonS3
age: 672
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9jBFcaELuARGd5UArP249xwZHEUluXLpZbHQLg32QwLaB0JsvHbABw==

GET
H2 200 applepay.js Show response
www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/internal/jscript/ 9 KB
3 KB 53ms
52ms Script
application/javascript 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.faces.com/on/demandware.static/Sites-Faces_SA-Site/-/ar_SA/v1637571401669/internal/jscript/applepay.js
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ad8df0436390cc4a60f3d7cffb9022a4f7689478cac55850b003cb54090ed6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1377
cf-polished: origSize=14299
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Mon, 22 Nov 2021 08:56:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591848
cf-ray: 6b2117b2bebc695e-FRA
x-dw-request-base-id: 0YyPblBbm2EBAAB_
expires: Wed, 22 Dec 2021 09:19:46 GMT

POST
H2 200 pub9bea4e5bb561cc8dcd5c4cef1ca5828a
rum-http-intake.logs.datadoghq.eu/v1/input/ 2 B
98 B 74ms
50ms Ping
application/json 2600:1901:0:662c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pub9bea4e5bb561cc8dcd5c4cef1ca5828a?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Afaces-sa%2Cversion%3A1.0.0&batch_time=1637572938721
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:662c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 09:22:18 GMT
via: 1.1 google
alt-svc: clear
content-length: 2
content-type: application/json

GET
H2 200 modules.1810afb089b838b62ed8.js Show response
script.hotjar.com/ 226 KB
60 KB 28ms
10ms Script
application/javascript 13.32.19.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.1810afb089b838b62ed8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1098206.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.19.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-19-2.fra56.r.cloudfront.net

Software

Resource Hash

2147901a5a424ea92ad2fd2457976c46765880cf4d267aa711df70d026912ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 417432
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60615
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 13:25:01 GMT
etag: "1f23634605f98b007e0df34e60106bb8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: B-mbsfn0qNBPJ7pgcES3OGEKHeJacqWOaGwUUkfBCBCSbiushogC4A==

GET
H2 200 widget.css
staticw2.yotpo.com/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/ 512 KB
54 KB 29ms
28ms Stylesheet
text/css 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/widget.css?widget_version=2021-08-12_14-50-29

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

169a86fed001327bc990a02ae13ea71bf2a819d62681c05222dcbead42f64357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=18
vary: Accept-Encoding
content-length: 54848
x-xss-protection: 1; mode=block
x-request-id: f52ed4a07316f9854238e6487cc18540
x-runtime: 0.109958
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"16bfaa5b05ff6e8100cebbe747949d8c"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1402
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8XT3DV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6435
date: Mon, 22 Nov 2021 07:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 22 Nov 2021 09:35:03 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 31ms
10ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8XT3DV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000136-IAD, cache-hhn11551-HHN

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 41 KB
14 KB 51ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8XT3DV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 08:29:00 GMT
server: nginx
etag: W/"615c0ccc-a373"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 23 Nov 2021 09:22:18 GMT

GET
H2 200 sha256.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/ 9 KB
4 KB 38ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.faces.com/
Origin: https://www.faces.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1437660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2977
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-2339"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPQdUsQVel4WgRP%2Bzf82djHUEJATV0DT0aQuYZOr9SUb%2FXeafbPaGQNnZYUXM%2FI8lvr%2FYpCkUKSEtkXq38Y%2B2GSHaRh4M%2BwXigINJ3kZISNb4eIxqB9tzPKxyH0OidbaXJKNUvkjvCy9P7h4UMyrjjae"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b2117b3afe005ed-FRA
expires: Sat, 12 Nov 2022 09:22:18 GMT

GET
H2 200 3wz2oirbk1 Show response
www.clarity.ms/tag/ 572 B
949 B 194ms
100ms Script
application/x-javascript 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/3wz2oirbk1
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e9c9606c616ebf69e5e7188e7d3c188f1237e1df3f084a9005845fb1da21ad86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
x-powered-by: ASP.NET
x-azure-ref: 0SmGbYQAAAADPBdZWfSpeT6R8FtIgeGaRTFRTRURHRTEzMTgANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
content-length: 572
expires: -1

GET
H2 200 ins.js Show response
facesuae.api.useinsider.com/ 553 KB
112 KB 68ms
39ms Script
application/javascript 2606:4700::6811:ab72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://facesuae.api.useinsider.com/ins.js?id=10004995
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8XT3DV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ab72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eb6194fae602dd374064598b1150d42b1dd4c4ab2c66cf87d947e7a77290fb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 4986
x-amz-request-id: F5XYG0MXTGTB5YBY
x-amz-id-2: L/G7VlUDUqY77Mfkr1dq57sktQ+vWQ0CNvSC1WnZb0Ah/o8Otd+kn7RiBqJGfx52C6lhUah63xE=
last-modified: Sun, 21 Nov 2021 01:55:54 GMT
server: cloudflare
etag: W/"8fdb324b8e70b07c251503b0b213a1e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=300
x-amz-version-id: ekg6_GbyGigkHmh568BN2aWfgqkM.aBR
cf-ray: 6b2117b3b8dd5b68-FRA
expires: Mon, 22 Nov 2021 09:27:18 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 117 KB
35 KB 186ms
169ms Script
application/javascript 2.16.186.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1FH0V48PMMOGUUN5IVG&lib=ttq
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0b850991db54c2e0c6a6b7a3c818d88205ced62b9f93665cca47f9cb2802b208

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-akamai-request-id: ba73b2aa.2faedec6
date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-28-72-109.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-157.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 159,2.16.186.157
server-timing: cdn-cache; desc=MISS, edge; dur=157, origin; dur=4, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 202111220922180102452421171FC978C7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 4,184.28.72.109
x-tt-trace-host: 0169d63868368e29681546f0880be44ba66629b55bca4380bc42d222a13c15180dcad6e1c27f05d9444dfca3e190b72c84f9b829e947d2186d3bcf51c3a8758af5206d6d248673f5e8c31d96383c29fbc2b438c897da7b15d345e44ebf872dd13ac2508b7f2ea60192cb2730bd819c6727
expires: Mon, 22 Nov 2021 09:22:18 GMT

GET
H2 200 / Show response
cb4f355a702f44288c6ab81ae1326e67.js.ubembed.com/ 485 B
760 B 38ms
8ms Script
application/json 151.101.193.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cb4f355a702f44288c6ab81ae1326e67.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8XT3DV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f3c970e2a3a152bd4ab75b30551e8f6235a1afe1ff1aaa65c935f75fa0d3ee69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 1363
etag: 9f55521ad819099bedf2ad7a6c2cc07a-v0.179.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA50-C1
accept-ranges: none
x-amz-apigw-id: JMtOyHHWjoEFnpA=

GET
H2 200 css
fonts.googleapis.com/ 3 KB
695 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/widget.css?widget_version=2021-08-12_14-50-29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://staticw2.yotpo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 08:01:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 09:22:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 09:22:18 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 91 KB
35 KB 34ms
19ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NFKM5G4&t=gtm12&cid=802785177.1637572939

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6eaf1781ea0080297193528ed43b471c36f58fc9c7bd9f1f388219eceea723e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36126
x-xss-protection: 0
expires: Mon, 22 Nov 2021 09:22:18 GMT

GET
H2 200 adsct
t.co/i/ 43 B
470 B 132ms
114ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny0w9&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=cae4a774-903a-4371-8601-d5b360e6ccf8&tw_document_href=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 106
pragma: no-cache
last-modified: Mon, 22 Nov 2021 09:22:18 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f36e62be72e640cc0397c22ddb10e79dc80c2f410b387e209a027dae48b13364
x-transaction: 57901dfae58c97a1
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 pub9bea4e5bb561cc8dcd5c4cef1ca5828a
rum-http-intake.logs.datadoghq.eu/v1/input/ 2 B
60 B 23ms
22ms Ping
application/json 2600:1901:0:662c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pub9bea4e5bb561cc8dcd5c4cef1ca5828a?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Afaces-sa%2Cversion%3A1.0.0&batch_time=1637572938874
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:662c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 09:22:18 GMT
via: 1.1 google
alt-svc: clear
content-length: 2
content-type: application/json

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7785 11 KB
5 KB 63ms
21ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.faces.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1842
date: Mon, 22 Nov 2021 09:22:18 GMT
content-length: 4683

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.1/ 173 KB
47 KB 38ms
10ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Requested by: Host: cb4f355a702f44288c6ab81ae1326e67.js.ubembed.com
URL: https://cb4f355a702f44288c6ab81ae1326e67.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:54:54 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 19:19:04 GMT
server: AmazonS3
age: 9563245
etag: W/"4d21402425377bf4a0f3a4f7ab8db2ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 90sa-F8oWvKBof8zWzPJIC3A1mRltCH2DHOaM13itj7kg3m3Tu1p8A==

GET
H2 200 clarity.js Show response
f.clarity.ms/s/0.6.29/ 52 KB
22 KB 299ms
94ms Script
application/javascript 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/s/0.6.29/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/3wz2oirbk1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 58e8bde3ffdce575ee790ef2eadf3e85a2c258ce7e78ff617fb1efe9e485c61e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:18 GMT
content-encoding: br
etag: "1d7dda781f0f6bd"
last-modified: Sat, 20 Nov 2021 00:42:34 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=A0EC77EEB3A14FB1A2E8DDF61B64E225&RedC=c.clarity.ms&MXFR=31660958087A6721047F19AF0C7A6948
https://c.clarity.ms/c.gif?CtsSyncId=A0EC77EEB3A14FB1A2E8DDF61B64E225&MUID=0107978150936EDF3F0A877651F86FD0

42 B
368 B

28ms
28ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=A0EC77EEB3A14FB1A2E8DDF61B64E225&MUID=0107978150936EDF3F0A877651F86FD0
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:18 GMT
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f95a3e4769d2d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 408B67AC0FD94FE8B9A474A6F0D08194 Ref B: FRAEDGE1506 Ref C: 2021-11-22T09:22:19Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=A0EC77EEB3A14FB1A2E8DDF61B64E225&MUID=0107978150936EDF3F0A877651F86FD0
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7785
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=faces.com&sn=ChromeSyncframe&so=0&topUrl=www.faces.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=pJrS03xkNTNNTG1mTkY1aTJXRGV4SjBVZjQrTWpVOVIxc2pPZEpONU1zT2dMa2JnUDI4ZW9KRWhmUzh2Wm1qUHZKVlc2U2hCTnI1UkZxMkgrTkgwbkg3ZGhQWG55NFgySHlZZW9walo2ajVHZjFJQVdsbU1jNlBlWkJmeW...

436 B
628 B

52ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=pJrS03xkNTNNTG1mTkY1aTJXRGV4SjBVZjQrTWpVOVIxc2pPZEpONU1zT2dMa2JnUDI4ZW9KRWhmUzh2Wm1qUHZKVlc2U2hCTnI1UkZxMkgrTkgwbkg3ZGhQWG55NFgySHlZZW9walo2ajVHZjFJQVdsbU1jNlBlWkJmeW1idXhIU3VsL3BzSFB5L3pabHRIcXRmU1F4NGZXbFNZV3hXbXRBeFhIZlVPZHhqQ3VIZFRXT2M5NUhaOUk5a3lJa2x6dDBxaEJYcU1qSExJaTVTTU1vQzhkOHczS2hldlN3WUhtSmVaU1haUUJmKzd5WjdYTGE2aE5Payt2cXZFT09FYjBORXczbmN2UXVRMTZtekxKYk0veXNUWnJDUT09fA&cppv=2

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.faces.com&origin=onetag

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8c2cf97944d4708b6edaf34fe0b4623a467c54fa24cc5a2e1256bc56b5157c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 22 Nov 2021 09:22:18 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3674
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 22 Nov 2021 09:22:18 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=pJrS03xkNTNNTG1mTkY1aTJXRGV4SjBVZjQrTWpVOVIxc2pPZEpONU1zT2dMa2JnUDI4ZW9KRWhmUzh2Wm1qUHZKVlc2U2hCTnI1UkZxMkgrTkgwbkg3ZGhQWG55NFgySHlZZW9walo2ajVHZjFJQVdsbU1jNlBlWkJmeW1idXhIU3VsL3BzSFB5L3pabHRIcXRmU1F4NGZXbFNZV3hXbXRBeFhIZlVPZHhqQ3VIZFRXT2M5NUhaOUk5a3lJa2x6dDBxaEJYcU1qSExJaTVTTU1vQzhkOHczS2hldlN3WUhtSmVaU1haUUJmKzd5WjdYTGE2aE5Payt2cXZFT09FYjBORXczbmN2UXVRMTZtekxKYk0veXNUWnJDUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1960
content-length: 541
expires: 0

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 323ms
323ms Script
application/javascript 2.16.186.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1FH0V48PMMOGUUN5IVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-akamai-request-id: ba73d060.2faee0cb
date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-28-72-109.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-157.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 299,2.16.186.157
server-timing: cdn-cache; desc=MISS, edge; dur=304, origin; dur=10, inner; dur=1
content-length: 30761
pragma: no-cache
server: nginx
x-tt-logid: 202111220922190102510582200C5CB94C
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,184.28.72.109
x-tt-trace-host: 0169d63868368e29681546f0880be44ba66629b55bca4380bc42d222a13c15180dcad6e1c27f05d9444dfca3e190b72c84f9b829e947d2186d3bcf51c3a8758af58c156fe80e97ea4f9becbd1ff59077be9758ee3fcbd2ebec1f8fc55f2302c9090f3569caa810629891eadfecab890b54
expires: Mon, 22 Nov 2021 09:22:19 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 689 B
1 KB 310ms
309ms Script
application/javascript 2.16.186.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C1FH0V48PMMOGUUN5IVG&hostname=www.faces.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1FH0V48PMMOGUUN5IVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1583349f5b70ca1c67d8a46be12eee8a699984fbe31417d19924790663d421d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-akamai-request-id: 9fbf4d1a.2faee11c
date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-88-71-85.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-157.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 263,2.16.186.157
server-timing: cdn-cache; desc=MISS, edge; dur=270, origin; dur=7, inner; dur=4
content-length: 308
pragma: no-cache
server: nginx
x-tt-logid: 20211122092219010251058220115F1016
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,104.88.71.85
x-tt-trace-host: 0169d63868368e29681546f0880be44ba6617242fe833ae874a8fb2f7f7a7158bb0f98c058ea0fc5b8ee0b054b0801c75129273b5e23c5297c89b32973ca3b55576eafc2be15534a31db46b8dc44d185ed213880fdd07c1f300468fc837e9c03a3f39aecf4ec751ec4680b4eb56e1c46d8
expires: Mon, 22 Nov 2021 09:22:19 GMT

GET
H2 200 track_cart
nova.collect.igodigital.com/c2/100039654/ 43 B
717 B 117ms
117ms Image
image/gif 54.205.247.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/100039654/track_cart?payload=%7B%22clear_cart%22%3Atrue%2C%22url%22%3A%22https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip%22%2C%22user_info%22%3A%7B%22email%22%3A%22abACwVVr4MDerQK15D1AwXe6Bn%22%7D%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.205.247.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-247-222.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-runtime: 0.008378
date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"98b3d9d20e032f90aca49e9b116225d5"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 33399c3a-9682-4d37-9cf2-12ee536cd393

GET
H2 200 track_page_view
nova.collect.igodigital.com/c2/100039654/ 43 B
716 B 118ms
118ms Image
image/gif 54.205.247.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/100039654/track_page_view?payload=%7B%22category%22%3A%22newarrivals%22%2C%22title%22%3A%22%D8%AA%D8%B3%D9%88%D9%91%D9%82%20%D9%88%D8%B5%D9%84%20%D8%AD%D8%AF%D9%8A%D8%AB%D8%A7%20%D8%A7%D9%88%D9%84%D8%A7%D9%8A%D9%86%20%D9%81%D9%8A%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9%20%E2%80%A2%20FACES%20(%D9%88%D8%AC%D9%88%D9%87)%22%2C%22url%22%3A%22https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip%22%2C%22referrer%22%3A%22%22%2C%22et_email%22%3A%7B%22job_id%22%3A%22436513%22%2C%22list_id%22%3A%2298%22%2C%22landing_url_id%22%3A%2264279617%22%2C%22job_batch_id%22%3A%221006%22%2C%22subscriber_id%22%3A%2252414655%22%2C%22mid%22%3A%22100039654%22%7D%2C%22user_info%22%3A%7B%22email%22%3A%22abACwVVr4MDerQK15D1AwXe6Bn%22%7D%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.205.247.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-247-222.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-runtime: 0.009997
date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"98b3d9d20e032f90aca49e9b116225d5"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 638ef8e6-81f4-4a63-9571-b167756e3762

POST
H2 200 PM_CHANEL_Rouge_Allure_Holiday Show response
staticw2.yotpo.com/batch/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/ 173 B
672 B 172ms
171ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/PM_CHANEL_Rouge_Allure_Holiday

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

7cae1b627f1b910ea051fc4a6474b226a43af52f037465f31e93ac4f5db8a847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=41, origin; dur=109
vary: Accept-Encoding
content-length: 160
x-xss-protection: 1; mode=block
x-request-id: 0060ccb23148b495fcd7202afc5a0b26
x-runtime: 0.019647
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"b4127ba6e9b23e222311b27073922ce0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/006615539486/widget/ 173 B
670 B 231ms
230ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/006615539486/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

f0c7a09d9bc83e12690c61be1fe712c9a254aa88a53f3671985e8bc142919bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=54, origin; dur=159
vary: Accept-Encoding
content-length: 155
x-xss-protection: 1; mode=block
x-request-id: e4e994ded7ca8d1a686c13ed7b5f14ac
x-runtime: 0.013518
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"1b40dd5c32b95a4d7c63bded97ac8488"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/274615556318/widget/ 173 B
675 B 157ms
156ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/274615556318/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

f6adf1415d5e93aaf681139e19f1bcdcf156fea47756cb322c666f2f1a57a234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=25, origin; dur=111
vary: Accept-Encoding
content-length: 161
x-xss-protection: 1; mode=block
x-request-id: f966c710385b5bedb774331e4613269c
x-runtime: 0.012699
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"c35d193f1ca5b41475ec815567191f48"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/009115540928/widget/ 173 B
676 B 152ms
151ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/009115540928/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

2dc8f708e6eaba9eebe8abcd34a7bb13805ea87f56f17b7db67824243a89588e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=25, origin; dur=101
vary: Accept-Encoding
content-length: 161
x-xss-protection: 1; mode=block
x-request-id: e730ff261916deaef4b032d24b3e38ea
x-runtime: 0.010785
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"50be78937219e09d18a3b3a1760e502b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10782
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/014815114954/widget/ 173 B
676 B 177ms
176ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/014815114954/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

a18c7df9d1cb54040139201c1aa3a41d38164efb04452247206daf0e45b4d9fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=38, origin; dur=102
vary: Accept-Encoding
content-length: 161
x-xss-protection: 1; mode=block
x-request-id: 55d3eefe55f20bfd74365456f7702dd8
x-runtime: 0.012636
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"f9534ead0f1d151ad748a8b142250656"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/026115403160/widget/ 173 B
671 B 467ms
466ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/026115403160/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

697244537b778b6621c01e0187b521e111463b636ee632da27338b325336e704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=24, origin; dur=400
vary: Accept-Encoding
content-length: 156
x-xss-protection: 1; mode=block
x-request-id: 984baf13a2fa57c54b287d11f23e7f41
x-runtime: 0.013281
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"6f61a7dba8260dd49cb62aa1286e56a5"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/006615539479/widget/ 173 B
675 B 208ms
207ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/006615539479/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

adb8222b7c97854c5828e25d0e68f0734d84c9391647b171c4af51907eb1da01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=33, origin; dur=111
vary: Accept-Encoding
content-length: 161
x-xss-protection: 1; mode=block
x-request-id: 819913b55df096613265ffc19309e78c
x-runtime: 0.011383
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"8c6774afb8e7a74fc9689e203576bc67"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/274615556311/widget/ 173 B
675 B 289ms
288ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/274615556311/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

662bab066b02a6cf805fa0501b95050356476e21ec7feff33cdcb3723694eb98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=79, origin; dur=151
vary: Accept-Encoding
content-length: 160
x-xss-protection: 1; mode=block
x-request-id: c6144ca4ecc405cfa1996808a0fe3bd5
x-runtime: 0.030065
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"d5165e6f2ee03e048ced3aa13d03e0d7"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10771
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 PM_MAKE_UP_FOR_EVER_Rouge_Artist_Shine_On Show response
staticw2.yotpo.com/batch/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/ 173 B
674 B 271ms
270ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/PM_MAKE_UP_FOR_EVER_Rouge_Artist_Shine_On

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

6ae96c2098fedcc2f29ba7a48a72f0ba4dc955db6fdc7fe3d9a9cda9c523fa60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=29, origin; dur=148
vary: Accept-Encoding
content-length: 160
x-xss-protection: 1; mode=block
x-request-id: 82d2bab9bff8495d1baa306457ef7e0e
x-runtime: 0.024320
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"471ab34242ed50270f82d295be56291a"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 PM_SHISEIDO_Ultimune_Power_Infusing_Concentrate Show response
staticw2.yotpo.com/batch/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/ 174 B
672 B 256ms
255ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/PM_SHISEIDO_Ultimune_Power_Infusing_Concentrate

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

9623ca25ccda911a481eadeb5e697111d1dea9ff2aa1692d391423570385fb80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=44, origin; dur=114
vary: Accept-Encoding
content-length: 156
x-xss-protection: 1; mode=block
x-request-id: 176185763dd678169347557d730eb7f0
x-runtime: 0.010138
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"7ed0f3893cc645552ee365b031c2541c"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/274615556310/widget/ 175 B
677 B 251ms
250ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/274615556310/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

7b05300ffd426df7fd6eae961e16b9075c418522a9a5bceaec4fcb0f485c8805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=38, origin; dur=106
vary: Accept-Encoding
content-length: 162
x-xss-protection: 1; mode=block
x-request-id: 3103390d6e8f34792fb7d4c769bc7cc6
x-runtime: 0.014896
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"77de2375e7a011b0c34a695af7001a8d"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10794
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/034815539735/widget/ 175 B
677 B 270ms
269ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/034815539735/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

373ebaf7fdc72f8a7af4c9f66859861c1d330373bb739822d8e8defb339670ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=36, origin; dur=111
vary: Accept-Encoding
content-length: 162
x-xss-protection: 1; mode=block
x-request-id: 1c796a9b97fe6026dc4a75aca5a4439a
x-runtime: 0.012026
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"14a5104c95af6d047baee237bfeb02ff"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10791
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/009114952517/widget/ 175 B
672 B 314ms
313ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/009114952517/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

a3a243b27f625603c48a684a195110dad6febdf6648dcd51124d586d30139e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=76, origin; dur=108
vary: Accept-Encoding
content-length: 157
x-xss-protection: 1; mode=block
x-request-id: 5e4adbc05136ec2eea26ae542b9d2632
x-runtime: 0.015893
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"2ff6c591ad8b2fd3bf17d435fea171c9"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10747
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/019314783533/widget/ 175 B
679 B 286ms
285ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/019314783533/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

5aa9baf6d71a79ce2f8deba1d932e97583ab1d638930d032d76b81d53595477b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=47, origin; dur=98
vary: Accept-Encoding
content-length: 163
x-xss-protection: 1; mode=block
x-request-id: 7c7715ad5c5aee51012bab2f59fd5016
x-runtime: 0.010749
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"dad0d43856bd5978790004a408a78b02"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10765
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/274615556314/widget/ 175 B
679 B 351ms
350ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/274615556314/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

f21671961ef95e63624ae979e991074a0edec4ab2ad8f69db418fc46748ed3c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=120
vary: Accept-Encoding
content-length: 163
x-xss-protection: 1; mode=block
x-request-id: 5af46290ebe072782e57351abe25364b
x-runtime: 0.021383
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"8ab1be61255b157e01e5b80443cb4ac8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10771
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 PM_Rouge_G_de_Guerlain_The_Double_Mirror_Case Show response
staticw2.yotpo.com/batch/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/ 175 B
674 B 362ms
361ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/PM_Rouge_G_de_Guerlain_The_Double_Mirror_Case

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

e0a416e4f9f80efa4c018dad67c3fdcf504ef9787bf429cf60cfc7220b074a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=56, origin; dur=149
vary: Accept-Encoding
content-length: 158
x-xss-protection: 1; mode=block
x-request-id: e09803b322b4d3f44a60cba940318772
x-runtime: 0.035426
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"dbfc733b02e2571ead7ab0cdfb582462"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10774
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 PM_GUERLAIN_Rouge_G_Luxurious_Velvet Show response
staticw2.yotpo.com/batch/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/ 175 B
673 B 401ms
400ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/PM_GUERLAIN_Rouge_G_Luxurious_Velvet

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

677d882c4bb8148c545831d6e5f15606c83ef43c7ccf8f40634cf5b22b501885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=79, origin; dur=148
vary: Accept-Encoding
content-length: 158
x-xss-protection: 1; mode=block
x-request-id: d3052ed00ff2597e82f62c15daa94248
x-runtime: 0.041929
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"08a4ce6c7eb2bcb6bcaa2b164b4f9a95"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/014815114961/widget/ 175 B
678 B 361ms
360ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/014815114961/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

b45c3cba81e6799c994db3249109d95c79266ae6545eec70302cb9c403213e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=57, origin; dur=110
vary: Accept-Encoding
content-length: 163
x-xss-protection: 1; mode=block
x-request-id: ec02e7a38780e780cd1a0b239fc5449c
x-runtime: 0.020312
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"c21b2e09b1df41a7069a4dd719ea5e76"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10768
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/014815114959/widget/ 175 B
673 B 374ms
373ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/014815114959/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

9f96b848d871abdd12ebf5f25e66699fa97d6e9428041014b49ee40e77499b2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=46, origin; dur=117
vary: Accept-Encoding
content-length: 157
x-xss-protection: 1; mode=block
x-request-id: 1cc7712d174aa0d2c40d042f3ef37766
x-runtime: 0.022231
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"641c64f9b3c5499314e6371e03c8888c"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10781
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/027815489540/widget/ 175 B
677 B 391ms
390ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/027815489540/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

555bfb1090210039d9ad65a9b7f421e6b0855269ac2950df180423eb355c073f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=54, origin; dur=111
vary: Accept-Encoding
content-length: 163
x-xss-protection: 1; mode=block
x-request-id: 0b4a3e43002e45ead8f7ec143c005dcc
x-runtime: 0.012333
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"d32ec40fef461cf87cec826508e24128"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/014815114955/widget/ 175 B
676 B 391ms
390ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/014815114955/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

82efeedef8d23cf1632ad28a33afb0c51892ffacb41b498a5e5038289c0cc34c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=39, origin; dur=105
vary: Accept-Encoding
content-length: 162
x-xss-protection: 1; mode=block
x-request-id: 3e21cac9a7ad8f3a7e289e9bbc354c75
x-runtime: 0.015278
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"e90290586d33bee3959a566ad296653c"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/014815114958/widget/ 175 B
676 B 437ms
436ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/014815114958/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

0a1f65dd0544544de40fa53ca251eca52522ced3f5a608aa3425aeab157a34a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=74, origin; dur=110
vary: Accept-Encoding
content-length: 162
x-xss-protection: 1; mode=block
x-request-id: baa7ccfca12f45eb0f649725a70f45ab
x-runtime: 0.012341
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"1f51cdb89c3ce02fa8e1638a90f5c477"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/014815114956/widget/ 175 B
673 B 407ms
406ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/014815114956/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

7ad7332ee113a0b4c9d70707f86404fe48888fb6f3eaf6c62f9500effeb1eb6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=28, origin; dur=106
vary: Accept-Encoding
content-length: 157
x-xss-protection: 1; mode=block
x-request-id: fc65f0b9cdd0c16fdfc7a55236c84145
x-runtime: 0.016744
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"712efea20b3ebdaa2b942600c68edb3b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10767
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/014815114957/widget/ 175 B
679 B 425ms
424ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/014815114957/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

7cbd9b2deca2667fcf6feec3a7997f8b80e100b93dea38331cb31f190d66ff18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=36, origin; dur=106
vary: Accept-Encoding
content-length: 163
x-xss-protection: 1; mode=block
x-request-id: bd355ee869e4de8ea4efd1cf52698c89
x-runtime: 0.011431
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"4ce5d3e1e8226bff06c7193751a0fdc3"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10742
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 PM_MAKE_UP_FOR_EVER_Rouge_Artist_Metallic Show response
staticw2.yotpo.com/batch/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/ 175 B
675 B 451ms
450ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/PM_MAKE_UP_FOR_EVER_Rouge_Artist_Metallic

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

4a349fe8b6b74dabc36f064dd4c7532108c8c5f04476f1e106ca3572336f0190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=22, origin; dur=127
vary: Accept-Encoding
content-length: 158
x-xss-protection: 1; mode=block
x-request-id: 4c4716cd3b7313dce0a5ab824df414fb
x-runtime: 0.015216
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"946bdf9e96a76377023df9a48620f526"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10758
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 PM_MAKE_UP_FOR_EVER_Pro_Glow_Powder Show response
staticw2.yotpo.com/batch/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/ 175 B
677 B 467ms
466ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/PM_MAKE_UP_FOR_EVER_Pro_Glow_Powder

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

831b1711fed1943363d82a74626a30b5d2f4c1b4a207a1031573f6b1d73a1f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=28, origin; dur=130
vary: Accept-Encoding
content-length: 163
x-xss-protection: 1; mode=block
x-request-id: 9e020a49003cc6f7bfeeab7548c7e19e
x-runtime: 0.013477
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"b29514a3ce7207ecd8beb0102c5c41ab"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10749
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/021715242631/widget/ 175 B
679 B 452ms
451ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/021715242631/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

3e656754cc34b7603450fe085695d2dd0f1e23f651a074cd00bb10234b72387b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=17, origin; dur=111
vary: Accept-Encoding
content-length: 163
x-xss-protection: 1; mode=block
x-request-id: 4d0749f6750880fd2aabe69e0c89ed36
x-runtime: 0.011556
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"be5e3335f73bc092b87198b4b2df5969"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/021715242628/widget/ 175 B
677 B 469ms
468ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/021715242628/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

ca483c29925a261339d255d0750f1b2a260bc3b572cfa45dd31ff1d22f887616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=24, origin; dur=116
vary: Accept-Encoding
content-length: 163
x-xss-protection: 1; mode=block
x-request-id: 28bb40a9133cfa293edf2abbeadb18da
x-runtime: 0.017608
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"d27192e16aba400ba645201c82204bd7"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/274615556316/widget/ 175 B
673 B 515ms
514ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/274615556316/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

21cee69a80e42e8f1c659067b801ae7f98ead766b43d188a5b7462d95da98516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=54, origin; dur=121
vary: Accept-Encoding
content-length: 158
x-xss-protection: 1; mode=block
x-request-id: 8bc529e9e5c5c5d5fd093e5ee1554b75
x-runtime: 0.020565
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"6b03d177113770fc1f4386926cca0b89"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/274615556315/widget/ 175 B
673 B 519ms
519ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT/domain_key/274615556315/widget/bottomline

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

987926a0a6bb161c59c7dd9170a629db5b8f3f422f10a704e280bc628553bced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=46, origin; dur=123
vary: Accept-Encoding
content-length: 158
x-xss-protection: 1; mode=block
x-request-id: bbdf4db88f6d6a30b54a5ec2314a6897
x-runtime: 0.012550
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"a96471076df28f6d2e9ad1180166e0c1"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT Show response
staticw2.yotpo.com/batch/ 3 KB
799 B 647ms
647ms XHR
application/json 2a02:26f0:6c00:28e::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

421791f237e85b4b8cfd9ffa470bfb952473ea0e6096667c0d83bb858d0d97a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=26, origin; dur=263
vary: Accept-Encoding
content-length: 284
x-xss-protection: 1; mode=block
x-request-id: 68449b8e8dc74860660a22de0c10377d
x-runtime: 0.160420
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"6f84e4f0f10a5989a58f582e0c54ef3d"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.faces.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 44ms
9ms Image
image/gif 18.159.118.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=%D8%AA%D8%B3%D9%88%D9%91%D9%82%20%D9%88%D8%B5%D9%84%20%D8%AD%D8%AF%D9%8A%D8%AB%D8%A7%20%D8%A7%D9%88%D9%84%D8%A7%D9%8A%D9%86%20%D9%81%D9%8A%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9%20%E2%80%A2%20FACES%20(%D9%88%D8%AC%D9%88%D9%87)&se_va=MIrZhbq34eDaIcNd3786jF9QFnkymsTmws2zgzfT&cx=eyJwdl91dWlkIjo5OTQxNzczODN9&dtm=1637572939141&tid=732243&vp=1600x1200&ds=1600x8469&vid=1&duid=1926698782bb128a&p=web&tv=js-0.13.2&fp=3263723490&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.118.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-118-99.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:22:19 GMT
Cache-Control: max-age=86400, private
Expires: Tue, 23 Nov 2021 09:22:19 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
675 B 137ms
120ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny0w9&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=cae4a774-903a-4371-8601-d5b360e6ccf8&tw_document_href=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Mon, 22 Nov 2021 09:22:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 600d49b061e2f23ffd610d9b3cd24f64fac6e98852006590918916fa2069f969
x-transaction: 1c745b0bf34745da
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Ping
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.faces.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 49ms
16ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-25600489-1&cid=802785177.1637572939&jid=957691697&gjid=1432974520&_gid=430661559.1637572939&_u=aGDAiEADRAAAAE~&z=156683466

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Nov 2021 09:22:19 GMT
content-type: text/plain
access-control-allow-origin: https://www.faces.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 56ms
30ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8XT3DV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14378
x-xss-protection: 0
server: cafe
etag: 684346926396516684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 09:22:19 GMT

GET
H2 200 quantum-chalhoub1.js Show response
cdn.quantummetric.com/qscripts/ 198 KB
63 KB 49ms
29ms Script
text/javascript 2606:4700:10::6816:35fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-chalhoub1.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8XT3DV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d95917532840d6eb57359da112568bcf21a81e763e9f5d315b2dbca7afde425a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 149
etag: W/"163722808116116365810289581637571605824"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000
cf-ray: 6b2117b64aeb4eeb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: ZZlxgkDHl5gr8Edvuhkcoo0Xru2yfhwHqKCBh6PMnsdIamDLT9ALOUFdyYGMgjMqLO8wWGmnZgDJqHhs26kPGg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 22 Nov 2021 09:22:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 18 KB
7 KB 48ms
25ms Script
application/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0cc2be64b24f8ae3f9951a81ce4964ea31e5663f5f739d7f34cf9dbaef8ae2c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6816
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-id: iaA-vRUhMBbMUFW5rqQ1lGDXccMb6uzM_Wq4M5o87JJV08SNWuogEg==

GET
H2

200

tags Show response
creativecdn.com/ Frame BB4C
Redirect Chain

https://creativecdn.com/tags?type=iframe&id=pr_NzbF0wJnObNMyda1oWiD_newoffers&id=pr_NzbF0wJnObNMyda1oWiD_custom_country_SA&id=pr_NzbF0wJnObNMyda1oWiD_custom_lang_ar&id=pr_NzbF0wJnObNMyda1oWiD_lid_P...
https://creativecdn.com/tags?type=iframe&id=pr_NzbF0wJnObNMyda1oWiD_newoffers&id=pr_NzbF0wJnObNMyda1oWiD_custom_country_SA&id=pr_NzbF0wJnObNMyda1oWiD_custom_lang_ar&id=pr_NzbF0wJnObNMyda1oWiD_lid_P...

244 B
551 B

21ms
21ms

Document
text/html

185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/tags?type=iframe&id=pr_NzbF0wJnObNMyda1oWiD_newoffers&id=pr_NzbF0wJnObNMyda1oWiD_custom_country_SA&id=pr_NzbF0wJnObNMyda1oWiD_custom_lang_ar&id=pr_NzbF0wJnObNMyda1oWiD_lid_Pbda4wF4dlFGRQXAdZPD&su=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&sr=&ts=1637572939224&tc=1
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: 3ce778a72017fc51c5ccb9aab38b69ef5dd6841d32598c17e97934868c5f895e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT Mon, 22 Nov 2021 09:22:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin, Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-length: 193

Redirect headers

date: Mon, 22 Nov 2021 09:22:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/tags?type=iframe&id=pr_NzbF0wJnObNMyda1oWiD_newoffers&id=pr_NzbF0wJnObNMyda1oWiD_custom_country_SA&id=pr_NzbF0wJnObNMyda1oWiD_custom_lang_ar&id=pr_NzbF0wJnObNMyda1oWiD_lid_Pbda4wF4dlFGRQXAdZPD&su=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&sr=&ts=1637572939224&tc=1
content-length: 0

GET
H2 200 worker-new.html Show response
facesuae.api.useinsider.com/ Frame 18C5 8 KB
3 KB 28ms
27ms Document
text/html 2606:4700::6811:ab72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://facesuae.api.useinsider.com/worker-new.html
Requested by: Host: facesuae.api.useinsider.com
URL: https://facesuae.api.useinsider.com/ins.js?id=10004995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ab72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-type: text/html
access-control-allow-origin: *
last-modified: Fri, 19 Nov 2021 12:25:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4648
expires: Wed, 08 Dec 2021 09:22:19 GMT
cache-control: public, max-age=1382400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b2117b64dcb5b68-FRA
content-encoding: br

GET
H2 200 box-ad575b5823df97fc9725e14a57070642.html Show response
vars.hotjar.com/ Frame 3C06 2 KB
1 KB 29ms
8ms Document
text/html 143.204.207.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1098206.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-9.fra53.r.cloudfront.net
Software: /
Resource Hash: f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/

Response headers

content-type: text/html
content-length: 1050
date: Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified: Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: ZY0r8UCnqo2tiYltjEO27MRLSJ8q4hPm5R1zKp5AcBi_t1Ye3y0vrQ==
age: 511573

GET
H2 200 pebble Show response
p.cquotient.com/ 252 B
554 B 114ms
37ms Script
text/javascript 52.50.71.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.cquotient.com/pebble?tla=bdcl-Faces_SA&activityType=viewCategory&callback=CQuotient._act_callback0&cookieId=abACwVVr4MDerQK15D1AwXe6Bn&userId=&emailId=&products=id%3A%3APM_CHANEL_Rouge_Allure_Holiday%7C%7Csku%3A%3A%3B%3Bid%3A%3A006615539486%7C%7Csku%3A%3A%3B%3Bid%3A%3A274615556318%7C%7Csku%3A%3A%3B%3Bid%3A%3A009115540928%7C%7Csku%3A%3A%3B%3Bid%3A%3A014815114954%7C%7Csku%3A%3A%3B%3Bid%3A%3A026115403160%7C%7Csku%3A%3A%3B%3Bid%3A%3A006615539479%7C%7Csku%3A%3A%3B%3Bid%3A%3A274615556311%7C%7Csku%3A%3A%3B%3Bid%3A%3APM_MAKE_UP_FOR_EVER_Rouge_Artist_Shine_On%7C%7Csku%3A%3A%3B%3Bid%3A%3APM_SHISEIDO_Ultimune_Power_Infusing_Concentrate%7C%7Csku%3A%3A%3B%3Bid%3A%3A274615556310%7C%7Csku%3A%3A%3B%3Bid%3A%3A034815539735%7C%7Csku%3A%3A%3B%3Bid%3A%3A009114952517%7C%7Csku%3A%3A%3B%3Bid%3A%3A019314783533%7C%7Csku%3A%3A%3B%3Bid%3A%3A274615556314%7C%7Csku%3A%3A%3B%3Bid%3A%3APM_Rouge_G_de_Guerlain_The_Double_Mirror_Case%7C%7Csku%3A%3A%3B%3Bid%3A%3APM_GUERLAIN_Rouge_G_Luxurious_Velvet%7C%7Csku%3A%3A%3B%3Bid%3A%3A014815114961%7C%7Csku%3A%3A%3B%3Bid%3A%3A014815114959%7C%7Csku%3A%3A%3B%3Bid%3A%3A027815489540%7C%7Csku%3A%3A%3B%3Bid%3A%3A014815114955%7C%7Csku%3A%3A%3B%3Bid%3A%3A014815114958%7C%7Csku%3A%3A%3B%3Bid%3A%3A014815114956%7C%7Csku%3A%3A%3B%3Bid%3A%3A014815114957%7C%7Csku%3A%3A%3B%3Bid%3A%3APM_MAKE_UP_FOR_EVER_Rouge_Artist_Metallic%7C%7Csku%3A%3A%3B%3Bid%3A%3APM_MAKE_UP_FOR_EVER_Pro_Glow_Powder%7C%7Csku%3A%3A%3B%3Bid%3A%3A021715242631%7C%7Csku%3A%3A%3B%3Bid%3A%3A021715242628%7C%7Csku%3A%3A%3B%3Bid%3A%3A274615556316%7C%7Csku%3A%3A%3B%3Bid%3A%3A274615556315%7C%7Csku%3A%3A%3B%3Bid%3A%3A274615556317%7C%7Csku%3A%3A%3B%3Bid%3A%3A274615556312%7C%7Csku%3A%3A%3B%3Bid%3A%3A274615556313%7C%7Csku%3A%3A%3B%3Bid%3A%3A006615539480%7C%7Csku%3A%3A%3B%3Bid%3A%3A006615539483%7C%7Csku%3A%3A%3B%3Bid%3A%3APM_CHANEL_Ombre_Premi%C3%A8re_Laque_Glitter%7C%7Csku%3A%3A%3B%3Bid%3A%3APM_GIORGIO_ARMANI_My_Way_Intense_EDP%7C%7Csku%3A%3A%3B%3Bid%3A%3APM_WBF_Flawless_Skin_Foundation%7C%7Csku%3A%3A%3B%3Bid%3A%3A274615556301%7C%7Csku%3A%3A%3B%3Bid%3A%3A033315585762%7C%7Csku%3A%3A%3B%3Bid%3A%3A033315585761%7C%7Csku%3A%3A%3B%3Bid%3A%3A033315585758%7C%7Csku%3A%3A%3B%3Bid%3A%3A033315585756%7C%7Csku%3A%3A%3B%3Bid%3A%3A033315585760%7C%7Csku%3A%3A%3B%3Bid%3A%3A033315585759%7C%7Csku%3A%3A%3B%3Bid%3A%3A005715329029%7C%7Csku%3A%3A%3B%3Bid%3A%3A034815566221%7C%7Csku%3A%3A%3B%3Bid%3A%3A034815539737%7C%7Csku%3A%3A&categoryId=newarrivals&refinements=%5B%7B%22name%22%3A%22Category%22%2C%22value%22%3A%22newarrivals%22%7D%5D&personalized=false&sortingRule=new-to-old&realm=BDCL&siteId=Faces_SA&instanceType=prd&queryLocale=ar_SA&locale=ar_SA&referrer=&currentLocation=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&ls=true&_=1637572939250&v=v2.34.2&fbPixelId=__UNKNOWN__

Requested by

Host: cdn.cquotient.com
URL: https://cdn.cquotient.com/js/v2/gretel.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.71.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-71-252.eu-west-1.compute.amazonaws.com

Software

Resource Hash

8aa465954b3864ff1547a49839e0ac3e31d7bcda78c01271894315bb3c96727b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
x-content-type-options: nosniff
etag: W/"fc-smj/vEZ0wnFOHSYwjTyDiDshTpA"
content-length: 252
strict-transport-security: max-age=15552000; includeSubdomains
content-type: text/javascript; charset=utf-8

GET
H2 200 Cart-Get Show response
www.faces.com/on/demandware.store/Sites-Faces_SA-Site/ar_SA/ 3 KB
1 KB 114ms
114ms XHR
application/json 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.faces.com/on/demandware.store/Sites-Faces_SA-Site/ar_SA/Cart-Get
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e8b2db59e745df118fc8a990ac21ecaf85e739bf8dfc63f78012702b899d5fa

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 6b2117b68f4b695e-FRA
x-dw-request-base-id: 0YzPz0phm2EBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 404 logo-white.svg
www.faces.com/on/demandware.static/-/Sites/ar_SA/v1637571401669/ 371 B
371 B 46ms
46ms Image
text/html 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/on/demandware.static/-/Sites/ar_SA/v1637571401669/logo-white.svg
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ecc88a31066efb1975390cd46a9072262fd0a18e4c330691b7094ef8f4b0972

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
cache-control: no-cache, no-store, must-revalidate
x-error: 1
cf-ray: 6b2117b6afad695e-FRA
x-dw-request-base-id: 0YzRz0phm2EBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 22 Nov 2021 10:00:15 GMT

GET
H2 200 tags Show response
creativecdn.com/ Frame 49B3 127 B
494 B 263ms
262ms Document
text/html 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/tags?type=iframe&id=pr_NzbF0wJnObNMyda1oWiD_listing_PM_CHANEL_Rouge_Allure_Holiday%2C006615539486%2C274615556318%2C009115540928%2C014815114954%2C026115403160%2C006615539479%2C274615556311%2CPM_MAKE_UP_FOR_EVER_Rouge_Artist_Shine_On%2CPM_SHISEIDO_Ultimune_Power_Infusing_Concentrate%2C274615556310%2C034815539735%2C009114952517%2C019314783533%2C274615556314%2CPM_Rouge_G_de_Guerlain_The_Double_Mirror_Case%2CPM_GUERLAIN_Rouge_G_Luxurious_Velvet%2C014815114961%2C014815114959%2C027815489540%2C014815114955%2C014815114958%2C014815114956%2C014815114957%2CPM_MAKE_UP_FOR_EVER_Rouge_Artist_Metallic%2CPM_MAKE_UP_FOR_EVER_Pro_Glow_Powder%2C021715242631%2C021715242628%2C274615556316%2C274615556315%2C274615556317%2C274615556312%2C274615556313%2C006615539480%2C006615539483%2CPM_CHANEL_Ombre_Premi%C3%A8re_Laque_Glitter%2CPM_GIORGIO_ARMANI_My_Way_Intense_EDP%2CPM_WBF_Flawless_Skin_Foundation%2C274615556301%2C033315585762%2C033315585761%2C033315585758%2C033315585756%2C033315585760%2C033315585759%2C005715329029%2C034815566221%2C034815539737&id=pr_NzbF0wJnObNMyda1oWiD_custom_country_SA&id=pr_NzbF0wJnObNMyda1oWiD_custom_lang_ar&id=pr_NzbF0wJnObNMyda1oWiD_lid_Pbda4wF4dlFGRQXAdZPD&su=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&sr=&ts=1637572939324
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: ad0eabdca8ac905b0b89906df677746d2bf7a4a30b633b2629840ea61b17b1d3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT Mon, 22 Nov 2021 09:22:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin, Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-length: 136

OPTIONS
H2 204 z
carrier.useinsider.com/y/v2/ Frame 0
0 83ms
56ms Preflight 2606:4700::6811:a772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carrier.useinsider.com/y/v2/z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,partner
Origin: https://www.faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
access-control-allow-headers: content-type,partner
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b2117b70eff4dbe-FRA

GET
H2 200 / Show response
location.api.useinsider.com/ 260 B
473 B 85ms
53ms XHR
application/json 2606:4700::6811:ab72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://location.api.useinsider.com/?v=2&pId=10004995&
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ab72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39510f0c4a2bbad0ac129a1a932714c1073f8d0881292e28ddc384cac731653f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 6b2117b70d134abc-FRA
content-type: application/json

POST
H2 200 z Show response
carrier.useinsider.com/y/v2/ 977 B
556 B 50ms
46ms XHR
application/json 2606:4700::6811:a772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carrier.useinsider.com/y/v2/z
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9e534066299cad3e162c83cd143468569f8ac4e80d855c70d2c647cbe3c912

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
partner: facesuae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 6b2117b76f914dbe-FRA

GET
H2 200 163757293935930a2763953.27e36d70 Show response
segment.api.useinsider.com/v4/segments/ 927 B
641 B 83ms
54ms XHR
application/json 2606:4700::6811:a772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://segment.api.useinsider.com/v4/segments/163757293935930a2763953.27e36d70?partnerid=10004995&fields=f731f192b264d3f63bacaaca63cfc2e7,ac8b3b39457e2421ae464becd4f086a4,35837be45f4aeaef750d667c40c5bd45&
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec9778203ad578836fc1ff2751878ad0fc6b237dda49fa845658350a79df84f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-ray: 6b2117b70ae5c2b3-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 59ms
32ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-25600489-1&cid=802785177.1637572939&jid=957691697&_u=aGDAiEADRAAAAE~&z=546515449

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 59ms
32ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-25600489-1&cid=802785177.1637572939&jid=957691697&_u=aGDAiEADRAAAAE~&z=546515449

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pub9bea4e5bb561cc8dcd5c4cef1ca5828a
rum-http-intake.logs.datadoghq.eu/v1/input/ 2 B
60 B 60ms
60ms Ping
application/json 2600:1901:0:662c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pub9bea4e5bb561cc8dcd5c4cef1ca5828a?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Afaces-sa%2Cversion%3A1.0.0&batch_time=1637572939403
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:662c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 09:22:19 GMT
via: 1.1 google
alt-svc: clear
content-length: 2
content-type: application/json

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
134 B 68ms
59ms XHR
text/plain 2606:4700::6811:a772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: 7b80fab5-394b-4216-ae13-87461bbac575
cf-ray: 6b2117b77fa94dbe-FRA
content-length: 16

GET
H2 200 3145891511673_.jpg
www.faces.com/dw/image/v2/BDCL_PRD/on/demandware.static/-/Sites-faces-master-catalog/default/dw7960314b/product/3145891511673_/ 6 KB
6 KB 27ms
24ms Image
image/webp 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/dw/image/v2/BDCL_PRD/on/demandware.static/-/Sites-faces-master-catalog/default/dw7960314b/product/3145891511673_/3145891511673_.jpg?sw=380&sh=380
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2366e510291d27d9205308729c8f24461c3770be536b1ceb28982b7bfd6779e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
via: 1.1 38cd7af284abc93ec90df724e8a12850.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 68796
cf-polished: qual=85, origFmt=jpeg, origSize=9396
x-cache: Miss from cloudfront
content-disposition: inline; filename="3145891511673_.webp"
content-length: 5634
x-amz-expiration: expiry-date="Thu, 22 Dec 2022 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Sun, 21 Nov 2021 14:09:50 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=380&sh=380
etag: "3150699f99e4f84b2f4a0efff571957b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 22 Dec 2021 09:22:19 GMT
cache-control: public, max-age=2592000
x-amz-cf-pop: BAH53-C1
accept-ranges: bytes
cf-ray: 6b2117b769db695e-FRA
x-amz-cf-id: 6ctd2qJALpaTX8hYkatWn5y3404Cu_dmfThbm36TTknVYoy_AB6-eA==
cf-bgj: imgq:85,h2pri

GET
H2 200 3145891863376_.jpg
www.faces.com/dw/image/v2/BDCL_PRD/on/demandware.static/-/Sites-faces-master-catalog/default/dw505a31a6/product/3145891863376_/ 7 KB
7 KB 25ms
23ms Image
image/webp 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/dw/image/v2/BDCL_PRD/on/demandware.static/-/Sites-faces-master-catalog/default/dw505a31a6/product/3145891863376_/3145891863376_.jpg?sw=380&sh=380
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20a2a56d67d3ebebc92133859edde53e265633870462163c58e09cc4ffffc1c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 51270
x-amzn-requestid: c287f904-3c22-4779-b5fa-a8efa248159e
x-cache: Hit from cloudfront
content-disposition: inline; filename="3145891863376_.webp"
x-amz-apigw-id: JKGkEF8MIAMFUNw=
content-length: 6774
last-modified: Sun, 21 Nov 2021 19:07:49 GMT
server: cloudflare
x-amzn-trace-id: Root=1-619a514d-3592c3ad25956a511fa8b44c;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 22 Dec 2021 09:22:19 GMT
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=9634
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
cf-ray: 6b2117b769de695e-FRA
x-amz-cf-id: sKUKkT8bFhlN2XsWEmhXXFLu9P2sqTqTZc9LkV4w9NGETB6gOJDOvg==
cf-bgj: imgq:85,h2pri

GET
H2 200 3700550227427____.jpg
www.faces.com/dw/image/v2/BDCL_PRD/on/demandware.static/-/Sites-faces-master-catalog/default/dw419b6375/product/3700550227427__/ 22 KB
23 KB 23ms
21ms Image
image/jpeg 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/dw/image/v2/BDCL_PRD/on/demandware.static/-/Sites-faces-master-catalog/default/dw419b6375/product/3700550227427__/3700550227427____.jpg?sw=380&sh=380
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8846cf1de76fdfc4b02ddc7b9cfd40ad89ec8b672b885ac3edd06e9581246d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 35499
cf-polished: degrade=85, origSize=24323, status=webp_bigger
x-cache: Hit from cloudfront
content-length: 22679
x-amz-expiration: expiry-date="Thu, 22 Dec 2022 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Sun, 21 Nov 2021 10:44:37 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=380&sh=380
etag: "4d40624bbadefaa3a667a35a5ad400d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 22 Dec 2021 09:22:19 GMT
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
cf-ray: 6b2117b769e2695e-FRA
x-amz-cf-id: YWBiPxHU-H_XmLVA2nC0yceZ3XoUHHwE7fxCvVJMe4qmAxqXJZTCXg==
cf-bgj: imgq:85,h2pri

GET
H2 200 3348901569859_.jpg
www.faces.com/dw/image/v2/BDCL_PRD/on/demandware.static/-/Sites-faces-master-catalog/default/dw8528362e/product/3348901569859_/ 5 KB
5 KB 25ms
23ms Image
image/webp 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/dw/image/v2/BDCL_PRD/on/demandware.static/-/Sites-faces-master-catalog/default/dw8528362e/product/3348901569859_/3348901569859_.jpg?sw=380&sh=380
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3105661a04cd8afddc54336ff77f59910b7544980c68ac4769d31736c2177d38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
via: 1.1 042ecc89a1780cbeac8044aa867f1880.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 68797
cf-polished: qual=85, origFmt=jpeg, origSize=7281
x-cache: Hit from cloudfront
content-disposition: inline; filename="3348901569859_.webp"
content-length: 5054
x-amz-expiration: expiry-date="Thu, 22 Dec 2022 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Sun, 21 Nov 2021 14:02:27 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=380&sh=380
etag: "2dc0526950cb89575379b5f67af23c90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 22 Dec 2021 09:22:19 GMT
cache-control: public, max-age=2592000
x-amz-cf-pop: BAH53-C1
accept-ranges: bytes
cf-ray: 6b2117b769e4695e-FRA
x-amz-cf-id: yWK5Mqnncek1DW8TBBjXnZOsJP5l3D50okRTI8fAsctbQcyFpWe4_A==
cf-bgj: imgq:85,h2pri

GET
H2 200 3614229387681_1.jpg
www.faces.com/dw/image/v2/BDCL_PRD/on/demandware.static/-/Sites-faces-master-catalog/default/dw2e7f39e4/product/3614229387681_1/ 6 KB
7 KB 24ms
22ms Image
image/webp 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/dw/image/v2/BDCL_PRD/on/demandware.static/-/Sites-faces-master-catalog/default/dw2e7f39e4/product/3614229387681_1/3614229387681_1.jpg?sw=380&sh=380
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c4414f8667327ff8063539fcb789331495b0d6e24d1caa107b0797a37a3f811

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
via: 1.1 98652de9f742fc1df9de714d921e14c3.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 53612
x-amzn-requestid: ebb2eac5-26cc-45d5-a46c-27cbab686ebe
x-cache: Hit from cloudfront
content-disposition: inline; filename="3614229387681_1.webp"
x-amz-apigw-id: JJpERE3foAMFTbA=
content-length: 6390
last-modified: Sun, 21 Nov 2021 18:28:47 GMT
server: cloudflare
x-amzn-trace-id: Root=1-619a221b-472ac0bf4367efec2d1e137c;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 22 Dec 2021 09:22:19 GMT
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=9407
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
cf-ray: 6b2117b769e8695e-FRA
x-amz-cf-id: ZamLOWZswBlCafjwCJ1Iplao4bDNR5kGktLafAFmvMU-mJfYrstZNA==
cf-bgj: imgq:85,h2pri

GET
H2 200 5056245009068__3_.jpg
www.faces.com/dw/image/v2/BDCL_PRD/on/demandware.static/-/Sites-faces-master-catalog/default/dwfc3d9c2d/product/5056245009068__3_/ 11 KB
11 KB 23ms
21ms Image
image/webp 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/dw/image/v2/BDCL_PRD/on/demandware.static/-/Sites-faces-master-catalog/default/dwfc3d9c2d/product/5056245009068__3_/5056245009068__3_.jpg?sw=380&sh=380
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569303dbda2c0cf38eed8b0617c9234e12d96210e3bffd0a7806693c442b1fed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 50847
cf-polished: qual=85, origFmt=jpeg, origSize=12816
x-cache: Hit from cloudfront
content-disposition: inline; filename="5056245009068__3_.webp"
content-length: 11010
x-amz-expiration: expiry-date="Thu, 22 Dec 2022 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Sun, 21 Nov 2021 10:44:59 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=380&sh=380
etag: "368801dd82b673b4aa61cfb2a825a69e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 22 Dec 2021 09:22:19 GMT
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
cf-ray: 6b2117b769ea695e-FRA
x-amz-cf-id: _FzvZpBIptTZNl7AFeSCCjGkymlxe4_prndkM8xZut9a4v9-yEvFzw==
cf-bgj: imgq:85,h2pri

GET
H2 200 event Show response
sslwidget.criteo.com/ 7 KB
8 KB 65ms
32ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://sslwidget.criteo.com/event?a=25074&v=5.8.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255BPM_CHANEL_Rouge_Allure_Holiday%252C006615539486%252C274615556318%255D&p3=e%3Ddis&adce=1&bundle=vB05x19QM1JvN0t1bkZEWVFtZSUyQnkydmllSU1HS0daMyUyRjhaR3E1WnMwc3V2TmsyYXdZUEUzUXZzTVhvWkxwc2NuQUF3QyUyRmdhYmNFVkZGWUdDZ1IxWG0xamhFUk5ZalN5QnRoZVV3Zjh2MTlVV0RsUnJsRk1pTEJVNVQxNVJXRWVWJTJCNWMydWtPOXBWR3g2ZlpqYlgzN1VBa3NLZyUzRCUzRA&tld=faces.com&dtycbr=38977
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 576912c93e6ce0e84f9c4ea15638dc1f6af2b4f86e5826291961aa233cc3d196

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:18 GMT
content-type: application/x-javascript
server: Kestrel
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 17605201
timing-allow-origin: *
expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/870545674/ 3 KB
2 KB 50ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/870545674/?random=1637572939454&cv=9&fst=1637572939454&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&data=country%3DSA%3Blanguage%3Dar%3Bgoogle_user_id%3DNone&frm=0&url=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&tiba=%D8%AA%D8%B3%D9%88%D9%91%D9%82%20%D9%88%D8%B5%D9%84%20%D8%AD%D8%AF%D9%8A%D8%AB%D8%A7%20%D8%A7%D9%88%D9%84%D8%A7%D9%8A%D9%86%20%D9%81%D9%8A%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9%20%E2%80%A2%20FACES%20(%D9%88%D8%AC%D9%88%D9%87)&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9771f57e890c58ca885d9e9d11e3a6f5185201263e1dc13408c4b69287d0bfe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1254
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cm
cm.creativecdn.com/adx/ Frame BB4C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=OEVmRkUxeUdjamEzSVcyTjhVdUY%3D&pi=adx&tdc=ams&chain=
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm=&google_sc=&google_ula=5153224&google_hm=OEVmRkUxeUdjamEzSVcyTjhVdUY%3D&pi=adx&tdc=ams&chain=&google_tc=
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEPIZsXAgodTfYRXeUF7tLYE&google_cver=1&google_ula=5153224,0

42 B
243 B

36ms
13ms

Image
image/gif

185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEPIZsXAgodTfYRXeUF7tLYE&google_cver=1&google_ula=5153224,0
Requested by: Host: creativecdn.com
URL: https://creativecdn.com/tags?type=iframe&id=pr_NzbF0wJnObNMyda1oWiD_newoffers&id=pr_NzbF0wJnObNMyda1oWiD_custom_country_SA&id=pr_NzbF0wJnObNMyda1oWiD_custom_lang_ar&id=pr_NzbF0wJnObNMyda1oWiD_lid_Pbda4wF4dlFGRQXAdZPD&su=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&sr=&ts=1637572939224&tc=1
Protocol: H2
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creativecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:19 GMT, Mon, 22 Nov 2021 09:22:19 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEPIZsXAgodTfYRXeUF7tLYE&google_cver=1&google_ula=5153224,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 354
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pub9bea4e5bb561cc8dcd5c4cef1ca5828a
rum-http-intake.logs.datadoghq.eu/v1/input/ 2 B
60 B 70ms
70ms Ping
application/json 2600:1901:0:662c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pub9bea4e5bb561cc8dcd5c4cef1ca5828a?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Afaces-sa%2Cversion%3A1.0.0&batch_time=1637572939514
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:662c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 09:22:19 GMT
via: 1.1 google
alt-svc: clear
content-length: 2
content-type: application/json

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 46 B
313 B 38ms
22ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=565dd7a4-9d58-4128-b94b-d4a5ae0ba783

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

0fa62606a05f49c02f92636ac2d6e5e5842b13b8676f66cf8f6601c0fa82c365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: aHITRISMlvGpfMbh0WFV+VQMfNNUvOLfK64Biv9GnNY4OwgPbC6NsdWGJtWMLqKhRDwWKnDii5brh4L7OqVS2Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 22 Nov 2021 09:22:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1705062346455178 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 142ms
133ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1705062346455178?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a4ba6b3a53125abb24de9fccf76533354f265775f5d55e1757940f6ae54f10d3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 0qt23SSvQNHgbOdQg6BMI9cloiBCtJEXetQDaFW/p2lsjoRGeLUXab1SGjP97DTSmA45Pyn5GWqXLEPAY3IiAA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 22 Nov 2021 09:22:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
BLOB 200
OK 64350f19-1762-4118-8c9d-ef5d8026774c
https://www.faces.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.faces.com/64350f19-1762-4118-8c9d-ef5d8026774c
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80001c402149eff011b5e7e87c3dd72dc2de45d3d430d98418eb62c2ec5ad596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 17224
Content-Type: application/javascript

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
734 B 179ms
178ms Ping
application/octet-stream 2.16.186.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1FH0V48PMMOGUUN5IVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a1a3e3f1.2faee58c
date: Mon, 22 Nov 2021 09:22:19 GMT
x-cache-remote: TCP_MISS from a104-88-71-101.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1637572939657541
x-cache: TCP_MISS from a2-16-186-157.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 167,2.16.186.157
server-timing: cdn-cache; desc=MISS, edge; dur=152, origin; dur=15, inner; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2021112209221901024513011308936117
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,104.88.71.101
x-tt-trace-host: 0169d63868368e29681546f0880be44ba6617242fe833ae874a8fb2f7f7a7158bb66b8b32c8c721612a7331c9358ad9c48db8ea155f688ccb605c84d1eb7648d35ea929c60eeea91a28fe3de1ac7fdc459dcc45ce5770c68b95902348a02a910957ceea314e042fc92b9d3fb49bcedb822
expires: Mon, 22 Nov 2021 09:22:19 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
708 B 177ms
177ms Ping
application/octet-stream 2.16.186.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1FH0V48PMMOGUUN5IVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 59e64134.2faee591
date: Mon, 22 Nov 2021 09:22:19 GMT
x-cache-remote: TCP_MISS from a104-88-71-124.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-157.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 164,2.16.186.157
server-timing: cdn-cache; desc=MISS, edge; dur=153, origin; dur=12, inner; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20211122092219010245130131126820EE
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,104.88.71.124
x-tt-trace-host: 0169d63868368e29681546f0880be44ba6617242fe833ae874a8fb2f7f7a7158bbf46ccc1c0663ae311eae9a14e39a6ba7897f1a8e501f605b4f07ae1e3be79d3fc82ff10697886b1ad8ea280cbf634b8fedc17173cca12f02a9aef79cdcf4a35ae676b77f5e73d9bdb462453cc90579b5
expires: Mon, 22 Nov 2021 09:22:19 GMT

POST
H3 413 collect
www.google-analytics.com/ 0
0 16ms
16ms Ping
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/collect
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 i Show response
tr.snapchat.com/cm/ Frame D5A7 0
12 B 31ms
21ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=565dd7a4-9d58-4128-b94b-d4a5ae0ba783

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/

Response headers

server: nginx/1.17.3
date: Mon, 22 Nov 2021 09:22:19 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 pub9bea4e5bb561cc8dcd5c4cef1ca5828a
rum-http-intake.logs.datadoghq.eu/v1/input/ 2 B
60 B 17ms
17ms Ping
application/json 2600:1901:0:662c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pub9bea4e5bb561cc8dcd5c4cef1ca5828a?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Afaces-sa%2Cversion%3A1.0.0&batch_time=1637572939595
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:662c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 09:22:19 GMT
via: 1.1 google
alt-svc: clear
content-length: 2
content-type: application/json

POST
H2 204 collect Show response
f.clarity.ms/ 0
69 B 101ms
101ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.faces.com
date: Mon, 22 Nov 2021 09:22:18 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H3 200 p Show response
tr.snapchat.com/ Frame 4D5B 0
15 B 27ms
27ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.faces.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/

Response headers

server: nginx/1.17.3
date: Mon, 22 Nov 2021 09:22:19 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 /
www.google.com/pagead/1p-user-list/870545674/ 42 B
64 B 38ms
19ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/870545674/?random=1637572939454&cv=9&fst=1637571600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&data=country%3DSA%3Blanguage%3Dar%3Bgoogle_user_id%3DNone&frm=0&url=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&tiba=%D8%AA%D8%B3%D9%88%D9%91%D9%82%20%D9%88%D8%B5%D9%84%20%D8%AD%D8%AF%D9%8A%D8%AB%D8%A7%20%D8%A7%D9%88%D9%84%D8%A7%D9%8A%D9%86%20%D9%81%D9%8A%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9%20%E2%80%A2%20FACES%20(%D9%88%D8%AC%D9%88%D9%87)&async=1&fmt=3&is_vtc=1&random=2390586920&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/870545674/ 42 B
64 B 36ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/870545674/?random=1637572939454&cv=9&fst=1637571600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&data=country%3DSA%3Blanguage%3Dar%3Bgoogle_user_id%3DNone&frm=0&url=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&tiba=%D8%AA%D8%B3%D9%88%D9%91%D9%82%20%D9%88%D8%B5%D9%84%20%D8%AD%D8%AF%D9%8A%D8%AB%D8%A7%20%D8%A7%D9%88%D9%84%D8%A7%D9%8A%D9%86%20%D9%81%D9%8A%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9%20%E2%80%A2%20FACES%20(%D9%88%D8%AC%D9%88%D9%87)&async=1&fmt=3&is_vtc=1&random=2390586920&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pub9bea4e5bb561cc8dcd5c4cef1ca5828a
rum-http-intake.logs.datadoghq.eu/v1/input/ 2 B
60 B 71ms
71ms Ping
application/json 2600:1901:0:662c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pub9bea4e5bb561cc8dcd5c4cef1ca5828a?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Afaces-sa%2Cversion%3A1.0.0&batch_time=1637572939670
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:662c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 09:22:19 GMT
via: 1.1 google
alt-svc: clear
content-length: 2
content-type: application/json

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 49B3
Redirect Chain

https://ib.adnxs.com/setuid?entity=315&code=8EfFE1yGcja3IW2N8UuF
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3D8EfFE1yGcja3IW2N8UuF

43 B
1 KB

19ms
19ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3D8EfFE1yGcja3IW2N8UuF

Requested by

Host: creativecdn.com
URL: https://creativecdn.com/tags?type=iframe&id=pr_NzbF0wJnObNMyda1oWiD_listing_PM_CHANEL_Rouge_Allure_Holiday%2C006615539486%2C274615556318%2C009115540928%2C014815114954%2C026115403160%2C006615539479%2C274615556311%2CPM_MAKE_UP_FOR_EVER_Rouge_Artist_Shine_On%2CPM_SHISEIDO_Ultimune_Power_Infusing_Concentrate%2C274615556310%2C034815539735%2C009114952517%2C019314783533%2C274615556314%2CPM_Rouge_G_de_Guerlain_The_Double_Mirror_Case%2CPM_GUERLAIN_Rouge_G_Luxurious_Velvet%2C014815114961%2C014815114959%2C027815489540%2C014815114955%2C014815114958%2C014815114956%2C014815114957%2CPM_MAKE_UP_FOR_EVER_Rouge_Artist_Metallic%2CPM_MAKE_UP_FOR_EVER_Pro_Glow_Powder%2C021715242631%2C021715242628%2C274615556316%2C274615556315%2C274615556317%2C274615556312%2C274615556313%2C006615539480%2C006615539483%2CPM_CHANEL_Ombre_Premi%C3%A8re_Laque_Glitter%2CPM_GIORGIO_ARMANI_My_Way_Intense_EDP%2CPM_WBF_Flawless_Skin_Foundation%2C274615556301%2C033315585762%2C033315585761%2C033315585758%2C033315585756%2C033315585760%2C033315585759%2C005715329029%2C034815566221%2C034815539737&id=pr_NzbF0wJnObNMyda1oWiD_custom_country_SA&id=pr_NzbF0wJnObNMyda1oWiD_custom_lang_ar&id=pr_NzbF0wJnObNMyda1oWiD_lid_Pbda4wF4dlFGRQXAdZPD&su=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&sr=&ts=1637572939324

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creativecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 09:22:19 GMT
X-Proxy-Origin: 168.119.25.193; 168.119.25.193; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 4ee724ff-a113-4260-924c-22c4ee6aff63
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 09:22:19 GMT
X-Proxy-Origin: 168.119.25.193; 168.119.25.193; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ad95d6ee-c1df-4f1a-b8ee-bade4df48c99
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3D8EfFE1yGcja3IW2N8UuF
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
100 B 66ms
66ms XHR
text/plain 2606:4700::6811:a772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: 1b8e7095-3db3-434f-9bff-7bff955ab189
cf-ray: 6b2117b8fa564dbe-FRA
content-length: 16

GET
H2 200 opt-in-dialog.css
assets.api.useinsider.com/css/ 3 KB
1 KB 45ms
33ms Stylesheet
text/css 2606:4700::6811:ab72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.api.useinsider.com/css/opt-in-dialog.css
Requested by: Host: facesuae.api.useinsider.com
URL: https://facesuae.api.useinsider.com/ins.js?id=10004995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ab72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 148357
cf-polished: origSize=4371
cf-bgj: minify
pragma: public
last-modified: Fri, 19 Nov 2021 12:25:30 GMT
server: cloudflare
etag: W/"619797ba-1113"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 6b2117b90aef5b68-FRA
expires: Thu, 25 Nov 2021 09:22:19 GMT

GET
H2 200 native-push-sdk.js Show response
eitri.api.useinsider.com/static/ 10 KB
3 KB 39ms
29ms Script
application/javascript 2606:4700::6811:ab72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eitri.api.useinsider.com/static/native-push-sdk.js
Requested by: Host: facesuae.api.useinsider.com
URL: https://facesuae.api.useinsider.com/ins.js?id=10004995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ab72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caed4c0ef39873fadbc4ca0152edb35c3a188013b1964d91b89134a6c9353191

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 4831
x-amz-request-id: 3A990W3E76CVVR9N
x-amz-id-2: dhEW+TD0mBkw3dCIyX4+8jEGXwPsMWY0W0uEWSj1NiXcVNdA7fK2NkXCJeK3fWR+r55Vrz97UT0=
last-modified: Fri, 19 Nov 2021 09:08:30 GMT
server: cloudflare
etag: W/"d0c9ff449f2971b77e5cb4f8470a6cb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
x-amz-version-id: VGMtH1TzZaXKz6GvQ7q2kkzBVKuuqteQ
cf-ray: 6b2117b90aed5b68-FRA
expires: Mon, 22 Nov 2021 09:27:19 GMT

GET
H3 200 1004172819630934 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 134ms
134ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1004172819630934?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f87a2e66ba884c3393c2d9d0ff38bd6592282b09aec943e74c995c920fb28e6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: aZRNEezpIxu6CSZeaWhBlUVS6kfNvyCQ/uMkQkv+MR1lwjcSDtG7Px/A5jFAH/XWW9eZJYAHD9gP84nEcmmGkw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 22 Nov 2021 09:22:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
95 B 78ms
67ms Image
image/gif 2606:4700::6811:ab72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5mYWNlcy5jb20vc2EtYXIvbmV3YXJyaXZhbHM%2Faj00MzY1MTMmc2ZtY19zdWI9NTI0MTQ2NTUmbD05OF9IVE1MJnU9NjQyNzk2MTcmbWlkPTEwMDAzOTY1NCZqYj0xMDA2JnV0bV9zb3VyY2U9c2FsZXNmb3JjZSZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj0yMl8xMV9jcm1fS1NBX3ZpcCIsInJlZmVyZXIiOiJodHRwczovL3d3dy5mYWNlcy5jb20vc2EtYXIvbmV3YXJyaXZhbHM%2Faj00MzY1MTMmc2ZtY19zdWI9NTI0MTQ2NTUmbD05OF9IVE1MJnU9NjQyNzk2MTcmbWlkPTEwMDAzOTY1NCZqYj0xMDA2JnV0bV9zb3VyY2U9c2FsZXNmb3JjZSZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj0yMl8xMV9jcm1fS1NBX3ZpcCIsInVzZXJJZCI6IjE2Mzc1NzI5MzkzNTkzMGEyNzYzOTUzLjI3ZTM2ZDcwIiwicGxhdGZvcm0iOiJ3ZWIiLCJ0Ijoic3RvcmVMb2ciLCJ0eXBlIjoid2ViUHVzaCIsImxvZ1R5cGUiOiJuYXRpdmUtcGVybWlzc2lvbi1pbXByZXNzaW9uIiwiYnJvd3NlciI6IkNocm9tZSIsImlzTW9iaWxlIjpmYWxzZSwidXNlcklEIjoiMTYzNzU3MjkzOTM1OTMwYTI3NjM5NTMuMjdlMzZkNzAiLCJsYW5ndWFnZSI6ImFyX1NBIn0%3D&t=w&pn=facesuae
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ab72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6b2117b96b765b68-FRA
content-length: 42

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
140 B 50ms
40ms Image
image/gif 2606:4700::6811:ab72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5mYWNlcy5jb20vc2EtYXIvbmV3YXJyaXZhbHM%2Faj00MzY1MTMmc2ZtY19zdWI9NTI0MTQ2NTUmbD05OF9IVE1MJnU9NjQyNzk2MTcmbWlkPTEwMDAzOTY1NCZqYj0xMDA2JnV0bV9zb3VyY2U9c2FsZXNmb3JjZSZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj0yMl8xMV9jcm1fS1NBX3ZpcCIsInJlZmVyZXIiOiJodHRwczovL3d3dy5mYWNlcy5jb20vc2EtYXIvbmV3YXJyaXZhbHM%2Faj00MzY1MTMmc2ZtY19zdWI9NTI0MTQ2NTUmbD05OF9IVE1MJnU9NjQyNzk2MTcmbWlkPTEwMDAzOTY1NCZqYj0xMDA2JnV0bV9zb3VyY2U9c2FsZXNmb3JjZSZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj0yMl8xMV9jcm1fS1NBX3ZpcCIsInVzZXJJZCI6IjE2Mzc1NzI5MzkzNTkzMGEyNzYzOTUzLjI3ZTM2ZDcwIiwicGxhdGZvcm0iOiJ3ZWIiLCJ0Ijoic3RvcmVMb2ciLCJ0eXBlIjoid2ViUHVzaCIsImxvZ1R5cGUiOiJwdXNoLXJlcXVlc3QiLCJicm93c2VyIjoiQ2hyb21lIiwiaXNNb2JpbGUiOmZhbHNlLCJ1c2VySUQiOiIxNjM3NTcyOTM5MzU5MzBhMjc2Mzk1My4yN2UzNmQ3MCIsImxhbmd1YWdlIjoiYXJfU0EifQ%3D%3D&t=w&pn=facesuae
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ab72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6b2117b96b7a5b68-FRA
content-length: 42

POST
H2 200 pub9bea4e5bb561cc8dcd5c4cef1ca5828a
rum-http-intake.logs.datadoghq.eu/v1/input/ 2 B
60 B 57ms
57ms Ping
application/json 2600:1901:0:662c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pub9bea4e5bb561cc8dcd5c4cef1ca5828a?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Afaces-sa%2Cversion%3A1.0.0&batch_time=1637572939813
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:662c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 09:22:19 GMT
via: 1.1 google
alt-svc: clear
content-length: 2
content-type: application/json

GET
H3 200 550181102814132 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 154ms
154ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/550181102814132?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d46e201a1c928ddaca520b9076e3ae571749979fc9c0cf8fd40b0c1e601644bc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: oTEAZpvOoCul0AmZbPIdGGwDAjZxdnAw+ODwLKzQgwRT8XgSPA2GQ8HEYcojn2olPtk69haDLICBmTsddVt85Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 22 Nov 2021 09:22:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 4130162790360692 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 196ms
195ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/4130162790360692?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

712c0b6f5a52ddb5a5b30c564e83b8d791a1f122a5d3d2599a026a09af7f3e1a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: IcyF2wVIPSm/46uZ1yXPmf00JUJ71T2O8cZ1dSb7FfZQ7YAhWR6RPynB1fKdcpfIz7qcirLlFNol/OeYCCTZTA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 22 Nov 2021 09:22:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 357ms
351ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.faces.com
date: Mon, 22 Nov 2021 09:22:19 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 27ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1705062346455178&ev=PageView&dl=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&rl=&if=false&ts=1637572940374&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=62&fbp=fb.1.1637572940372.1506671317&it=1637572939539&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 22 Nov 2021 09:22:20 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 27ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1004172819630934&ev=PageView&dl=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&rl=&if=false&ts=1637572940376&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637572940372.1506671317&it=1637572939539&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 22 Nov 2021 09:22:20 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 28ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=550181102814132&ev=PageView&dl=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&rl=&if=false&ts=1637572940376&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637572940372.1506671317&it=1637572939539&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 22 Nov 2021 09:22:20 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 28ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4130162790360692&ev=PageView&dl=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&rl=&if=false&ts=1637572940377&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637572940372.1506671317&it=1637572939539&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 22 Nov 2021 09:22:20 GMT

GET
H2 200 generic1636875126998.js Show response
resources.digital-cloud-west.medallia.com/wdcwest/79106/onsite/ 360 KB
81 KB 7ms
7ms Script
application/javascript 151.101.193.230
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud-west.medallia.com/wdcwest/79106/onsite/generic1636875126998.js

Requested by

Host: resources.digital-cloud-west.medallia.com
URL: https://resources.digital-cloud-west.medallia.com/wdcwest/79106/onsite/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.230 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e7a0f700baaa95fe4adc8985e3449ac16f3110c3c98cf572fa25a8696e7fc04d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: hoeie.KXcsxzISi8gE8DD1V3Cgz3h_0G
content-encoding: gzip
etag: "2aec6bf99aa768dbb81fce98ec82bffe"
age: 697808
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 82968
x-amz-id-2: Bto41ZoPyDAM3hik4umLhSrI/Kd6gEocwyENAuNCvH31+BG2z45AArrtIrfPhrHX93Q5E0ZgXtw=
x-served-by: cache-sea4476-SEA, cache-fra19183-FRA
last-modified: Sun, 14 Nov 2021 07:32:09 GMT
server: AmazonS3
x-timer: S1637572940.411900,VS0,VE0
date: Mon, 22 Nov 2021 09:22:20 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: QMKKWG0YWT5J653M
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 2

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame 74A5
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=HmvRCtPMH6FYiMO9V5Dl6D-yQCPpyvTO

42 B
415 B

33ms
15ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=HmvRCtPMH6FYiMO9V5Dl6D-yQCPpyvTO
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 09:22:20 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=HmvRCtPMH6FYiMO9V5Dl6D-yQCPpyvTO
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2730
date: Mon, 22 Nov 2021 09:22:20 GMT
content-length: 197
content-type: text/html; charset=utf-8

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 74A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1NZTBtNmYtNDhscWEtYlR4UUllZjRERjVPMjhJYTVtRFZOYUh6QQ
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
341 B

13ms
13ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Protocol: H2
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:19 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 169649
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame 74A5
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-Me0m6f-48lqa-bTxQIef4DF5O28Ia5mDVNaHzA&custom=&tag_format=img&tag_action=sync&custom=&cb=0d7ddfa2-ce1e-4ab4-9a78-8e1157c...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-Me0m6f-48lqa-bTxQIef4DF5O28Ia5mDVNaHzA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=0d7ddfa2-ce1e-4ab...

0
638 B

38ms
38ms

Image
text/plain

34.255.68.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-Me0m6f-48lqa-bTxQIef4DF5O28Ia5mDVNaHzA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=0d7ddfa2-ce1e-4ab4-9a78-8e1157ce0dfe&final=true&reqid=b1aa0810-4b75-11ec-a253-034f8c55b2d4&timestamp=2021-11-22T09%3A22%3A20.561Z
Protocol: HTTP/1.1
Server: 34.255.68.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-68-26.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:22:20 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.18.0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 22 Nov 2021 09:22:20 GMT
Server: nginx/1.18.0
Vary: Accept, Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /?account_id=1043&partner_id=1048&uid=k-Me0m6f-48lqa-bTxQIef4DF5O28Ia5mDVNaHzA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=0d7ddfa2-ce1e-4ab4-9a78-8e1157ce0dfe&final=true&reqid=b1aa0810-4b75-11ec-a253-034f8c55b2d4&timestamp=2021-11-22T09%3A22%3A20.561Z
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 294
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
cm.mgid.com/ Frame 74A5 43 B
811 B 77ms
58ms Image
image/gif 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617660&c=k-Me0m6f-48lqa-bTxQIef4DF5O28Ia5mDVNaHzA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b2117bdede25b3e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 74A5
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-Me0m6f-48lqa-bTxQIef4DF5O28Ia5mDVNaHzA
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-Me0m6f-48lqa-bTxQIef4DF5O28Ia5mDVNaHzA

95 B
425 B

15ms
15ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-Me0m6f-48lqa-bTxQIef4DF5O28Ia5mDVNaHzA

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-Me0m6f-48lqa-bTxQIef4DF5O28Ia5mDVNaHzA
date: Mon, 22 Nov 2021 09:22:20 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 74A5 0
446 B 26ms
9ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 74A5 43 B
715 B 115ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:20 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 22 Nov 2021 09:22:20 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 74A5
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4FXjU_-48lqa-bTxQIef4DF5O2-pK8wZsjlbdA
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4FXjU_-48lqa-bTxQIef4DF5O2-pK8wZsjlbdA&verify=true

0
121 B

17ms
17ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4FXjU_-48lqa-bTxQIef4DF5O2-pK8wZsjlbdA&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4FXjU_-48lqa-bTxQIef4DF5O2-pK8wZsjlbdA&verify=true
date: Mon, 22 Nov 2021 09:22:20 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 74A5 0
476 B 358ms
90ms Image
text/plain 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-VioDzP-48lqa-bTxQIef4DF5O28gE0BS645nUg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:22:20 GMT
Cache-Control: no-cache
X-TraceId: e5c4626e439b4575885a22833b671490
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame 74A5 0
423 B 157ms
138ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-Me0m6f-48lqa-bTxQIef4DF5O28Ia5mDVNaHzA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:20 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 22 Nov 2021 09:22:20 GMT

GET tap.php
pixel.rubiconproject.com/ Frame 74A5 0
0

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 74A5 43 B
1 KB 25ms
7ms Image
image/gif 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-6Z2fHv-48lqa-bTxQIef4DF5O2-DQ-zbO5IleQ&seg=95287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 09:22:20 GMT
X-Proxy-Origin: 168.119.25.193; 168.119.25.193; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ee27542b-0b34-4d52-9edd-8d3ae5b1a70a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 74A5
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-6Z2fHv-48lqa-bTxQIef4DF5O2-DQ-zbO5IleQ&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-6Z2fHv-48lqa-bTxQIef4DF5O2-DQ-zbO5IleQ&expires=30&user_group=5

43 B
495 B

10ms
9ms

Image
image/gif

18.194.231.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-6Z2fHv-48lqa-bTxQIef4DF5O2-DQ-zbO5IleQ&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 18.194.231.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-231-4.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:22:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-6Z2fHv-48lqa-bTxQIef4DF5O2-DQ-zbO5IleQ&expires=30&user_group=5
Date: Mon, 22 Nov 2021 09:22:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixelCt.tpmn
ad.tpmn.co.kr/ Frame 74A5 170 B
591 B 284ms
267ms Image
image/png 34.102.166.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-6GzRHP-48lqa-bTxQIef4DF5O299CcursiaQ9w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.166.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.166.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:19 GMT
content-encoding: gzip
vary: accept-encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
content-type: image/png;charset=utf-8
alt-svc: clear
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 74A5 42 B
673 B 53ms
13ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-vK30ov-48lqa-bTxQIef4DF5O2-OkabBR8zPAw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:19 GMT
cache-control: no-store, no-cache, private
x-lat: amspug019:0:467
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK Criteo
crb.kargo.com/api/v1/dsync/ Frame 74A5 43 B
360 B 34ms
8ms Image
image/gif 3.127.62.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/Criteo?exid=k-Me0m6f-48lqa-bTxQIef4DF5O28Ia5mDVNaHzA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.62.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-62-220.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 09:22:20 GMT
Vary: Origin
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Krk-Reject-Reason: consent
Content-Length: 43
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

xuid
eb2.3lift.com/ Frame 74A5
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-aXg49f-48lqa-bTxQIef4DF5O280rJ2TZaTdpA&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-aXg49f-48lqa-bTxQIef4DF5O280rJ2TZaTdpA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
351 B

10ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-aXg49f-48lqa-bTxQIef4DF5O280rJ2TZaTdpA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-aXg49f-48lqa-bTxQIef4DF5O280rJ2TZaTdpA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Mon, 22 Nov 2021 09:22:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

k-x41itP-48lqa-bTxQIef4DF5O2-hIJPLObi5Ew
an.yandex.ru/mapuid/criteois/ Frame 74A5
Redirect Chain

https://an.yandex.ru/mapuid/criteois/k-x41itP-48lqa-bTxQIef4DF5O2-hIJPLObi5Ew
https://an.yandex.ru/mapuid/criteois/k-x41itP-48lqa-bTxQIef4DF5O2-hIJPLObi5Ew?redir-setuniq=1

43 B
108 B

54ms
53ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/criteois/k-x41itP-48lqa-bTxQIef4DF5O2-hIJPLObi5Ew?redir-setuniq=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:20 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 09:22:20 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 22 Nov 2021 09:22:20 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:20 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 09:22:20 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/criteois/k-x41itP-48lqa-bTxQIef4DF5O2-hIJPLObi5Ew?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 22 Nov 2021 09:22:20 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 74A5 45 B
781 B 58ms
38ms Image
image/gif 104.76.200.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Ilj4Ov-48lqa-bTxQIef4DF5O28Lfo2j_obMbg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Mon, 22 Nov 2021 09:22:20 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 22 Nov 2021 09:22:20 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 74A5
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-CO2knv-48lqa-bTxQIef4DF5O2_4H5G6xQuexw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-CO2knv-48lqa-bTxQIef4DF5O2_4H5G6xQuexw&C=1

43 B
1 KB

29ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-CO2knv-48lqa-bTxQIef4DF5O2_4H5G6xQuexw&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 09:22:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 09:22:20 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 09:22:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-CO2knv-48lqa-bTxQIef4DF5O2_4H5G6xQuexw&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Mon, 22 Nov 2021 09:22:20 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame 74A5 0
239 B 26ms
8ms Image
text/plain 2600:9000:20eb:ce00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-s-P-A_-48lqa-bTxQIef4DF5O29EvnxFockFDA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ce00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: tRlpLVfWQQAZAluCAPtBxNMuGvCO7noUEGrTnuYXKxE8P5UwNymxnw==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2 200 sync
ad.as.amanad.adtdp.com/v1/ Frame 74A5 42 B
843 B 249ms
229ms Image
image/gif 143.204.98.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.as.amanad.adtdp.com/v1/sync?dsp_id=4,5&uid=k-mk4slP-48lqa-bTxQIef4DF5O284cTs97vgAAg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-53.fra50.r.cloudfront.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:20 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-trace-id: Root=1-00000000-000000000000000000000000
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 42
x-amz-cf-id: TjKKANH3-71ganngq0OAkis5XhO6UgevzDbwfj9EydwqOhTFUWINqg==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 74A5 35 B
337 B 118ms
48ms Image
image/gif 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-gvJU1_-48lqa-bTxQIef4DF5O29v-WjSCmgY4Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-9-63.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame 74A5 23 B
172 B 70ms
49ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-91leU_-48lqa-bTxQIef4DF5O2-_O1eDvgB8fA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:20 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 22 Nov 2021 09:22:20 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 74A5 0
229 B 45ms
12ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-DBQHRv-48lqa-bTxQIef4DF5O2-7-hV4AdMMNw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9077

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 36ms
22ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MHNYJPR02R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8XT3DV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a8d0697f4e132bdf2ffbe2bf6422164f275f16b9d25198cc2333408f858ac57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61950
x-xss-protection: 0
expires: Mon, 22 Nov 2021 09:22:20 GMT

GET
H2 200 d202634160763a231e32b2dca7c5769f.js Show response
app.unali.io/widgets/widget/ 1 KB
1 KB 97ms
58ms Script
text/javascript 2606:4700:3031::ac43:9eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.unali.io/widgets/widget/d202634160763a231e32b2dca7c5769f.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8XT3DV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9eeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9875690691e287b073c7216901571983f31826543b136d3987225790fe9ea07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFR4LLVYw%2FpUwhmhEK5dsREUPw3MQOMxIJDVeJhE%2Ftlc4XYXRuLcTHzr1UtpMx7pX6%2FsvwQ%2FEWlnen6niBPnEAbey%2BqqLIrq3BIRQ8xU2SCu7opFcLLCwsNMsJcMSy%2FRGKhP4NgNOrrr2OE%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 11859af7-d2c5-43c6-9109-be70e3bd5c49
x-runtime: 0.009843
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"9875690691e287b073c7216901571983"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 6b2117bf281d2b35-FRA

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Ping
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.faces.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 59 B
415 B 110ms
94ms XHR
text/plain 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

x-me: prod-instance-gatewayservice-green-lxhn
date: Mon, 22 Nov 2021 09:22:20 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.faces.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 59
x-application-context: application:9090

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 74A5
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4331465487264750111

43 B
342 B

16ms
16ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4331465487264750111
Protocol: H2
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:20 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3257546
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 09:22:20 GMT
X-Proxy-Origin: 168.119.25.193; 168.119.25.193; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 054ee382-b9c4-4082-9623-b4e8f01e622b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4331465487264750111
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 74A5 43 B
220 B 9ms
8ms Image
image/gif 18.194.231.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-85Y3gf-48lqa-bTxQIef4DF5O28n-IXJ8V9x6g&expires=30&user_group=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.231.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-231-4.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:22:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 204 collect
analytics.google.com/g/ 0
346 B 39ms
14ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MHNYJPR02R&gtm=2oeba1&_p=609072164&sr=1600x1200&_gaz=1&ul=en-us&cid=802785177.1637572939&_s=1&dl=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&dt=%D8%AA%D8%B3%D9%88%D9%91%D9%82%20%D9%88%D8%B5%D9%84%20%D8%AD%D8%AF%D9%8A%D8%AB%D8%A7%20%D8%A7%D9%88%D9%84%D8%A7%D9%8A%D9%86%20%D9%81%D9%8A%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9%20%E2%80%A2%20FACES%20(%D9%88%D8%AC%D9%88%D9%87)&sid=1637572940&sct=1&seg=0&uid=None&en=page_view&_fv=1&_ss=2&up.country_code=SA&up.language_code=ar&up.country_and_language_code=SA%20-%20ar&up.page_type=other&up.sha256_hashed_email_address=&up.login_status=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHNYJPR02R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.faces.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 40ms
18ms Ping
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MHNYJPR02R&cid=802785177.1637572939&gtm=2oeba1&aip=1&uid=None
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHNYJPR02R&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.faces.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MHNYJPR02R&cid=802785177.1637572939&gtm=2oeba1&aip=1&uid=None&z=69780717

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 74A5 42 B
186 B 15ms
15ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMjMmdGw9MTI5NjAw&piggybackCookie=uid:k-vK30ov-48lqa-bTxQIef4DF5O2-OkabBR8zPAw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
cache-control: no-store, no-cache, private
x-lat: amspug006:0:426
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 / Show response
chalhoub1-app.quantummetric.com/ 90 B
426 B 67ms
14ms XHR
application/json 35.187.54.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://chalhoub1-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&t=1637572940452&v=1637572940580&z=1&S=0&N=0&P=0

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.187.54.69 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

69.54.187.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

4cf1cfde368c9cf35fb9f2dfd68d9cb57838e9952b4d62bb636a8ea1d70fdf8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.faces.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000

GET
H2 204 t.gif
cw.addthis.com/ Frame 74A5 0
423 B 211ms
210ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-LWhqvP-48lqa-bTxQIef4DF5O2-HMIqgzPF7Gw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:20 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 22 Nov 2021 09:22:20 GMT

POST
H2 200 / Show response
chalhoub1-app.quantummetric.com/ 0
163 B 61ms
37ms XHR
application/json 35.187.54.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.187.54.69 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

69.54.187.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.faces.com
date: Mon, 22 Nov 2021 09:22:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
strict-transport-security: max-age=31536000
content-type: application/json

POST
H2 200 pub9bea4e5bb561cc8dcd5c4cef1ca5828a
rum-http-intake.logs.datadoghq.eu/v1/input/ 2 B
60 B 55ms
55ms Ping
application/json 2600:1901:0:662c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pub9bea4e5bb561cc8dcd5c4cef1ca5828a?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Afaces-sa%2Cversion%3A1.0.0&batch_time=1637572940678
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:662c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 09:22:20 GMT
via: 1.1 google
alt-svc: clear
content-length: 2
content-type: application/json

GET
H2 200 / Show response
chalhoub1-app.quantummetric.com/ 28 B
249 B 21ms
21ms XHR
application/json 35.187.54.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://chalhoub1-app.quantummetric.com/?s=273c26fdae98b636331e5278e388f1ff&H=661b6c29ae1d6b81f7d994de&Q=3

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.187.54.69 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

69.54.187.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.faces.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 74A5 43 B
220 B 10ms
9ms Image
image/gif 18.194.231.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-LWhqvP-48lqa-bTxQIef4DF5O2-HMIqgzPF7Gw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.231.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-231-4.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:22:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 / Show response
chalhoub1-app.quantummetric.com/ 0
163 B 15ms
15ms XHR
application/json 35.187.54.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.187.54.69 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

69.54.187.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.faces.com
date: Mon, 22 Nov 2021 09:22:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
strict-transport-security: max-age=31536000
content-type: application/json

GET
H3 200 widget-27cd7393b51fcc6543ea.js Show response
app.unali.io/packs/js/ 1 MB
346 KB 67ms
45ms Script
application/javascript 2606:4700:3031::ac43:9eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.unali.io/packs/js/widget-27cd7393b51fcc6543ea.js
Requested by: Host: app.unali.io
URL: https://app.unali.io/widgets/widget/d202634160763a231e32b2dca7c5769f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82408650b2d4ac2ed3e6c0cb4f8ce8344a041eda9b1ad85ec60d35555c3e7d24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cf-ray: 6b2117bfafc24dee-FRA
date: Mon, 22 Nov 2021 09:22:20 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Fri, 19 Nov 2021 18:54:28 GMT
server: cloudflare
age: 5160
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlaK7OBY8mCoU%2BjQ524SjigZB1snOajvd6cm68Oo6MD7WinQJHJZupdUTm6d6vBFGX600LDowv88idMvGSV2fr1m%2FqZ0v%2FUNYpwPJOBpQQp7PSHgQ5pGFpzNWUobnyPaTf%2FN4HN9c6JQXM8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 / Show response
chalhoub1-app.quantummetric.com/ 0
163 B 15ms
15ms XHR
application/json 35.187.54.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.187.54.69 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

69.54.187.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.faces.com
date: Mon, 22 Nov 2021 09:22:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
strict-transport-security: max-age=31536000
content-type: application/json

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 540ms
177ms Preflight 35.160.50.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.50.174 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-50-174.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cross-origin-resource-policy
Origin: https://www.faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 09:22:21 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: cross-origin-resource-policy
strict-transport-security: max-age=15768000

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 185ms
185ms XHR
text/html 35.160.50.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.50.174 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-50-174.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.faces.com/
Cross-Origin-Resource-Policy: cross-origin
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 09:22:21 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 / Show response
o457444.ingest.sentry.io/api/5587915/envelope/ 2 B
244 B 151ms
118ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o457444.ingest.sentry.io/api/5587915/envelope/?sentry_key=dcd6f903d7824e50aefe402ee75d33b7&sentry_version=7

Requested by

Host: app.unali.io
URL: https://app.unali.io/packs/js/widget-27cd7393b51fcc6543ea.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 22 Nov 2021 09:22:21 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.faces.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

OPTIONS
H2 200 Closed
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ Frame 0
0 43ms
14ms Preflight 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/Closed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 21 Nov 2021 14:28:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: authorization, content-type
access-control-expose-headers: x-cache
access-control-max-age: 300
server: AmazonS3
vary: Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nbj4K7nxXbX-lsDXIJZGw1bTbqlYH0HzcrtZ8oEh9rk5vob6YGxQ5Q==
age: 68016

OPTIONS
H2 200 ProductFeedList
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ Frame 0
0 43ms
14ms Preflight 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ProductFeedList
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 21 Nov 2021 14:28:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: authorization, content-type
access-control-expose-headers: x-cache
access-control-max-age: 300
server: AmazonS3
vary: Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: JZKuDHhd9nO_9JhizVEeXYyjIdsxoUSa6kTsvIAohi4_bm-dNriZEg==
age: 68016

OPTIONS
H2 200 ProductFeed
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ Frame 0
0 43ms
15ms Preflight 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ProductFeed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 21 Nov 2021 14:28:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: authorization, content-type
access-control-expose-headers: x-cache
access-control-max-age: 300
server: AmazonS3
vary: Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HLB1KCJfZOPKqZ8r_W0BM4-TLh09J6CpD1fzb_b9hbVY020MInTeNA==
age: 68016

OPTIONS
H2 200 SignUp
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ Frame 0
0 47ms
19ms Preflight 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/SignUp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 21 Nov 2021 14:28:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: authorization, content-type
access-control-expose-headers: x-cache
access-control-max-age: 300
server: AmazonS3
vary: Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Zk4YmT7bMg-V1IgNVKGprolDAH4lx76i0inFEWr6Jv4gHKdUH1sJEw==
age: 68016

OPTIONS
H2 200 Ratings
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ Frame 0
0 44ms
16ms Preflight 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/Ratings
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 21 Nov 2021 14:28:43 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: authorization, content-type
access-control-expose-headers: x-cache
access-control-max-age: 300
server: AmazonS3
vary: Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: VPIXwGrzNseM-f8Hyr4DDIyOoYizPPB313xghXtPy7dWbsonRGBZZA==
age: 68019

OPTIONS
H2 200 ProfileForm
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ Frame 0
0 44ms
16ms Preflight 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ProfileForm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 21 Nov 2021 14:28:43 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: authorization, content-type
access-control-expose-headers: x-cache
access-control-max-age: 300
server: AmazonS3
vary: Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KPLB6melJ2Q0GJ4Bz_vYBhH6iCSakfTx1soSoEOzE-yL3wZnw5i3Fw==
age: 68019

OPTIONS
H2 200 ProfileSwitch
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ Frame 0
0 48ms
21ms Preflight 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ProfileSwitch
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 21 Nov 2021 14:28:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: authorization, content-type
access-control-expose-headers: x-cache
access-control-max-age: 300
server: AmazonS3
vary: Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: dm2oNV8CEjqHAHJW23v1lX92ynMUTsDc_rrthdIDxYK6lyT3HbbQ6Q==
age: 68016

OPTIONS
H2 200 Rewards
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ Frame 0
0 44ms
17ms Preflight 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/Rewards
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 21 Nov 2021 14:28:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: authorization, content-type
access-control-expose-headers: x-cache
access-control-max-age: 300
server: AmazonS3
vary: Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: YvM4AaIZ9GVDGHJUdNYJskaVNwY3gY6zQWe2t5173euQN6WGJ-JRtQ==
age: 68016

OPTIONS
H2 200 Raffle
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ Frame 0
0 45ms
18ms Preflight 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/Raffle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 21 Nov 2021 14:28:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: authorization, content-type
access-control-expose-headers: x-cache
access-control-max-age: 300
server: AmazonS3
vary: Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9EdxXKH8q2_0GZHrFCExDZL6SB2yLX1LXNv1x7dWyGYs_ynAmEfDng==
age: 68016

OPTIONS
H2 200 common
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ Frame 0
0 47ms
21ms Preflight 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/common
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 21 Nov 2021 14:28:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: authorization, content-type
access-control-expose-headers: x-cache
access-control-max-age: 300
server: AmazonS3
vary: Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: keT9E1fvaKk4Mc1r-KODWuMhUIVSzMl2kGtuD1C8QdIk4Mk7ISX4hA==
age: 68016

GET
H2 200 Closed Show response
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ 3 B
593 B 190ms
186ms Fetch
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/Closed
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
Authorization: undefined
Content-Type: application/json

Response headers

x-amz-version-id: LP99qA9EAMLqCMMRUwJOQ5lo4sldS.Jg
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
etag: "8a80554c91d9fca8acb82f023de02f11"
x-amz-cf-pop: FRA50-C1
x-cache: Error from cloudfront
access-control-max-age: 300
x-amz-replication-status: COMPLETED
content-length: 3
last-modified: Wed, 08 Apr 2020 15:53:18 GMT
server: AmazonS3
date: Mon, 22 Nov 2021 09:22:22 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-cache
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
x-amz-cf-id: zemNDz5RopoiSlthAOlWvhUEz6fk5f-4-0A1nKuZBfzRe3zt8lTqEA==

GET
H2 200 ProductFeedList Show response
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ 73 B
669 B 57ms
53ms Fetch
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ProductFeedList
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a08ca5a5acd8589b904399a709241961640cbdb0e57e40c21ee67c522b10307

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
Authorization: undefined
Content-Type: application/json

Response headers

x-amz-version-id: cclPnuVA0CudFJokI.50l9SYHhsc2SDt
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
etag: "81fbdb5624424f05173cb4c294e1d4c5"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 300
x-amz-replication-status: COMPLETED
content-length: 73
last-modified: Thu, 23 Sep 2021 12:41:15 GMT
server: AmazonS3
date: Mon, 22 Nov 2021 09:22:22 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-cache
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
x-amz-cf-id: ZeC5syNJzYn9WXeR_5bJOUl-8tyTbTYxhc4X_OXuC6vrDRzrvZnM1A==

GET
H2 200 ProductFeed Show response
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ 435 B
1 KB 50ms
46ms Fetch
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ProductFeed
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fed1d139c29eef2adb0a4e640845f57c398dadd92cc13e01c23501f6a23bd1df

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
Authorization: undefined
Content-Type: application/json

Response headers

x-amz-version-id: 2QyH.IAASxlbYkCvJJK.EjoGY8kAmWsI
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
etag: "90112d90e43641a10426358f8349ac57"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 300
x-amz-replication-status: COMPLETED
content-length: 435
last-modified: Wed, 27 Oct 2021 16:18:12 GMT
server: AmazonS3
date: Mon, 22 Nov 2021 09:22:22 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-cache
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
x-amz-cf-id: THbd9F0lumzWwPkgKpCw5doE4W7Tpf9ZNx8xrS0cHBb0IBiHq935ng==

GET
H2 200 SignUp Show response
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ 1 KB
1 KB 120ms
118ms Fetch
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/SignUp
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6280aa20d6371d04adeb64c9f07e89d5e6244081e34f77e9d01c63fb6987b19

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
Authorization: undefined
Content-Type: application/json

Response headers

x-amz-version-id: r83Wntg18R.aPwDaU8gE9QVB03qfZriQ
content-encoding: gzip
etag: W/"52c7427bbb1e5eff15dc3008dfa575c6"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 300
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 28 Sep 2021 19:41:28 GMT
server: AmazonS3
date: Mon, 22 Nov 2021 09:22:22 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
access-control-expose-headers: x-cache
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
x-amz-cf-id: aecXEpsfhaGkNUlpi6qk72sOWDkxoILeH8nD3FqYh__RR7AvqzFycg==

GET
H2 200 Ratings Show response
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ 3 KB
2 KB 53ms
50ms Fetch
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/Ratings
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 990aa422b3f7ba4b426e35da4672d2bd259704550bd3e54b08478e72f1d7ff2f

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
Authorization: undefined
Content-Type: application/json

Response headers

x-amz-version-id: 8H5W7B1rKC2oHBufSK3nJMABXn.NaLOA
content-encoding: gzip
etag: W/"ea7c89b71122e39bbf0b19e4fcb8bb94"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 300
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 23 Sep 2021 13:35:18 GMT
server: AmazonS3
date: Mon, 22 Nov 2021 09:22:22 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
access-control-expose-headers: x-cache
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
x-amz-cf-id: iWuR0CWGwEjj2pXgx2usygY7VxUG1wMzF6OITxipCxEend6yCEFj2A==

GET
H2 200 ProfileForm Show response
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ 1 KB
1 KB 43ms
41ms Fetch
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ProfileForm
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54d12b04c275817f9111d9601ff7595c2ae9a1b7c82d71280cdf21cbc395f988

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
Authorization: undefined
Content-Type: application/json

Response headers

x-amz-version-id: _vIpwUkEi_ga9DS9YFL_KLg5ehZKHVaQ
content-encoding: gzip
etag: W/"23ba1059e50e5e125b5bd89cca5249ed"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 300
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 23 Sep 2021 12:41:15 GMT
server: AmazonS3
date: Mon, 22 Nov 2021 09:22:22 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
access-control-expose-headers: x-cache
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
x-amz-cf-id: -NrFq2POHB1fPLB5HyAkU2CoupqDM0rKzAerMQMGEVuQc4MmEYmixw==

GET
H2 200 ProfileSwitch Show response
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ 106 B
702 B 123ms
122ms Fetch
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ProfileSwitch
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 352c6ff055ebb16781084a9371cb71cce55fa95193638aa8f0044ce175432356

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
Authorization: undefined
Content-Type: application/json

Response headers

x-amz-version-id: aopkJb0Ar.WZB4TZhtb6C7sn6noIrTM8
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
etag: "3c49cfd81a08185febf2dd73006c7f9d"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 300
x-amz-replication-status: COMPLETED
content-length: 106
last-modified: Thu, 23 Sep 2021 12:41:15 GMT
server: AmazonS3
date: Mon, 22 Nov 2021 09:22:22 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-cache
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
x-amz-cf-id: sSxhafWMrakIBgWl0ryjpavj6r54EIhUzd5QYfH3urNTJbYGCokCLA==

GET
H2 200 Rewards Show response
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ 15 KB
2 KB 55ms
52ms Fetch
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/Rewards
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eed8a7f12ccd088f0c93775d1bcda95f2e61f92ec5eacc76f1f41c17f8275937

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
Authorization: undefined
Content-Type: application/json

Response headers

x-amz-version-id: do7TOG6X2YyGhAzuPMlebQwas_VkGinT
content-encoding: gzip
etag: W/"0c926016d395d1ac82c41ff1f985a2fa"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 300
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Mon, 11 Oct 2021 15:50:38 GMT
server: AmazonS3
date: Mon, 22 Nov 2021 09:22:22 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
access-control-expose-headers: x-cache
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
x-amz-cf-id: SdoXE6EIG5l7KdxfRx71_BRO-wx5lYh6e1ov8jt1Wz8-YH5FlloewA==

GET
H2 200 Raffle Show response
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ 364 B
960 B 45ms
43ms Fetch
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/Raffle
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 107801c0d66d1baa440057c9a4a5ab456db9b2b41b21be43c9286fce117202dc

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
Authorization: undefined
Content-Type: application/json

Response headers

x-amz-version-id: tNEL..NkN0aichU0Ix_PRl2A.Zyt_PDY
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
etag: "17d93fa3bcd87ccad2f7ad73f29e5e35"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 300
x-amz-replication-status: COMPLETED
content-length: 364
last-modified: Mon, 11 Oct 2021 15:50:38 GMT
server: AmazonS3
date: Mon, 22 Nov 2021 09:22:22 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-cache
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
x-amz-cf-id: U1VZy_OENo8EvHBSF76vU0FIF0tcaayTuJMZR1Ckh2_Ni1cceF1Y_A==

GET
H2 200 common Show response
api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/ 2 KB
1 KB 52ms
51ms Fetch
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/2b04cbf2-d68d-40ff-86a6-b5d980475ec9/production/en/common
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15f03276a8ecc472f16d38301dfb42dca32a72ae9165b97525749657913b35c1

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
Authorization: undefined
Content-Type: application/json

Response headers

x-amz-version-id: 6Um0JK9YrPF1.97Nt.7uK8h7v2vLo__y
content-encoding: gzip
etag: W/"369ae14201e3b94c8cff19d8c36eecfe"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 300
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 28 Sep 2021 19:41:28 GMT
server: AmazonS3
date: Mon, 22 Nov 2021 09:22:22 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
access-control-expose-headers: x-cache
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
x-amz-cf-id: tZ00l3u3AfhzyhL-Fkq4od1HP-zXeRII08Dv4OxV07HT21zGp_0Dxw==

GET
H3 200 kawaii_1-40677e366f632e6918f753a0f447080d.png
app.unali.io/packs/media/widget/commonAssets/ 7 KB
7 KB 21ms
21ms Image
image/png 2606:4700:3031::ac43:9eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.unali.io/packs/media/widget/commonAssets/kawaii_1-40677e366f632e6918f753a0f447080d.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c74a47ffea760fc87c6b2686b9ee59b8b47fe27348a7d706885ac05d8c818c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:21 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5710
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7021
last-modified: Fri, 19 Nov 2021 18:54:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LyqO6rGtOtmN0VpJ6EElGjMgRp6uM4BLWkQZn3UG2D32Fi4SmQjU5wcwxwQjgoqNHrUgiEFqOn1PuleOu4byCs3y8HHeVjsjz6fhqT4f2BvAxFx3l%2Ba4twXiheT8%2B6fo3cFqlK4TP3QPiE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2117c12aff4dee-FRA

GET
H3 200 kawaii_2-00c0bfd753acd759d6ec453f8817e624.png
app.unali.io/packs/media/widget/commonAssets/ 10 KB
11 KB 15ms
15ms Image
image/png 2606:4700:3031::ac43:9eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.unali.io/packs/media/widget/commonAssets/kawaii_2-00c0bfd753acd759d6ec453f8817e624.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3cb2d615749a1d29e1aca3211a44309ac2c3cbd6d0427e53a4e9ea20a7bb7a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:20 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5665
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10663
last-modified: Fri, 19 Nov 2021 18:54:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVMy6Xt0DHpjC2lLKkYj99z9DTqHmWMcFzncAyyceC%2F9v5YiaGRe3beRhI7azAWqnQLVAkruGqsQ21%2FCHfJ85SeJh8yOhfB8nbcM4DE8ABRwpnbKHUDeWU0jposuhMKS%2F8AUN4fdeMjZIHc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2117c12b004dee-FRA

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6BC8 0
15 B 17ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.faces.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.faces.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 22 Nov 2021 09:22:21 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F7FF 0
15 B 18ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.faces.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.faces.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 22 Nov 2021 09:22:21 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 819B 0
15 B 21ms
6ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.faces.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.faces.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 22 Nov 2021 09:22:21 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame DE2C 0
18 B 14ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.faces.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.faces.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 22 Nov 2021 09:22:21 GMT

GET
H2 200 / Show response
48b2w8mr.twic.pics/ Frame D8B4 14 KB
7 KB 43ms
14ms Script
text/javascript 143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://48b2w8mr.twic.pics/?v1
Requested by: Host: app.unali.io
URL: https://app.unali.io/packs/js/widget-27cd7393b51fcc6543ea.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: TwicPics/1.7.12 /
Resource Hash: 5bd03971e9d531a710b6cdbefe4823bf60894fbddc8aee545f57ed0148417044

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:21 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3600
x-twicpics-source: twicpics
content-length: 6587
access-control-allow-origin: *
allow: GET, OPTIONS
server: TwicPics/1.7.12
etag: "glkbqaozEXpd1GUgBNumcQ=="
vary: cloudfront-forwarded-proto,host
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
access-control-expose-headers: *
cache-control: public, no-transform, max-age=3600
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: YIWRo8489RxPHnPOHvIWpw_w1C7fjKYlMCTboVBCFVKRWWOzGWcy5g==
expires: Mon, 22 Nov 2021 09:50:38 GMT

GET
H2 404 /
48b2w8mr.twic.pics/ Frame D8B4 177 B
177 B 37ms
13ms Image
text/plain 143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://48b2w8mr.twic.pics/?twic=v1/cover=120x120
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: TwicPics/1.7.12 /
Resource Hash: b85e4c09239b1ca45351187ecab9ca515df39419c06fb8d3440f88b04e5b3bec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:22:13 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
age: 8
x-cache: Error from cloudfront
x-twicpics-source: twicpics
content-length: 177
allow: GET, OPTIONS
server: TwicPics/1.7.12
access-control-max-age: 3600
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: 8D7ZkLhg60z39UTQ-amKKjt7PGq7srg1D4aoeOnMJbQnPQfdIOOmCw==

GET
H2 200 / Show response
48b2w8mr.twic.pics/ Frame C023 14 KB
7 KB 34ms
12ms Script
text/javascript 143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://48b2w8mr.twic.pics/?v1
Requested by: Host: app.unali.io
URL: https://app.unali.io/packs/js/widget-27cd7393b51fcc6543ea.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: TwicPics/1.7.12 /
Resource Hash: 5bd03971e9d531a710b6cdbefe4823bf60894fbddc8aee545f57ed0148417044

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:00:31 GMT
content-encoding: gzip
age: 9295
x-cache: Hit from cloudfront
access-control-max-age: 3600
x-twicpics-source: twicpics
content-length: 6587
access-control-allow-origin: *
allow: GET, OPTIONS
server: TwicPics/1.7.12
etag: "glkbqaozEXpd1GUgBNumcQ=="
vary: cloudfront-forwarded-proto,host
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
access-control-expose-headers: *
cache-control: public, no-transform, max-age=3600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: 4xVV-wqc9IPmPaE-x_hiQDRRjTuA882wtwjgFtmewc01it1mJnd2xQ==
expires: Mon, 22 Nov 2021 07:47:26 GMT

POST
H2 200 pub9bea4e5bb561cc8dcd5c4cef1ca5828a
rum-http-intake.logs.datadoghq.eu/v1/input/ 2 B
60 B 20ms
19ms Ping
application/json 2600:1901:0:662c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pub9bea4e5bb561cc8dcd5c4cef1ca5828a?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Afaces-sa%2Cversion%3A1.0.0&batch_time=1637572941124
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:662c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 09:22:21 GMT
via: 1.1 google
alt-svc: clear
content-length: 2
content-type: application/json

GET
H2 200 __Analytics-Start
www.faces.com/on/demandware.store/Sites-Faces_SA-Site/ar_SA/ 35 B
306 B 54ms
53ms Image
image/gif 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/on/demandware.store/Sites-Faces_SA-Site/ar_SA/__Analytics-Start?url=https%3A%2F%2Fwww.faces.com%2Fsa-ar%2Fnewarrivals%3Fj%3D436513%26sfmc_sub%3D52414655%26l%3D98_HTML%26u%3D64279617%26mid%3D100039654%26jb%3D1006%26utm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D22_11_crm_KSA_vip&res=1600x1200&cookie=1&ref=&title=%D8%AA%D8%B3%D9%88%D9%91%D9%82%20%D9%88%D8%B5%D9%84%20%D8%AD%D8%AF%D9%8A%D8%AB%D8%A7%20%D8%A7%D9%88%D9%84%D8%A7%D9%8A%D9%86%20%D9%81%D9%8A%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9%20%E2%80%A2%20FACES%20(%D9%88%D8%AC%D9%88%D9%87)&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.02603167144817542&cmpn=&tz=Asia/Riyadh&pcc=SAR&pct=&pcat=newarrivals&pst-id=637ba8e6-2b1d-4e89-abaf-beb661883338&pst-refs=[{%22name%22:%22Category%22,%22value%22:%22newarrivals%22}]&pst-sort=new-to-old&pst-pers=false&pst-loc=ar_SA&pst-qloc=ar_SA&pst-show=true&pid-0=PM_CHANEL_Rouge_Allure_Holiday&pev-0=event3&pid-1=006615539486&pev-1=event3&pid-2=274615556318&pev-2=event3&pid-3=009115540928&pev-3=event3&pid-4=014815114954&pev-4=event3&pid-5=026115403160&pev-5=event3&pid-6=006615539479&pev-6=event3&pid-7=274615556311&pev-7=event3&pid-8=PM_MAKE_UP_FOR_EVER_Rouge_Artist_Shine_On&pev-8=event3&pid-9=PM_SHISEIDO_Ultimune_Power_Infusing_Concentrate&pev-9=event3&pid-10=274615556310&pev-10=event3&pid-11=034815539735&pev-11=event3&pid-12=009114952517&pev-12=event3&pid-13=019314783533&pev-13=event3&pid-14=274615556314&pev-14=event3&pid-15=PM_Rouge_G_de_Guerlain_The_Double_Mirror_Case&pev-15=event3&pid-16=PM_GUERLAIN_Rouge_G_Luxurious_Velvet&pev-16=event3&pid-17=014815114961&pev-17=event3&pid-18=014815114959&pev-18=event3&pid-19=027815489540&pev-19=event3&pid-20=014815114955&pev-20=event3&pid-21=014815114958&pev-21=event3&pid-22=014815114956&pev-22=event3&pid-23=014815114957&pev-23=event3&pid-24=PM_MAKE_UP_FOR_EVER_Rouge_Artist_Metallic&pev-24=event3&pid-25=PM_MAKE_UP_FOR_EVER_Pro_Glow_Powder&pev-25=event3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 6b2117c25d28695e-FRA
x-dw-request-base-id: 0Yw20Exhm2EBAAB_
content-length: 35
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 __Analytics-Start
www.faces.com/on/demandware.store/Sites-Faces_SA-Site/ar_SA/ 35 B
112 B 64ms
63ms Image
image/gif 104.18.163.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faces.com/on/demandware.store/Sites-Faces_SA-Site/ar_SA/__Analytics-Start?dwac=0.02603167144817542&cmpn=&tz=Asia/Riyadh&pcc=SAR&pct=&pcat=newarrivals&pid-26=021715242631&pev-26=event3&pid-27=021715242628&pev-27=event3&pid-28=274615556316&pev-28=event3&pid-29=274615556315&pev-29=event3&pid-30=274615556317&pev-30=event3&pid-31=274615556312&pev-31=event3&pid-32=274615556313&pev-32=event3&pid-33=006615539480&pev-33=event3&pid-34=006615539483&pev-34=event3&pid-35=PM_CHANEL_Ombre_Premi%C3%A8re_Laque_Glitter&pev-35=event3&pid-36=PM_GIORGIO_ARMANI_My_Way_Intense_EDP&pev-36=event3&pid-37=PM_WBF_Flawless_Skin_Foundation&pev-37=event3&pid-38=274615556301&pev-38=event3&pid-39=033315585762&pev-39=event3&pid-40=033315585761&pev-40=event3&pid-41=033315585758&pev-41=event3&pid-42=033315585756&pev-42=event3&pid-43=033315585760&pev-43=event3&pid-44=033315585759&pev-44=event3&pid-45=005715329029&pev-45=event3&pid-46=034815566221&pev-46=event3&pid-47=034815539737&pev-47=event3&dw_dnt=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.163.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 09:22:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 6b2117c25d2b695e-FRA
x-dw-request-base-id: 0Yw30Exhm2EBAAB_
content-length: 35
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 202 update Show response
carrier.useinsider.com/v2/contact/ucd/ 0
40 B 61ms
61ms XHR
text/plain 2606:4700::6811:a772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carrier.useinsider.com/v2/contact/ucd/update
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
partner: facesuae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Nov 2021 09:22:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-origin: *
cf-ray: 6b2117c89fd64dbe-FRA
content-length: 0

OPTIONS
H2 204 update
carrier.useinsider.com/v2/contact/ucd/ Frame 0
0 54ms
54ms Preflight 2606:4700::6811:a772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carrier.useinsider.com/v2/contact/ucd/update
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,partner
Origin: https://www.faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 09:22:22 GMT
access-control-allow-headers: content-type,partner
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b2117c83f324dbe-FRA

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 97ms
96ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.faces.com
date: Mon, 22 Nov 2021 09:22:21 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 empty.html Show response
static.criteo.net/ Frame D626 214 B
499 B 16ms
15ms Document
text/html 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/empty.html
Requested by: Host: www.faces.com
URL: https://www.faces.com/sa-ar/newarrivals?j=436513&sfmc_sub=52414655&l=98_HTML&u=64279617&mid=100039654&jb=1006&utm_source=salesforce&utm_medium=email&utm_campaign=22_11_crm_KSA_vip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3ca8c8b4370ff878afbd3f136b7a32063f18e66f253789b2a482649392832707

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.faces.com/

Response headers

server: nginx
date: Mon, 22 Nov 2021 09:22:25 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 27 Aug 2008 18:21:54 GMT
etag: W/"48b59b42-d6"
expires: Thu, 17 Nov 2022 09:22:25 GMT
cache-control: max-age=31104000 public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding

POST
H2 200 / Show response
chalhoub1-app.quantummetric.com/ 0
163 B 18ms
17ms XHR
application/json 35.187.54.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.187.54.69 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

69.54.187.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.faces.com
date: Mon, 22 Nov 2021 09:22:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
strict-transport-security: max-age=31536000
content-type: application/json

POST
H2 200 / Show response
chalhoub1-app.quantummetric.com/ 0
163 B 15ms
15ms XHR
application/json 35.187.54.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.187.54.69 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

69.54.187.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.faces.com
date: Mon, 22 Nov 2021 09:22:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
strict-transport-security: max-age=31536000
content-type: application/json

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 93ms
93ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.faces.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.faces.com
date: Mon, 22 Nov 2021 09:22:27 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-LWhqvP-48lqa-bTxQIef4DF5O2-HMIqgzPF7Gw&expires=30

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

108 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-19 22:54:19	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
www.faces.com/	1969-12-31 23:59:59	Name: dwac_69440ba63b7d4b40f3196cc43d Value: WTCKl-utvywybGMfgT3lLGJuWRZGBmtzIfE%3D\|dw-only\|\|\|SAR\|false\|Asia%2FRiyadh\|true
www.faces.com/	1969-12-31 23:59:59	Name: cqcid Value: abACwVVr4MDerQK15D1AwXe6Bn
www.faces.com/	1969-12-31 23:59:59	Name: cquid Value: \|\|
www.faces.com/	1969-12-31 23:59:59	Name: dwsecuretoken_880bfc176b7ab1f8440d40d0dc71a961 Value: "chDOBwer7d1ml5T2hAWAzr1SG8tuKPGOgw=="
.faces.com/	1970-01-20 07:38:28	Name: www_site_locale Value: ar_SA
www.faces.com/	1969-12-31 23:59:59	Name: sid Value: WTCKl-utvywybGMfgT3lLGJuWRZGBmtzIfE
www.faces.com/	1970-01-20 03:12:04	Name: dwanonymous_880bfc176b7ab1f8440d40d0dc71a961 Value: abACwVVr4MDerQK15D1AwXe6Bn
www.faces.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 0
www.faces.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 0
www.faces.com/	1969-12-31 23:59:59	Name: dwsid Value: hr0I0EThqsY3R1AZYsEWPL3j21HpSn6ZJNrikb_dP1Z3Eo9l0Mbm5LSHCtDctHyMt8XCQ-EVCZRpJa9r3Hi6GA==
www.faces.com/	1970-01-19 22:52:53	Name: _dd_s Value: rum=1&id=59114ecb-82f5-4c1b-8970-072d5e09c11c&created=1637572938713&expire=1637573838713
www.faces.com/	1970-01-19 23:36:04	Name: __utmz Value: other
www.faces.com/	1969-12-31 23:59:59	Name: cookie_utm_source Value: salesforce
www.faces.com/	1969-12-31 23:59:59	Name: cookie_utm_medium Value: email
www.faces.com/	1969-12-31 23:59:59	Name: cookie_utm_campaign Value: 22_11_crm_KSA_vip
www.faces.com/	1969-12-31 23:59:59	Name: cookie_utm_content Value: undefined
.faces.com/	1970-01-19 22:54:19	Name: _gid Value: GA1.2.430661559.1637572939
www.clarity.ms/	1970-01-20 07:38:28	Name: CLID Value: 063efd56f047435bb95c5f011cf3adab.20211122.20221122
.criteo.com/	1970-01-20 08:14:28	Name: uid Value: 1e9479ab-46c2-406c-9d6b-68521f3f0a6a
www.faces.com/	1970-01-20 16:24:04	Name: _sp_id.3349 Value: 1926698782bb128a.1637572939.1.1637572939.1637572939
www.faces.com/	1970-01-19 22:52:54	Name: _sp_ses.3349 Value: *
.c.bing.com/	1970-01-20 08:14:28	Name: SRM_B Value: 0107978150936EDF3F0A877651F86FD0
.faces.com/	1970-01-20 01:02:28	Name: _gcl_au Value: 1.1.1893211536.1637572939
.faces.com/	1970-01-19 22:52:52	Name: _dc_gtm_UA-25600489-1 Value: 1
.yotpo.com/	1970-01-20 07:38:28	Name: pixel Value: 7f0fb9c7-849c-4eef-6e37-79c73dcade0a
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 08:14:28	Name: MUID Value: 0107978150936EDF3F0A877651F86FD0
.c.clarity.ms/	1970-01-19 22:52:53	Name: ANONCHK Value: 0
.igodigital.com/	1970-01-19 22:52:56	Name: igodigitalstdomain Value: 2000017419
.igodigital.com/	1970-01-23 14:31:45	Name: igodigitaltc2 Value: b0d6f70e-4b75-11ec-874d-0ab1947e6267
.igodigital.com/	1970-01-19 22:52:56	Name: igodigitalst_100039654 Value: b0d6fec0-4b75-11ec-874d-0ab1947e6267
.creativecdn.com/	1970-01-20 07:38:28	Name: u Value: 8EfFE1yGcja3IW2N8UuF
.creativecdn.com/	1970-01-20 07:38:28	Name: ts Value: 1637572939
.twitter.com/	1970-01-20 16:24:04	Name: personalization_id Value: "v1_zrs/tU+eVYh0OId81SrIPQ=="
.cquotient.com/	1970-01-20 08:21:40	Name: uuid Value: abACwVVr4MDerQK15D1AwXe6Bn
.faces.com/	1970-01-20 08:22:16	Name: cto_bundle Value: vB05x19QM1JvN0t1bkZEWVFtZSUyQnkydmllSU1HS0daMyUyRjhaR3E1WnMwc3V2TmsyYXdZUEUzUXZzTVhvWkxwc2NuQUF3QyUyRmdhYmNFVkZGWUdDZ1IxWG0xamhFUk5ZalN5QnRoZVV3Zjh2MTlVV0RsUnJsRk1pTEJVNVQxNVJXRWVWJTJCNWMydWtPOXBWR3g2ZlpqYlgzN1VBa3NLZyUzRCUzRA
.faces.com/	1970-01-20 07:38:28	Name: _clck Value: s9memi\|1\|ewn\|0
.faces.com/	1970-01-20 08:21:40	Name: __cq_uuid Value: abACwVVr4MDerQK15D1AwXe6Bn
.faces.com/	1970-01-19 23:36:04	Name: __cq_seg Value: 0~0.00!1~0.00!2~0.00!3~0.00!4~0.00!5~0.00!6~0.00!7~0.00!8~0.00!9~0.00
.faces.com/	1970-01-20 08:22:39	Name: _scid Value: 402cfe65-c53b-4b38-bee8-ffed12e17eb4
.doubleclick.net/	1970-01-20 08:14:28	Name: IDE Value: AHWqTUkWi5jfjppZOFT5QrBJeaB2-sGVPG0Ewte_PLqL7PUDVEWxPRGJEmrcqqy27Rk
.facesuae.api.useinsider.com/	1970-01-19 22:54:19	Name: insdrPushCookieStatus Value: true
.faces.com/	1970-01-20 07:38:28	Name: _hjSessionUser_1098206 Value: eyJpZCI6Ijk0YmU3ZWMxLWE3MjEtNTU3My05MzFhLWQ5NjdmZDQ5MDU3NSIsImNyZWF0ZWQiOjE2Mzc1NzI5Mzg4MjQsImV4aXN0aW5nIjpmYWxzZX0=
.faces.com/	1970-01-19 22:52:54	Name: _hjFirstSeen Value: 1
.faces.com/	1970-01-19 22:52:54	Name: _hjSession_1098206 Value: eyJpZCI6ImY3NTEzMGI1LTMzZjEtNDM3MS04MjdjLWM2OTJiYzZjNzRmNCIsImNyZWF0ZWQiOjE2Mzc1NzI5Mzk2Nzh9
www.faces.com/	1970-01-19 22:52:53	Name: _hjIncludedInSessionSample Value: 0
.faces.com/	1970-01-19 22:52:54	Name: _hjAbsoluteSessionInProgress Value: 0
.snapchat.com/	1970-01-20 08:14:28	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBiRHAMAgDsIm4g5ja9Tj9MgXDVwLfyod3pE5E97XDckVtgt8S3ZgpQoeW4ckf9ShQZTIAAAA=
.faces.com/	1970-01-19 22:54:19	Name: _clsk Value: obh7oh\|1637572939727\|1\|1\|f.clarity.ms/collect
.facesuae.api.useinsider.com/	1970-01-19 22:54:19	Name: push-request-sent Value: true
.facesuae.api.useinsider.com/	1970-01-20 07:31:16	Name: native-permission-impression Value: true
.adnxs.com/	1970-01-20 01:02:28	Name: uuid2 Value: 4331465487264750111
.faces.com/	1970-01-20 01:02:28	Name: _fbp Value: fb.1.1637572940372.1506671317
.adnxs.com/	1970-01-20 01:02:28	Name: anj Value: dTM7k!M40<EVNsVF']wIg2C%>u'H)$!A#Ez.TOKYnz@tD-4+N<GVYesDEW@p@mho6a@6GTF[:O>pxOF=kLd@<g['EVR7>cQJo9^BiUK_t=j>?q)9XP-1OZg6isJ%'=e=wrBqt2PT8N%?J(I+Hh=Z#-3PVX23nXm/!6Fn_20$^Q
.tapad.com/	1970-01-20 00:19:16	Name: TapAd_TS Value: 1637572940471
.tapad.com/	1970-01-20 00:19:16	Name: TapAd_DID Value: e28f27c4-1b36-4c4a-90af-dd772dfa9502
.bidswitch.net/	1970-01-20 07:38:28	Name: tuuid Value: 459903fe-a046-4d5e-9bfe-9367054219ce
.bidswitch.net/	1970-01-20 07:38:28	Name: c Value: 1637572940
.bidswitch.net/	1970-01-20 07:38:28	Name: tuuid_lu Value: 1637572940
www.faces.com/	1970-01-20 07:38:28	Name: mdLogger Value: false
www.faces.com/	1970-01-20 07:38:28	Name: kampyle_userid Value: 8227-5653-1e53-abf7-251e-506a-a732-b09f
cm.mgid.com/	1970-01-19 23:36:04	Name: mg_sync Value: {"617660":1637572940}
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: lamkYdhwnvm1
.mgid.com/	1970-01-19 22:52:54	Name: __cf_bm Value: i.Rb5FA1tSAP8TpCyGkli5A8rjCIh5Il4yE_hkUjAlU-1637572940-0-Ado44Xk0Ff48NY5LoONCOZpTtlpIDwRc9uAIrvVSfK/meVXaIEIVUWZ0YHZZnr8kVdAp01zBRJsYPLda1O7/UNM=
.tapad.com/	1970-01-20 00:19:16	Name: TapAd_3WAY_SYNCS Value:
www.faces.com/	1970-01-20 07:38:28	Name: kampyleUserSession Value: 1637572940530
www.faces.com/	1970-01-20 07:38:28	Name: kampyleUserSessionsCount Value: 1
.analytics.yahoo.com/	1970-01-20 07:39:55	Name: IDSYNC Value: 18zh~21o9
www.faces.com/	1970-01-20 07:38:28	Name: kampyleSessionPageCounter Value: 1
.rlcdn.com/	1970-01-20 07:38:28	Name: rlas3 Value: KfbE159/u860Wo8ZyzmdQk7SywFbQAiUPPthwid9SIk=
.rlcdn.com/	1970-01-20 00:19:16	Name: pxrc Value: CAA=
.3lift.com/	1970-01-20 01:02:28	Name: tluid Value: 7971902030681199331
.yahoo.com/	1970-01-20 07:38:50	Name: A3 Value: d=AQABBExhm2ECENubuVRrdacXI8I0zjAJ1PcFEgEBAQGynGGlYQAAAAAA_eMAAA&S=AQAAAp3-ISj6OaQ4HMfdTRez2N8
.pubmatic.com/	1970-01-19 23:36:04	Name: KRTBCOOKIE_97 Value: 3385-uid:k-vK30ov-48lqa-bTxQIef4DF5O2-OkabBR8zPAw&KRTB&23286-uid:k-vK30ov-48lqa-bTxQIef4DF5O2-OkabBR8zPAw&KRTB&23287-uid:k-vK30ov-48lqa-bTxQIef4DF5O2-OkabBR8zPAw&KRTB&23288-uid:k-vK30ov-48lqa-bTxQIef4DF5O2-OkabBR8zPAw
.pubmatic.com/	1970-01-19 23:36:04	Name: PugT Value: 1637572939
.pubmatic.com/	1970-01-20 01:02:28	Name: PUBMDCID Value: 3
.faces.com/	1970-01-20 16:24:04	Name: _ga_MHNYJPR02R Value: GS1.1.1637572940.1.0.1637572940.60
.faces.com/	1970-01-20 16:24:04	Name: _ga Value: GA1.1.802785177.1637572939
.addthis.com/	1970-01-20 08:14:28	Name: ouid Value: 619b614c0001b50e000607f32accfd4c5cea8941fceb27160ff2
.addthis.com/	1970-01-20 08:14:28	Name: uid Value: 619b614c082901b4
.addthis.com/	1970-01-20 08:14:28	Name: na_id Value: 2021112209222054200343671006
.media.net/	1970-01-20 07:38:28	Name: visitor-id Value: 2805745407766515000V10
.media.net/	1970-01-19 23:36:04	Name: data-c-ts Value: 1637572940
.media.net/	1970-01-19 23:36:04	Name: data-c Value: k-Ilj4Ov-48lqa-bTxQIef4DF5O28Lfo2j_obMbg~~3
.mediawallahscript.com/	1970-01-20 16:24:04	Name: mCookie Value: b1affb80-4b75-11ec-a253-034f8c55b2d4
.mediawallahscript.com/	1970-01-20 16:24:04	Name: mUserCookie Value: %7B%22undefined%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%7D
.casalemedia.com/	1970-01-20 07:38:28	Name: CMID Value: YZthTL-3UoPRSNbIUycmXwAA
.casalemedia.com/	1970-01-20 01:02:28	Name: CMPS Value: 5205
.casalemedia.com/	1970-01-20 01:02:28	Name: CMPRO Value: 1184
.casalemedia.com/	1970-01-20 07:38:28	Name: CMRUM3 Value: 14619b614c2760k-CO2knv-48lqa-bTxQIef4DF5O2_4H5G6xQuexw
.casalemedia.com/	1970-01-19 22:54:19	Name: CMST Value: YZthTGGbYUwA
.yandex.ru/	1970-01-23 14:28:52	Name: yuidss Value: 9588323481637572940
.yandex.ru/	1970-01-23 14:28:52	Name: yandexuid Value: 9588323481637572940
.taboola.com/	1970-01-20 07:38:28	Name: t_gid Value: 87ea14a4-be2a-4f93-91f8-cd56ef3b410f-tuct894e6cc
chalhoub1-app.quantummetric.com/	1969-12-31 23:59:59	Name: s Value: 273c26fdae98b636331e5278e388f1ff
chalhoub1-app.quantummetric.com/	1970-01-20 07:38:28	Name: U Value: 54295cf18c3605124a5efb32b879e85e
.faces.com/	1970-01-19 22:52:54	Name: QuantumMetricSessionID Value: 273c26fdae98b636331e5278e388f1ff
.faces.com/	1970-01-20 07:38:28	Name: QuantumMetricUserID Value: 54295cf18c3605124a5efb32b879e85e
.revcontent.com/	1970-02-07 04:52:52	Name: __ID Value: 69455890062d42d49d56f64b3b1ad635
.revcontent.com/	1970-01-19 23:36:04	Name: v1_151 Value: 1
.tpmn.co.kr/	1970-01-20 07:38:28	Name: uuid Value: 6c6d43fe51f04ffd9b3e4339d81ba26e
.tpmn.co.kr/	1970-01-19 23:36:04	Name: criteo Value: k-6GzRHP-48lqa-bTxQIef4DF5O299CcursiaQ9w
.outbrain.com/	1970-01-20 01:02:28	Name: obuid Value: c48fb869-c611-4521-863d-f10544ee0d1c
.outbrain.com/	1970-01-19 23:36:04	Name: criteo Value: k-VioDzP-48lqa-bTxQIef4DF5O28gE0BS645nUg
.adtdp.com/	1970-01-20 16:24:04	Name: uid Value: e4d0e044-534b-4975-9fe8-b527a69e83f5
.adtdp.com/	1970-01-20 16:24:04	Name: pr Value: aja
.faces.com/	1970-01-20 07:38:28	Name: amp_efb66c Value: d8WDkPxsDajA2LXE3pwVRJ...1fl3f852k.1fl3f852l.0.1.1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://connect.nosto.com/include/djtssu2x Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.faces.com/on/demandware.static/-/Sites/ar_SA/v1637571401669/logo-white.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.faces.com/on/demandware.static/-/Sites/ar_SA/v1637571401669/logo-white.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.google-analytics.com/collect Message: Failed to load resource: the server responded with a status of 413 ()
network	error	URL: https://48b2w8mr.twic.pics/?twic=v1/cover=120x120 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors none
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100039654.collect.igodigital.com
48b2w8mr.twic.pics
ad.as.amanad.adtdp.com
ad.tpmn.co.kr
ads.yahoo.com
an.yandex.ru
analytics.google.com
analytics.tiktok.com
analytics.twitter.com
api.amplitude.com
api.locize.app
app.unali.io
assets.api.useinsider.com
assets.ubembed.com
c.bing.com
c.clarity.ms
carrier.useinsider.com
cb4f355a702f44288c6ab81ae1326e67.js.ubembed.com
cdn.cquotient.com
cdn.quantummetric.com
cdnjs.cloudflare.com
chalhoub1-app.quantummetric.com
click.email-faces.com
cm.creativecdn.com
cm.g.doubleclick.net
cm.mgid.com
connect.facebook.net
connect.nosto.com
contextual.media.net
crb.kargo.com
creativecdn.com
criteo-sync.teads.tv
cw.addthis.com
dis.criteo.com
eb2.3lift.com
eitri.api.useinsider.com
f.clarity.ms
facesuae.api.useinsider.com
fonts.googleapis.com
googleads.g.doubleclick.net
gum.criteo.com
hit.api.useinsider.com
ib.adnxs.com
idsync.rlcdn.com
location.api.useinsider.com
log.api.useinsider.com
mug.criteo.com
nova.collect.igodigital.com
o457444.ingest.sentry.io
p.cquotient.com
p.yotpo.com
partner.mediawallahscript.com
pixel.rubiconproject.com
pixel.tapad.com
r.casalemedia.com
resources.digital-cloud-west.medallia.com
rum-http-intake.logs.datadoghq.eu
s.ad.smaato.net
sc-static.net
script.hotjar.com
secure.adnxs.com
segment.api.useinsider.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.ads-twitter.com
static.criteo.net
static.hotjar.com
staticw2.yotpo.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
t.co
tr.snapchat.com
trends.revcontent.com
udc-neb.kampyle.com
ups.analytics.yahoo.com
vars.hotjar.com
www.clarity.ms
www.datadoghq-browser-agent.com
www.facebook.com
www.faces.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
pixel.rubiconproject.com
104.111.242.245
104.18.163.218
104.19.132.78
104.244.42.195
104.244.42.197
104.75.88.126
104.76.200.23
13.111.241.249
13.32.19.2
141.226.228.48
142.250.185.162
142.250.186.66
143.204.100.219
143.204.207.9
143.204.93.53
143.204.98.112
143.204.98.115
143.204.98.3
143.204.98.47
143.204.98.53
143.204.98.93
151.101.193.131
151.101.193.230
178.250.0.157
178.250.2.151
18.159.118.99
18.194.231.4
185.184.8.65
185.64.189.110
199.232.136.157
2.16.186.161
2.18.234.21
20.84.22.197
212.82.100.181
2600:1901:0:662c::
2600:9000:20eb:ce00:1b:5138:8a40:93a1
2600:9000:2156:6600:f:ee6c:7180:93a1
2606:4700:10::6816:35fc
2606:4700:3031::ac43:9eeb
2606:4700::6810:125e
2606:4700::6811:a772
2606:4700::6811:ab72
2620:1ec:27::cafe:2080
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:801::200e
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c1b::9b
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00:28e::1d72
2a02:6b8::90
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.126.56.137
3.127.62.220
34.102.166.132
34.120.195.249
34.247.9.63
34.255.68.26
35.160.50.174
35.186.226.184
35.187.54.69
35.227.248.159
35.241.45.82
35.244.174.68
37.252.173.215
37.252.173.22
52.142.114.2
52.50.71.252
54.205.247.222
64.202.112.95
76.223.111.18
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06fb2515ad8ca70c3253d8807c9b8cd15fac5d597ae723b4eef7f667326f65b2
0a1f65dd0544544de40fa53ca251eca52522ced3f5a608aa3425aeab157a34a0
0acc05529b896335e67451050b9d9353d4cd680a470919fecf91c12ff09196d3
0b850991db54c2e0c6a6b7a3c818d88205ced62b9f93665cca47f9cb2802b208
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4414f8667327ff8063539fcb789331495b0d6e24d1caa107b0797a37a3f811
0c9e534066299cad3e162c83cd143468569f8ac4e80d855c70d2c647cbe3c912
0cc2be64b24f8ae3f9951a81ce4964ea31e5663f5f739d7f34cf9dbaef8ae2c6
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f87a2e66ba884c3393c2d9d0ff38bd6592282b09aec943e74c995c920fb28e6
0fa62606a05f49c02f92636ac2d6e5e5842b13b8676f66cf8f6601c0fa82c365
107801c0d66d1baa440057c9a4a5ab456db9b2b41b21be43c9286fce117202dc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
1583349f5b70ca1c67d8a46be12eee8a699984fbe31417d19924790663d421d8
15f03276a8ecc472f16d38301dfb42dca32a72ae9165b97525749657913b35c1
169a86fed001327bc990a02ae13ea71bf2a819d62681c05222dcbead42f64357
1c999f2a714b34e10f4ffbcede6835df9e619d29987880bdad42a274e123f876
20a2a56d67d3ebebc92133859edde53e265633870462163c58e09cc4ffffc1c2
2147901a5a424ea92ad2fd2457976c46765880cf4d267aa711df70d026912ab7
21cee69a80e42e8f1c659067b801ae7f98ead766b43d188a5b7462d95da98516
2ad8df0436390cc4a60f3d7cffb9022a4f7689478cac55850b003cb54090ed6a
2dc8f708e6eaba9eebe8abcd34a7bb13805ea87f56f17b7db67824243a89588e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
3105661a04cd8afddc54336ff77f59910b7544980c68ac4769d31736c2177d38
31eb0730847f01479c99181c3ed8ae62ab7b15c1847bfbcddcf1b526cb6d49eb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3433cabe0c2fe8080fa9ab4f8e6e1d8fbf9e51b588f66f566a6ba49a280c8f1f
352c6ff055ebb16781084a9371cb71cce55fa95193638aa8f0044ce175432356
373ebaf7fdc72f8a7af4c9f66859861c1d330373bb739822d8e8defb339670ae
37c90c2f8dd927abf03f3e31c1f60d0476e46f82cac8ec80153304ce33bea799
39510f0c4a2bbad0ac129a1a932714c1073f8d0881292e28ddc384cac731653f
39827f0fa7859c08fd6d99f388cdc23ac01cf1207f30d3055fc610d3168f4517
39962a4b4f61fb13b0fabeafb761335c000675186d0aa84732ff9c4d61f05889
3a8d0697f4e132bdf2ffbe2bf6422164f275f16b9d25198cc2333408f858ac57
3ca8c8b4370ff878afbd3f136b7a32063f18e66f253789b2a482649392832707
3ce778a72017fc51c5ccb9aab38b69ef5dd6841d32598c17e97934868c5f895e
3e656754cc34b7603450fe085695d2dd0f1e23f651a074cd00bb10234b72387b
3eadb2797df48b3ce4f71cf5d240760052ae818f47ccc22ff56ec20c722f327e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb2e1981420865abb727075259ea0269df9bca24b7018340b4d70d721b0a19c
3ecc88a31066efb1975390cd46a9072262fd0a18e4c330691b7094ef8f4b0972
421791f237e85b4b8cfd9ffa470bfb952473ea0e6096667c0d83bb858d0d97a9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a
4a349fe8b6b74dabc36f064dd4c7532108c8c5f04476f1e106ca3572336f0190
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf1cfde368c9cf35fb9f2dfd68d9cb57838e9952b4d62bb636a8ea1d70fdf8d
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
506c141e1bfbad9a06f29aff5300c86e407426813f72d33b1f1381e7f410a3ee
53f8eb3baffab8f9c50418403df9c86a0863dbf21a872029209fe28361ba412e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c
54d12b04c275817f9111d9601ff7595c2ae9a1b7c82d71280cdf21cbc395f988
555bfb1090210039d9ad65a9b7f421e6b0855269ac2950df180423eb355c073f
569303dbda2c0cf38eed8b0617c9234e12d96210e3bffd0a7806693c442b1fed
576912c93e6ce0e84f9c4ea15638dc1f6af2b4f86e5826291961aa233cc3d196
58e8bde3ffdce575ee790ef2eadf3e85a2c258ce7e78ff617fb1efe9e485c61e
5aa9baf6d71a79ce2f8deba1d932e97583ab1d638930d032d76b81d53595477b
5b32255bfecf483224c11935cdc7b40f48334ce582bd7ca460bb1f4757ab5548
5bd03971e9d531a710b6cdbefe4823bf60894fbddc8aee545f57ed0148417044
662bab066b02a6cf805fa0501b95050356476e21ec7feff33cdcb3723694eb98
677d882c4bb8148c545831d6e5f15606c83ef43c7ccf8f40634cf5b22b501885
68913050ec00733d7b6b8271c97a1aadf9c0b76b36ae723372738c0cf8b1a471
68b19c99c256263620deb4c12fca5046ccaf4570e22f75422d614bd776b8efd7
697244537b778b6621c01e0187b521e111463b636ee632da27338b325336e704
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae96c2098fedcc2f29ba7a48a72f0ba4dc955db6fdc7fe3d9a9cda9c523fa60
6b6b34e69f08fb2fb269c0affa0b91f979eacc9df506d06fcc670e0601f23784
6c74a47ffea760fc87c6b2686b9ee59b8b47fe27348a7d706885ac05d8c818c2
6eaf1781ea0080297193528ed43b471c36f58fc9c7bd9f1f388219eceea723e5
712c0b6f5a52ddb5a5b30c564e83b8d791a1f122a5d3d2599a026a09af7f3e1a
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
76421e66df6e29d46596f2c8f79f392d9330d9acd27a9c942857023dba4457c1
7ad7332ee113a0b4c9d70707f86404fe48888fb6f3eaf6c62f9500effeb1eb6d
7b05300ffd426df7fd6eae961e16b9075c418522a9a5bceaec4fcb0f485c8805
7cae1b627f1b910ea051fc4a6474b226a43af52f037465f31e93ac4f5db8a847
7cbd9b2deca2667fcf6feec3a7997f8b80e100b93dea38331cb31f190d66ff18
7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db
7e8b2db59e745df118fc8a990ac21ecaf85e739bf8dfc63f78012702b899d5fa
80001c402149eff011b5e7e87c3dd72dc2de45d3d430d98418eb62c2ec5ad596
82408650b2d4ac2ed3e6c0cb4f8ce8344a041eda9b1ad85ec60d35555c3e7d24
82efeedef8d23cf1632ad28a33afb0c51892ffacb41b498a5e5038289c0cc34c
831b1711fed1943363d82a74626a30b5d2f4c1b4a207a1031573f6b1d73a1f6d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835948a97295d9d3b4d23658c8ca16a80328e57d0025c1f617db96aacf36c36a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa465954b3864ff1547a49839e0ac3e31d7bcda78c01271894315bb3c96727b
8c2cf97944d4708b6edaf34fe0b4623a467c54fa24cc5a2e1256bc56b5157c95
93075313167c01c5afb918bd0b994eeb85c05328d603e0df6628126265c44fa9
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
9623ca25ccda911a481eadeb5e697111d1dea9ff2aa1692d391423570385fb80
9771f57e890c58ca885d9e9d11e3a6f5185201263e1dc13408c4b69287d0bfe5
9875690691e287b073c7216901571983f31826543b136d3987225790fe9ea07a
987926a0a6bb161c59c7dd9170a629db5b8f3f422f10a704e280bc628553bced
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
990aa422b3f7ba4b426e35da4672d2bd259704550bd3e54b08478e72f1d7ff2f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a08ca5a5acd8589b904399a709241961640cbdb0e57e40c21ee67c522b10307
9eb6194fae602dd374064598b1150d42b1dd4c4ab2c66cf87d947e7a77290fb6
9f96b848d871abdd12ebf5f25e66699fa97d6e9428041014b49ee40e77499b2e
a18c7df9d1cb54040139201c1aa3a41d38164efb04452247206daf0e45b4d9fb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6
a3a243b27f625603c48a684a195110dad6febdf6648dcd51124d586d30139e8f
a4ba6b3a53125abb24de9fccf76533354f265775f5d55e1757940f6ae54f10d3
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad0eabdca8ac905b0b89906df677746d2bf7a4a30b633b2629840ea61b17b1d3
adb8222b7c97854c5828e25d0e68f0734d84c9391647b171c4af51907eb1da01
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc
b2366e510291d27d9205308729c8f24461c3770be536b1ceb28982b7bfd6779e
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b45c3cba81e6799c994db3249109d95c79266ae6545eec70302cb9c403213e50
b85e4c09239b1ca45351187ecab9ca515df39419c06fb8d3440f88b04e5b3bec
b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1be4481f94f8dbeac0db34fa65981e1211c794231cb7952d7f2d73f73cb6bfe
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca483c29925a261339d255d0750f1b2a260bc3b572cfa45dd31ff1d22f887616
caed4c0ef39873fadbc4ca0152edb35c3a188013b1964d91b89134a6c9353191
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459
cd70283c33b7213c364c793115496c2dc8dd4bd3f04063d95a8528c41809083b
cdad284970e316f119c94f4531d227eba09b4751e17df0f10a7e1f2aee436579
d46e201a1c928ddaca520b9076e3ae571749979fc9c0cf8fd40b0c1e601644bc
d6280aa20d6371d04adeb64c9f07e89d5e6244081e34f77e9d01c63fb6987b19
d8846cf1de76fdfc4b02ddc7b9cfd40ad89ec8b672b885ac3edd06e9581246d1
d95917532840d6eb57359da112568bcf21a81e763e9f5d315b2dbca7afde425a
ddaf50ede86101fe62bc2e661cb201a088dff2eb9afebdfc516b7d050e2df215
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df420a3cdaffbdc0b54c622a15840170639c38e419e8af5216e68839c26db4b2
e0a416e4f9f80efa4c018dad67c3fdcf504ef9787bf429cf60cfc7220b074a3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cb2d615749a1d29e1aca3211a44309ac2c3cbd6d0427e53a4e9ea20a7bb7a4
e3f93a11695256158f3b57ed19f064bea9adccd7d8e113a01f7d8ddbee19894b
e7a0f700baaa95fe4adc8985e3449ac16f3110c3c98cf572fa25a8696e7fc04d
e9c9606c616ebf69e5e7188e7d3c188f1237e1df3f084a9005845fb1da21ad86
eaf268ffe6e3f08ae7f7949299451eb7df747bd8b78f1cfa37b500250f2d1136
ec9778203ad578836fc1ff2751878ad0fc6b237dda49fa845658350a79df84f0
ed52a7e23a2da561a4db14d43d770b88928a68c3f88877afc6ad846062154e58
eed8a7f12ccd088f0c93775d1bcda95f2e61f92ec5eacc76f1f41c17f8275937
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c7a09d9bc83e12690c61be1fe712c9a254aa88a53f3671985e8bc142919bd4
f21671961ef95e63624ae979e991074a0edec4ab2ad8f69db418fc46748ed3c7
f239d9d7e643887c2c66a044a3a312925ee3788b968e493337f4515f7c0f0de7
f3c970e2a3a152bd4ab75b30551e8f6235a1afe1ff1aaa65c935f75fa0d3ee69
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f63c12c0c715582a720fb8b74c920bb3fb693dd24659e36b1b69d2e50bae4e98
f6adf1415d5e93aaf681139e19f1bcdcf156fea47756cb322c666f2f1a57a234
fed1d139c29eef2adb0a4e640845f57c398dadd92cc13e01c23501f6a23bd1df
ff074e62e80e66fecca7c9678045a73ca66fd5fe47be72c0e367982218ea986a

www.faces.com Open in urlscan Pro 104.18.163.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

239 Requests

93 %HTTPS

32 %IPv6

62 Domains

88 Subdomains

76 IPs

9 Countries

2432 kBTransfer

8933 kBSize

108 Cookies

4 Outgoing links

Page URL History

Redirected requests

239 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.faces.com Open in urlscan Pro
104.18.163.218 Public Scan

Screenshot
Live screenshot

Full Image

239
Requests

93 %
HTTPS

32 %
IPv6

62
Domains

88
Subdomains

76
IPs

9
Countries

2432 kB
Transfer

8933 kB
Size

108
Cookies

239 HTTP transactions
1 data transactions