www.avon.com Open in urlscan Pro
2600:9000:23ca:b000:d:57c7:2580:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://classycosmeticsnow.com/
Effective URL:
https://www.avon.com/repstore/swright1734?rep=swright1734
Submission: On September 22 via api (September 22nd 2024, 11:17:09 am UTC) from US — Scanned from CA

Summary HTTP 71 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 17 IPs in 1 countries across 17 domains to perform 71 HTTP transactions. The main IP is 2600:9000:23ca:b000:d:57c7:2580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.avon.com. The Cisco Umbrella rank of the primary domain is 249562.
TLS certificate: Issued by Corporation Service Company RSA OV SS... on July 23rd 2024. Valid for: a year.

This is the only time www.avon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
20	2600:9000:23c... 2600:9000:23ca:b000:d:57c7:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:247... 2600:9000:247b:8400:14:ccf8:7780:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:20:... 2606:4700:20::681a:aa5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:b9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2008	15169 (GOOGLE) (GOOGLE)
21	3.224.28.243 3.224.28.243	14618 (AMAZON-AES) (AMAZON-AES)
2	157.240.241.17 157.240.241.17	32934 (FACEBOOK) (FACEBOOK)
2	142.250.65.228 142.250.65.228	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.117.39.58 34.117.39.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:28b... 2600:9000:28b2:600:16:4ed5:12c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	142.251.40.227 142.251.40.227	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.34.105 13.226.34.105	16509 (AMAZON-02) (AMAZON-02)
71	17

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

classycosmeticsnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:23ca:b000:d:57c7:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.avon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:f6cb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:247b:8400:14:ccf8:7780:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc-ls.spockee.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:aa5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

acsbap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:b9b (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 3.224.28.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-28-243.compute-1.amazonaws.com

prod-ecom-custapi-aws.avon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.241.17 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-shv-02-lga3.facebook.com

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.228 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.39.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.39.117.34.bc.googleusercontent.com

www.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:28b2:600:16:4ed5:12c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.mczbf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.227 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-105.ewr53.r.cloudfront.net

assets.revlifter.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	avon.com www.avon.com — Cisco Umbrella Rank: 249562 prod-ecom-custapi-aws.avon.com — Cisco Umbrella Rank: 290657	2 MB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 313	197 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 803	57 KB
2	mczbf.com www.mczbf.com — Cisco Umbrella Rank: 5939	18 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
2	facebook.com graph.facebook.com — Cisco Umbrella Rank: 190	214 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	248 KB
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3823 cdn.acsbapp.com — Cisco Umbrella Rank: 4060	96 KB
1	revlifter.io assets.revlifter.io — Cisco Umbrella Rank: 29164	354 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 487	294 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	gstatic.com www.gstatic.com	212 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 794	33 KB
1	upsellit.com www.upsellit.com — Cisco Umbrella Rank: 10702	14 KB
1	acsbap.com 1 redirects acsbap.com — Cisco Umbrella Rank: 18143	616 B
1	spockee.io sc-ls.spockee.io — Cisco Umbrella Rank: 540259	174 KB
1	classycosmeticsnow.com 1 redirects classycosmeticsnow.com	334 B
71	17

	Domain	Requested by
21	prod-ecom-custapi-aws.avon.com	www.avon.com
20	www.avon.com	www.avon.com
11	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
4	unpkg.com	2 redirects www.avon.com
2	www.mczbf.com	www.avon.com www.mczbf.com
2	www.google.com	www.avon.com www.gstatic.com
2	graph.facebook.com	www.avon.com
2	www.googletagmanager.com	www.avon.com www.googletagmanager.com
1	assets.revlifter.io	www.avon.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	code.jquery.com	www.googletagmanager.com
1	www.upsellit.com	www.googletagmanager.com
1	cdn.acsbapp.com	acsbap.com
1	acsbapp.com	www.avon.com
1	acsbap.com	1 redirects
1	sc-ls.spockee.io	www.avon.com
1	classycosmeticsnow.com	1 redirects
71	19

This site contains links to these domains. Also see Links.

Domain
accessibe.com
www.studio1886.com
www.avonworldwide.com
dsef.org
instagram.com
www.facebook.com
youtube.com
www.pinterest.com
twitter.com
www.tiktok.com
policies.google.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.avon.com Corporation Service Company RSA OV SSL CA	`2024-07-23` - `2025-08-16`	a year	crt.sh
spockee.io Amazon RSA 2048 M03	`2024-02-01` - `2025-03-01`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
prod-ecom-aws.avonnow.com Corporation Service Company RSA OV SSL CA	`2024-09-16` - `2025-09-16`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
acsbapp.com WE1	`2024-08-18` - `2024-11-16`	3 months	crt.sh
*.upsellit.com RapidSSL TLS RSA CA G1	`2024-09-10` - `2025-10-03`	a year	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
www.mczbf.com Amazon RSA 2048 M03	`2024-04-20` - `2025-05-19`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.official-coupons.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.avon.com/repstore/swright1734?rep=swright1734
Frame ID: 8A1A17965FA5270F8D0D4B71557ECF87
Requests: 59 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfo4p4lAAAAAK4050lVXXFwMderO5faFjUnkvTd&co=aHR0cHM6Ly93d3cuYXZvbi5jb206NDQz&hl=en&v=EGbODne6buzpTnWrrBprcfAY&size=invisible&cb=fma3g8qje7tb
Frame ID: 982EA23764148637D10374C59EA7BB5E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AVON

Page URL History Show full URLs

https://classycosmeticsnow.com/ HTTP 301
https://www.avon.com/repstore/swright1734?rep=swright1734 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

96 %
HTTPS

63 %
IPv6

17
Domains

19
Subdomains

17
IPs

1
Countries

2751 kB
Transfer

10084 kB
Size

12
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Accessibility Screen-Reader Guide, Feedback, and Issue Reporting

Search URL Search Domain Scan URL

URL: https://www.studio1886.com/
Title: Studio 1886 LA

Search URL Search Domain Scan URL

URL: https://www.avonworldwide.com/
Title: Avon Worldwide (API)

Search URL Search Domain Scan URL

URL: https://dsef.org/ethics-program/
Title: Direct Selling Educational Foundation

Search URL Search Domain Scan URL

URL: https://instagram.com/avoninsider

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Avon

Search URL Search Domain Scan URL

URL: https://youtube.com/avon

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/AvonInsider/

Search URL Search Domain Scan URL

URL: https://twitter.com/avoninsider

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@avoninsider

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://classycosmeticsnow.com/ HTTP 301
https://www.avon.com/repstore/swright1734?rep=swright1734 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://unpkg.com/swiper@8/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css

Request Chain 4

https://unpkg.com/swiper@8/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@8.4.7/swiper-bundle.min.js

Request Chain 20

https://acsbap.com/apps/app/assets/js/acsb.js HTTP 301
https://acsbapp.com/apps/app/assets/js/acsb.js

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request swright1734 Show response
www.avon.com/repstore/
Redirect Chain

https://classycosmeticsnow.com/
https://www.avon.com/repstore/swright1734?rep=swright1734

540 KB
103 KB

415ms
211ms

Document
text/html

2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

New AVON Secu / Express

Resource Hash

103b920578e4cc974ac10a0d397ccd030fc500e8a1425ff1928c5acc8964f1b7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-language: en_US
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
content-type: text/html; charset=utf-8
date: Sun, 22 Sep 2024 11:16:59 GMT
etag: W/"8700c-tvx1kgy7n33aRHmwK2+0sDF9Apo"
server: New AVON Secu
vary: Accept-Encoding
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
x-amz-cf-id: cPCFJcIUt9fbJdMAXysM18Jm0mldiUChwG4WmQR2sBEui469vO37HQ==
x-amz-cf-pop: JFK50-P2
x-cache: Miss from cloudfront
x-frame-options: DENY
x-powered-by: Express

Redirect headers

Connection: close
Content-Length: 92
Content-Type: text/html; charset=utf-8
Date: Sun, 22 Sep 2024 11:16:59 GMT
Location: https://www.avon.com/repstore/swright1734?rep=swright1734
Server: ip-10-123-124-159.ec2.internal
Vary: Accept-Encoding
X-Request-Id: 81153acc-d590-42bc-9ac3-9a0a86f89eec

GET
H2 200 ProximaNova-Bold.woff2
www.avon.com/static/media/ 26 KB
26 KB 67ms
62ms Font
font/woff2 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/static/media/ProximaNova-Bold.woff2

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

eb85416fdde89cd1f835164340360053f9691b8a599cd0d692d5c9bf5d7de5ec

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.avon.com
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

etag: W/"6758-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: qk50suMsBd2QtqbawV4D5Li-MP3GTeiyZ-JEagmE0ObOmUkrlcfYpQ==
date: Sun, 22 Sep 2024 11:17:00 GMT
content-type: font/woff2
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26456
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2 200 ProximaNova-Regular.woff2
www.avon.com/static/media/ 26 KB
27 KB 62ms
57ms Font
font/woff2 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/static/media/ProximaNova-Regular.woff2

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

aadef69803eda971285541967a65293a2817b2428eafc63ccef4633b71dd3a19

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.avon.com
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

etag: W/"6848-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: o6Ypu52hzF_rNadH_fJYp3FGS6EUSstQCghAnMLrs1sxq0-Pmh2SWA==
date: Sun, 22 Sep 2024 11:17:00 GMT
content-type: font/woff2
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26696
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2 200 ChronicleDisplay-Bold.woff2
www.avon.com/static/media/ 18 KB
18 KB 64ms
59ms Font
font/woff2 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/static/media/ChronicleDisplay-Bold.woff2

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

88e7a920da178a4699331e733d1818fd72ac3816d82f253ee754689d37e7b982

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.avon.com
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

etag: W/"4608-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: PEdL43P4OgOALQzh87BYxbHUKg0a2YmGqk29d3YsjhL-OWJ3zHSpbw==
date: Sun, 22 Sep 2024 11:17:00 GMT
content-type: font/woff2
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17928
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@8.4.7/
Redirect Chain

https://unpkg.com/swiper@8/swiper-bundle.min.css
https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css

16 KB
6 KB

45ms
44ms

Stylesheet
text/css

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "406d-rwCOh5O6dcNGNg6U6W482jFM4n8"
age: 854362
x-content-type-options: nosniff
date: Sun, 22 Sep 2024 11:17:00 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J7K8CWSSK286WZ409QTJQQYA-yul
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8c71e2d7490e6e05-YUL
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /swiper@8.4.7/swiper-bundle.min.css
content-encoding: br
cf-cache-status: HIT
age: 307
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8c71e2d6f8f46e05-YUL
access-control-allow-origin: *
date: Sun, 22 Sep 2024 11:17:00 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01J8CPWMMTKW2KSM4AJTV8Y0VG-yul
server: cloudflare

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@8.4.7/
Redirect Chain

https://unpkg.com/swiper@8/swiper-bundle.min.js
https://unpkg.com/swiper@8.4.7/swiper-bundle.min.js

140 KB
50 KB

28ms
27ms

Script
application/javascript

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@8.4.7/swiper-bundle.min.js

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "2315a-9NyNRghnOcWBIRhbLQ9OGQcQ8Rs"
age: 4401867
x-content-type-options: nosniff
date: Sun, 22 Sep 2024 11:17:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J49H7NJ8X0797TCFS8GG21M0-yul
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8c71e2d7f93d6e05-YUL
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /swiper@8.4.7/swiper-bundle.min.js
content-encoding: br
cf-cache-status: HIT
age: 285
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8c71e2d6f8f56e05-YUL
access-control-allow-origin: *
date: Sun, 22 Sep 2024 11:17:00 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01J8CPX9TE5YMRPY523HABZXXV-yul
server: cloudflare

GET
H2 200 shoppable.umd.js Show response
sc-ls.spockee.io/ 578 KB
174 KB 424ms
30ms Script
application/javascript 2600:9000:247b:8400:14:ccf8:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-ls.spockee.io/shoppable.umd.js
Requested by: Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:8400:14:ccf8:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf740cba14a75aaccc855e6d2a1add7d36578ec4078ee2393aea7f7cad9ac750

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
etag: W/"489765b71035481f5345e77fb4add159"
x-amz-version-id: null
age: 82203
via: 1.1 e70925a92da0404e239c3620389c3dd0.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: pkkMyWiuA2R-UgavobNM1U22caRSF_WMENBZ3yRKnKCUNPfwQNBREg==
date: Sat, 21 Sep 2024 15:37:20 GMT
content-type: application/javascript
last-modified: Fri, 13 Sep 2024 09:31:45 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256

GET
H2 200 components-layout.0ebbd74e.chunk.css
www.avon.com/static/css/ 114 B
642 B 61ms
58ms Stylesheet
text/css 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/static/css/components-layout.0ebbd74e.chunk.css

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

e667c297eb23df49cbfdc1789733173869e279b43b51c0c9ff73c83b501e0744

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

etag: W/"72-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: c_P1hXAmzfScuh-fGAe9urIEPBkYI0XfPXvPsC4cudsr4PJP7WGg4w==
date: Sun, 22 Sep 2024 11:17:00 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 114
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2 200 main.7d5e8d36.chunk.css
www.avon.com/static/css/ 1 KB
769 B 88ms
84ms Stylesheet
text/css 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/static/css/main.7d5e8d36.chunk.css

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

0b6379402b2a1256795977bd1f381d8e58969158328aa3542284b710ddb39222

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

content-encoding: gzip
etag: W/"429-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: VkuEYLhwccbnyY9G28lXgFzdLADy1qIPSWei0-qh2jXlBAzCBjPNww==
date: Sun, 22 Sep 2024 11:17:00 GMT
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2 200 340.4d717877.chunk.css
www.avon.com/static/css/ 35 KB
8 KB 54ms
42ms Stylesheet
text/css 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/static/css/340.4d717877.chunk.css

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

e20ed4bea90c6b0c0686149a25e907349ca5a0b89c48d32605ab9067c730a64a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

content-encoding: gzip
etag: W/"8b07-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: RiBf0DEBtZ0FaQWv399u4vztsfYk3LU6qONFKO8DxJopcJqhbv1SmQ==
date: Sun, 22 Sep 2024 11:17:00 GMT
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2 200 runtime-main.b3053f49.js Show response
www.avon.com/static/js/ 32 KB
9 KB 61ms
47ms Script
application/javascript 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/static/js/runtime-main.b3053f49.js

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

f5c8b340ffcb5268a5eef78621bcc0fe672e5fb95decc4b07c5cd3d09c8b45fa

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

content-encoding: gzip
etag: W/"812e-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: CbZS0AJ1VuM0KQZkJ8WEVckBmPJpBOJtTwhme5W_zkUrzPX8Zv8zlA==
date: Sun, 22 Sep 2024 11:17:00 GMT
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2 200 340.935f528b.chunk.js Show response
www.avon.com/static/js/ 4 MB
1 MB 86ms
72ms Script
application/javascript 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/static/js/340.935f528b.chunk.js

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

fb4c721469c99db9a254901a74ac4b48410ca92ac44ccef0577563618a8397dd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

content-encoding: gzip
etag: W/"3d2463-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: M0K6cMXAaYZWpVt-kjFLGdg8Jii_dRuUz4QxTQlnnY954GzAxJoFtA==
date: Sun, 22 Sep 2024 11:17:00 GMT
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2 200 main.8e852e3b.chunk.js Show response
www.avon.com/static/js/ 1000 KB
258 KB 85ms
72ms Script
application/javascript 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/static/js/main.8e852e3b.chunk.js

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

65646336dab0e49ca3bea43384d5cd4820110c707226e320df27bf6a69647925

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

content-encoding: gzip
etag: W/"fa085-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: ItOKhBjwatNW14ChDtqmClQS-0khUwt_S51BpLzOvOzScc_C8WfwSQ==
date: Sun, 22 Sep 2024 11:17:00 GMT
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2 200 0.720e97e2.chunk.js Show response
www.avon.com/static/js/ 56 KB
20 KB 65ms
52ms Script
application/javascript 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/static/js/0.720e97e2.chunk.js

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

1ab0484db897684cea4f54ee52246245225530d502e39726b250916f4aa4e4a8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

content-encoding: gzip
etag: W/"e162-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: PhplvA8IAExPFWdIwHxVdO6j98tKhFXC-VPl0lRj5Muf74XF2LtkSA==
date: Sun, 22 Sep 2024 11:17:00 GMT
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2 200 19.ce128149.chunk.js Show response
www.avon.com/static/js/ 44 KB
15 KB 290ms
277ms Script
application/javascript 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/static/js/19.ce128149.chunk.js

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

9340e1074709aee3627b44fba4826ce9db24bd3c33d924fdcfd5bfe8d5375907

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

content-encoding: gzip
etag: W/"afa6-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: DtDRcsHr0-Ly-7hGuM0F_1Ta_PJokRZfI1Qw46lCQYwFZ0ncMbvg6w==
date: Sun, 22 Sep 2024 11:17:00 GMT
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2 200 18.b746680b.chunk.js Show response
www.avon.com/static/js/ 168 KB
38 KB 143ms
139ms Script
application/javascript 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/static/js/18.b746680b.chunk.js

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

dd24b7014d423a38b278d87858c8f51b32266d03206b064a2a30d1f303b7a239

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

content-encoding: gzip
etag: W/"2a136-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: D6ozruwZhLZanIBLNSGrYAKUN9t79O1l--hm1Vx6ljWah1go8z_eJQ==
date: Sun, 22 Sep 2024 11:17:00 GMT
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2 200 components-layout.3b04924b.chunk.js Show response
www.avon.com/static/js/ 22 KB
6 KB 140ms
137ms Script
application/javascript 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/static/js/components-layout.3b04924b.chunk.js

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

47e3080969634b8a3a165d426e8cc5a28ac0b15599addf3ca33c3f8c4dfc0e6c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

content-encoding: gzip
etag: W/"5765-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 6mNwNrUnUnb-DUZmtqQBzuB4uXTlAx41oLKIqq_MxUe1AoIyiE0lOw==
date: Sun, 22 Sep 2024 11:17:00 GMT
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2 200 QuickModalAsCustomer.d0b56ee9.chunk.js Show response
www.avon.com/static/js/ 4 KB
2 KB 140ms
138ms Script
application/javascript 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/static/js/QuickModalAsCustomer.d0b56ee9.chunk.js

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

9700a860b55365e84b0b9763f4f2949537d00e160e099e1eec1c9db6bbdb86a0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

content-encoding: gzip
etag: W/"eb7-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: zY6nsaPwZWcpXQrpv5FPRecTDgCCvZF1b6SDG3h8zf9y1QX1l7pXMg==
date: Sun, 22 Sep 2024 11:17:00 GMT
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2 200 pages-repStore-RepStorePage.d2a5456b.chunk.js Show response
www.avon.com/static/js/ 46 KB
16 KB 141ms
139ms Script
application/javascript 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/static/js/pages-repStore-RepStorePage.d2a5456b.chunk.js

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

eadbdb4ea7f252d6d828eb4a0d8fdfedeebe0c52e4570a2bceb068038bd810ce

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

content-encoding: gzip
etag: W/"b72f-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: -QPHti7mfd8Udm2yZSirbT4QGgcfxc0zxI-INNe_HBeWydxSPhOIgQ==
date: Sun, 22 Sep 2024 11:17:00 GMT
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2 200 icon_accessibility.svg
www.avon.com/static/media/ 1 KB
997 B 141ms
138ms Image
image/svg+xml 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avon.com/static/media/icon_accessibility.svg

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a18883bd618b76f0c5dd48129c617ac2817211cc7cb78bb8e7a07e743fc8b196

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

content-encoding: gzip
etag: W/"4b6-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: LjcF1oI-qAO7zaK81MPzS-Nd7s04RKUEl3v1ZyIGYg8b6gnzmhxkNQ==
date: Sun, 22 Sep 2024 11:17:00 GMT
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
vary: Accept-Encoding
content-type: image/svg+xml
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2 200 icon_top.svg
www.avon.com/static/media/ 904 B
1 KB 47ms
46ms Image
image/svg+xml 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avon.com/static/media/icon_top.svg

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

b312b721ef292645e4f91132240f37fddc74da2210ec974fa35fd175efc9c150

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

etag: W/"388-191fed83560"
x-cache: RefreshHit from cloudfront
x-amz-cf-id: xPpEPX5Gd1pVboaPooDt_uZAjJFPgHdkxHlkaFmLnHJ6_1NhoEcMKA==
date: Sun, 22 Sep 2024 11:17:01 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2024 07:17:48 GMT
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 904
x-amz-cf-pop: JFK50-P2
x-powered-by: Express

GET
H2

200

acsb.js Show response
acsbapp.com/apps/app/assets/js/
Redirect Chain

https://acsbap.com/apps/app/assets/js/acsb.js
https://acsbapp.com/apps/app/assets/js/acsb.js

314 KB
95 KB

365ms
81ms

Script
application/javascript

2606:4700:10::ac43:b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/assets/js/acsb.js
Requested by: Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734
Protocol: H2
Server: 2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83e4c87061af70dd9f77102fae3675e081d33c42f0b77a6600dd1ae8415d87ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: *
x-goog-hash: crc32c=aE5v4A==, md5=NWx3WQ8fu6v0I1J5HiT0lg==
cf-cache-status: REVALIDATED
etag: W/"356c77590f1fbbabf42352791e24f496"
content-encoding: br
x-goog-stored-content-encoding: identity
expires: Mon, 22 Sep 2025 11:17:02 GMT
x-goog-stored-content-length: 321165
date: Sun, 22 Sep 2024 11:17:02 GMT
content-type: application/javascript
last-modified: Sun, 22 Sep 2024 09:02:01 GMT
vary: Accept-Encoding
x-guploader-uploadid: AD-8ljv0GUVU-XLLr-nnMG_-0H55jYPsdjGURU-GDtyAoQRxYBKAWAXjZjV3kGo2xeagxrfZL1U
cache-control: public, max-age=300, must-revalidate
x-goog-storage-class: STANDARD
cf-ray: 8c71e2e26c48a1ff-YYZ
access-control-allow-origin: *
x-goog-generation: 1726995721272305
server: cloudflare

Redirect headers

cache-control: max-age=3600, no-cache
location: https://acsbapp.com/apps/app/assets/js/acsb.js
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5J3L6mNTl7arEkQlSx3N8PS101bcx4%2B3AYcZ13zuEf36mW9Lz5lN2MSW4AWlb4dMCXZs%2F7R7xnxRW3adAoJlx3NLossCitYvIkq1mTDoh1W5s9tvohYXc7pBxoraGh92cB6X99y2kzQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c71e2db580539cf-YYZ
access-control-allow-origin: *
content-length: 167
date: Sun, 22 Sep 2024 11:17:01 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 622 KB
153 KB 431ms
83ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PKW9XKX&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84c3ced6463a2b5b6e58b80820c02b8c33d5ad29233fbcedc3bac0a121b0b171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

content-encoding: gzip
expires: Sun, 22 Sep 2024 11:17:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Sep 2024 11:17:02 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 22 Sep 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 156008
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 currentCampaign Show response
prod-ecom-custapi-aws.avon.com/v1/avon/product/ 150 B
775 B 108ms
44ms XHR
application/json 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-ecom-custapi-aws.avon.com/v1/avon/product/currentCampaign

Requested by

Host: www.avon.com
URL: https://www.avon.com/static/js/340.935f528b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-28-243.compute-1.amazonaws.com

Software

Resource Hash

ee4ca74932197e7cf7989c308fd90adf808e23ad0c3645e713cbdcec1c2de052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Shopper-Id: 1727003819877
Referer: https://www.avon.com/
Accept-Language: en_US
Accept: application/json, text/plain, */*
Campaign-No: 202419
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
AccessId: ANhr_owtuOltHsya04XzD7mt8EYeKc2C8s1S8lei4Eye6jbJANNgUxqz9f9EGfdXPkk8PqbPTUzatGAaYKXIQA==

Response headers

access-control-max-age: 3600
content-encoding: gzip
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
x-content-type-options: nosniff
expires: 0
date: Sun, 22 Sep 2024 11:17:02 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.avon.com
x-xss-protection: 1; mode=block

GET
H2 200 campaigns Show response
prod-ecom-custapi-aws.avon.com/v1/avon/common/ 74 B
728 B 98ms
36ms XHR
application/json 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-ecom-custapi-aws.avon.com/v1/avon/common/campaigns

Requested by

Host: www.avon.com
URL: https://www.avon.com/static/js/340.935f528b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-28-243.compute-1.amazonaws.com

Software

Resource Hash

6894921b38427e7d22372792eeba60335f2bd8cc3574c6edfdbef818187feff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Shopper-Id: 1727003819877
Referer: https://www.avon.com/
Accept-Language: en_US
Accept: application/json, text/plain, */*
Campaign-No: 202419
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
AccessId: ANhr_owtuOltHsya04XzD7mt8EYeKc2C8s1S8lei4Eye6jbJANNgUxqz9f9EGfdXPkk8PqbPTUzatGAaYKXIQA==

Response headers

access-control-max-age: 3600
content-encoding: gzip
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
x-content-type-options: nosniff
expires: 0
date: Sun, 22 Sep 2024 11:17:02 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.avon.com
x-xss-protection: 1; mode=block

GET
H2 200 en_US Show response
www.avon.com/locales/ 471 KB
96 KB 71ms
68ms Fetch
application/json 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/locales/en_US

Requested by

Host: www.avon.com
URL: https://www.avon.com/static/js/340.935f528b.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

New AVON Secu / Express

Resource Hash

86c709dc026d4b7b95c4545192edc31b87e03a87ae081b1f5d43415a994ec6cd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

content-encoding: gzip
etag: W/"75d49-AozKB6XO23o3/kd8ZdBOeADaFkE"
x-cache: Miss from cloudfront
x-amz-cf-id: RprOPk8pdik1FIGoQvjc9lBUrQY8nbQZkLA3A3SU3a3ROixaHa-WEw==
date: Sun, 22 Sep 2024 11:17:02 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P2
content-language: en_US
x-powered-by: Express
server: New AVON Secu

GET
H2 403 / Show response
prod-ecom-custapi-aws.avon.com/v1/avon/bar/ 50 B
731 B 106ms
44ms XHR
application/json 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-ecom-custapi-aws.avon.com/v1/avon/bar/

Requested by

Host: www.avon.com
URL: https://www.avon.com/static/js/340.935f528b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-28-243.compute-1.amazonaws.com

Software

Resource Hash

6193d0725b589da0caf0434a0238360262364b12e475bc34cbd6f6ec58943ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Shopper-Id: 1727003819877
Referer: https://www.avon.com/
Accept-Language: en_US
Accept: application/json, text/plain, */*
Campaign-No: 202419
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
AccessId: ANhr_owtuOltHsya04XzD7mt8EYeKc2C8s1S8lei4Eye6jbJANNgUxqz9f9EGfdXPkk8PqbPTUzatGAaYKXIQA==

Response headers

access-control-max-age: 3600
content-encoding: gzip
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
x-content-type-options: nosniff
expires: 0
date: Sun, 22 Sep 2024 11:17:02 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.avon.com
x-xss-protection: 1; mode=block

OPTIONS
H2 200 currentCampaign
prod-ecom-custapi-aws.avon.com/v1/avon/product/ Frame 0
0 451ms
32ms Preflight 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-ecom-custapi-aws.avon.com/v1/avon/product/currentCampaign
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-28-243.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept-language,accessid,campaign-no,shopper-id
Access-Control-Request-Method: GET
Origin: https://www.avon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
access-control-allow-origin: https://www.avon.com
access-control-max-age: 3600
content-length: 0
date: Sun, 22 Sep 2024 11:17:02 GMT

OPTIONS
H2 200 campaigns
prod-ecom-custapi-aws.avon.com/v1/avon/common/ Frame 0
0 452ms
34ms Preflight 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-ecom-custapi-aws.avon.com/v1/avon/common/campaigns
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-28-243.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept-language,accessid,campaign-no,shopper-id
Access-Control-Request-Method: GET
Origin: https://www.avon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
access-control-allow-origin: https://www.avon.com
access-control-max-age: 3600
content-length: 0
date: Sun, 22 Sep 2024 11:17:02 GMT

OPTIONS
H2 200 /
prod-ecom-custapi-aws.avon.com/v1/avon/bar/ Frame 0
0 163ms
33ms Preflight 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-ecom-custapi-aws.avon.com/v1/avon/bar/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-28-243.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept-language,accessid,campaign-no,shopper-id
Access-Control-Request-Method: GET
Origin: https://www.avon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
access-control-allow-origin: https://www.avon.com
access-control-max-age: 3600
content-length: 0
date: Sun, 22 Sep 2024 11:17:02 GMT

OPTIONS
H3 200 events
graph.facebook.com/v14.0/871234100308449/ Frame 0
0 125ms
71ms Preflight
application/json 157.240.241.17
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/v14.0/871234100308449/events?access_token=EAAFspqpdLncBAOkX4N5ZC4Ib4b66ZAJMeSdf2z1A8vx92ssWkSlJ7fo0ZC8tVPi8cFZABBhojle9krNm7QiMnefqI28LVBAtqwujlmdnso4UJtTBrbAzZAkPVHaJlimxgGcwGhBR2xtT7V156jNeVrLKYLvl2SHYprMbztHTNfdyPlx7vdWZCn8qmdnGke89sZD

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.17 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-shv-02-lga3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.avon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-type: application/json; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Sep 2024 11:17:02 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v15.0
pragma: no-cache
priority: u=1,i
strict-transport-security: max-age=15552000; preload
vary: Origin
x-ad-api-version-warning: The call has been auto-upgraded to v15.0 as v14.0 has been deprecated.
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=23, mss=1232, tbw=4425, tp=9, tpl=0, uplat=45, ullat=0
x-fb-debug: Up67msPnxQ06jLgpHXT4oFzalMOkQE9rXI7ZDctVlRACuz6DA6MqduHf+uLOJwWJ0/5Ea2gsjK1kUxiFdB7xQA==
x-fb-request-id: AfM4lmxXtIfkLCHoLldHkZH
x-fb-rev: 1016702211
x-fb-trace-id: HgS/+iBNdov

OPTIONS
H2 200 swright1734
prod-ecom-custapi-aws.avon.com/v1/avon/repStore/ Frame 0
0 32ms
32ms Preflight 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-ecom-custapi-aws.avon.com/v1/avon/repStore/swright1734
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-28-243.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept-language,accessid,campaign-no,shopper-id
Access-Control-Request-Method: GET
Origin: https://www.avon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
access-control-allow-origin: https://www.avon.com
access-control-max-age: 3600
content-length: 0
date: Sun, 22 Sep 2024 11:17:02 GMT

OPTIONS
H2 200 media
prod-ecom-custapi-aws.avon.com/v1/avon/repStore/undefined/ Frame 0
0 32ms
32ms Preflight 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-ecom-custapi-aws.avon.com/v1/avon/repStore/undefined/media?mediaType=MEDIA_TYPE_MOV&page=1&pageSize=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-28-243.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept-language,accessid,campaign-no,shopper-id
Access-Control-Request-Method: GET
Origin: https://www.avon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
access-control-allow-origin: https://www.avon.com
access-control-max-age: 3600
content-length: 0
date: Sun, 22 Sep 2024 11:17:02 GMT

POST
H3 200 events Show response
graph.facebook.com/v14.0/871234100308449/ 101 B
214 B 104ms
103ms XHR
application/json 157.240.241.17
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.avon.com
URL: https://www.avon.com/static/js/340.935f528b.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.17 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-shv-02-lga3.facebook.com

Software

Resource Hash

773792c6a0c3691f0948edd763d26836ef295fc565c409b6260a1961e723bf48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.avon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
x-fb-trace-id: ED8uqhNlUR2
facebook-api-version: v15.0
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Sep 2024 11:17:02 GMT
content-type: application/json
vary: Origin
x-fb-debug: bQF1/lfsUXfBaIejg2QoTITMDgHviiMDGwA2XiYKyNJlguCNRGVnifwhQmG7866tbhLn5W9pz7crh6+TVxux3A==
priority: u=1,i
strict-transport-security: max-age=15552000; preload
x-fb-rev: 1016702211
cache-control: private, no-cache, no-store, must-revalidate
x-ad-api-version-warning: The call has been auto-upgraded to v15.0 as v14.0 has been deprecated.
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=24, mss=1232, tbw=5241, tp=12, tpl=0, uplat=79, ullat=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-fb-request-id: AmSDdwFcqY6KgYYAZD6u6hl
access-control-allow-origin: *
content-length: 101

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 114ms
47ms Script
text/javascript 142.250.65.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6Lfo4p4lAAAAAK4050lVXXFwMderO5faFjUnkvTd

Requested by

Host: www.avon.com
URL: https://www.avon.com/static/js/340.935f528b.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.228 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f4.1e100.net

Software

ESF /

Resource Hash

9163c819c516bc131e159a2266a3918c58f229ee59a8b5ae59ae003bfc5cad4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sun, 22 Sep 2024 11:17:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sun, 22 Sep 2024 11:17:02 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 403 swright1734 Show response
prod-ecom-custapi-aws.avon.com/v1/avon/repStore/ 57 B
740 B 47ms
45ms XHR
application/json 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-ecom-custapi-aws.avon.com/v1/avon/repStore/swright1734

Requested by

Host: www.avon.com
URL: https://www.avon.com/static/js/340.935f528b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-28-243.compute-1.amazonaws.com

Software

Resource Hash

4e45c7692423ec2d0b6dd609dd7467a5ec08fc83bb0f5a22f36c53a88f6e0c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Shopper-Id: 1727003819877
Referer: https://www.avon.com/
Accept-Language: en_US
Accept: application/json, text/plain, */*
Campaign-No: 202419
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
AccessId: ANhr_owtuOltHsya04XzD7mt8EYeKc2C8s1S8lei4Eye6jbJANNgUxqz9f9EGfdXPkk8PqbPTUzatGAaYKXIQA==

Response headers

access-control-max-age: 3600
content-encoding: gzip
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
x-content-type-options: nosniff
expires: 0
date: Sun, 22 Sep 2024 11:17:03 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.avon.com
x-xss-protection: 1; mode=block

GET
H2 500 media Show response
prod-ecom-custapi-aws.avon.com/v1/avon/repStore/undefined/ 81 B
760 B 37ms
36ms XHR
application/json 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-ecom-custapi-aws.avon.com/v1/avon/repStore/undefined/media?mediaType=MEDIA_TYPE_MOV&page=1&pageSize=10

Requested by

Host: www.avon.com
URL: https://www.avon.com/static/js/340.935f528b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-28-243.compute-1.amazonaws.com

Software

Resource Hash

caac3c085b4446069dff403b72c8917ab3d584b1148082e4078a6019e35413a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Shopper-Id: 1727003819877
Referer: https://www.avon.com/
Accept-Language: en_US
Accept: application/json, text/plain, */*
Campaign-No: 202419
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
AccessId: ANhr_owtuOltHsya04XzD7mt8EYeKc2C8s1S8lei4Eye6jbJANNgUxqz9f9EGfdXPkk8PqbPTUzatGAaYKXIQA==

Response headers

access-control-max-age: 3600
content-encoding: gzip
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
x-content-type-options: nosniff
expires: 0
date: Sun, 22 Sep 2024 11:17:02 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.avon.com
x-xss-protection: 1; mode=block

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/avon.com/ 162 B
696 B 149ms
85ms Fetch
application/json 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/avon.com/config.json?page=https%3A%2F%2Fwww.avon.com%2Frepstore%2Fswright1734%3Frep%3Dswright1734
Requested by: Host: acsbap.com
URL: https://acsbap.com/apps/app/assets/js/acsb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91cda21458429c3d07157fe44706203343612e270bb1707c4d69679a0b7e1d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=HwIjow==, md5=fmydJthG7HA4vyc6P4JNfg==
cf-cache-status: MISS
etag: W/"7e6c9d26d846ec7038bf273a3f824d7e"
content-encoding: br
x-goog-stored-content-encoding: identity
expires: Mon, 22 Sep 2025 11:17:03 GMT
x-goog-stored-content-length: 162
date: Sun, 22 Sep 2024 11:17:03 GMT
content-type: application/json
last-modified: Tue, 20 Feb 2024 14:55:38 GMT
vary: Accept-Encoding
x-guploader-uploadid: AD-8ljtWeWMXp7krngLwGMN1X846mfns01oSMeILIwpf_kMBsUYNX0bylGQrNPPg9SbfeFy6vhk
cache-control: public, max-age=300, must-revalidate
x-goog-storage-class: STANDARD
cf-ray: 8c71e2e93d5e39cb-YYZ
access-control-allow-origin: *
x-goog-generation: 1708440938205011
server: cloudflare

GET
H2 200 / Show response
prod-ecom-custapi-aws.avon.com/v1/avon/cart/ 602 B
993 B 112ms
105ms XHR
application/json 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-ecom-custapi-aws.avon.com/v1/avon/cart/

Requested by

Host: www.avon.com
URL: https://www.avon.com/static/js/340.935f528b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-28-243.compute-1.amazonaws.com

Software

Resource Hash

047c0f4527fbf771c5386bea26d086099935c4278c59a1054b6fae53e447e04e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Shopper-Id: 1727003819877
Referer: https://www.avon.com/
Accept-Language: en_US
Accept: application/json, text/plain, */*
Campaign-No: 202419
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
AccessId: ANhr_owtuOltHsya04XzD7mt8EYeKc2C8s1S8lei4Eye6jbJANNgUxqz9f9EGfdXPkk8PqbPTUzatGAaYKXIQA==

Response headers

access-control-max-age: 3600
content-encoding: gzip
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
x-content-type-options: nosniff
expires: 0
date: Sun, 22 Sep 2024 11:17:03 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.avon.com
x-xss-protection: 1; mode=block

GET
H2 200 marketing-message Show response
prod-ecom-custapi-aws.avon.com/v1/avon/common/ 1 KB
1 KB 62ms
54ms XHR
application/json 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-ecom-custapi-aws.avon.com/v1/avon/common/marketing-message

Requested by

Host: www.avon.com
URL: https://www.avon.com/static/js/340.935f528b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-28-243.compute-1.amazonaws.com

Software

Resource Hash

76d3e76ca06340e79b7c121d65944be00008b682b0498b1c982bb3b570f0dd25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Shopper-Id: 1727003819877
Referer: https://www.avon.com/
Accept-Language: en_US
Accept: application/json, text/plain, */*
Campaign-No: 202419
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
AccessId: ANhr_owtuOltHsya04XzD7mt8EYeKc2C8s1S8lei4Eye6jbJANNgUxqz9f9EGfdXPkk8PqbPTUzatGAaYKXIQA==

Response headers

access-control-max-age: 3600
content-encoding: gzip
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
x-content-type-options: nosniff
expires: 0
date: Sun, 22 Sep 2024 11:17:03 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.avon.com
x-xss-protection: 1; mode=block

OPTIONS
H2 200 /
prod-ecom-custapi-aws.avon.com/v1/avon/cart/ Frame 0
0 36ms
34ms Preflight 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-ecom-custapi-aws.avon.com/v1/avon/cart/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-28-243.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept-language,accessid,campaign-no,shopper-id
Access-Control-Request-Method: GET
Origin: https://www.avon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
access-control-allow-origin: https://www.avon.com
access-control-max-age: 3600
content-length: 0
date: Sun, 22 Sep 2024 11:17:03 GMT

OPTIONS
H2 200 marketing-message
prod-ecom-custapi-aws.avon.com/v1/avon/common/ Frame 0
0 35ms
33ms Preflight 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-ecom-custapi-aws.avon.com/v1/avon/common/marketing-message
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-28-243.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept-language,accessid,campaign-no,shopper-id
Access-Control-Request-Method: GET
Origin: https://www.avon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
access-control-allow-origin: https://www.avon.com
access-control-max-age: 3600
content-length: 0
date: Sun, 22 Sep 2024 11:17:03 GMT

GET
H2 200 promotion-message Show response
prod-ecom-custapi-aws.avon.com/v1/avon/common/ 164 B
802 B 72ms
53ms XHR
application/json 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-ecom-custapi-aws.avon.com/v1/avon/common/promotion-message

Requested by

Host: www.avon.com
URL: https://www.avon.com/static/js/340.935f528b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-28-243.compute-1.amazonaws.com

Software

Resource Hash

1f1f69cd30083be79fd7ed82045bf0f2faa7a9f6a1199b81ea4224498e3305dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Shopper-Id: 1727003819877
Referer: https://www.avon.com/
Accept-Language: en_US
Accept: application/json, text/plain, */*
Campaign-No: 202419
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
AccessId: ANhr_owtuOltHsya04XzD7mt8EYeKc2C8s1S8lei4Eye6jbJANNgUxqz9f9EGfdXPkk8PqbPTUzatGAaYKXIQA==

Response headers

access-control-max-age: 3600
content-encoding: gzip
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
x-content-type-options: nosniff
expires: 0
date: Sun, 22 Sep 2024 11:17:03 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.avon.com
x-xss-protection: 1; mode=block

GET
H2 200 rep-acct-nr Show response
prod-ecom-custapi-aws.avon.com/v1/avon/common/swright1734/ 59 B
737 B 48ms
48ms XHR
application/json 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-ecom-custapi-aws.avon.com/v1/avon/common/swright1734/rep-acct-nr

Requested by

Host: www.avon.com
URL: https://www.avon.com/static/js/340.935f528b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-28-243.compute-1.amazonaws.com

Software

Resource Hash

17e021c5a1127c47e2fb3c9395235a1e7826d46537110d5eafa3f0f4fe7d9a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.avon.com/

Response headers

access-control-max-age: 3600
content-encoding: gzip
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
x-content-type-options: nosniff
expires: 0
date: Sun, 22 Sep 2024 11:17:03 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.avon.com
x-xss-protection: 1; mode=block

OPTIONS
H2 200 promotion-message
prod-ecom-custapi-aws.avon.com/v1/avon/common/ Frame 0
0 32ms
31ms Preflight 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-ecom-custapi-aws.avon.com/v1/avon/common/promotion-message
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-28-243.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept-language,accessid,campaign-no,shopper-id
Access-Control-Request-Method: GET
Origin: https://www.avon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
access-control-allow-origin: https://www.avon.com
access-control-max-age: 3600
content-length: 0
date: Sun, 22 Sep 2024 11:17:03 GMT

GET
H2 200 avon.jsp Show response
www.upsellit.com/active/ 45 KB
14 KB 92ms
29ms Script
application/x-javascript 34.117.39.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upsellit.com/active/avon.jsp

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKW9XKX&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.39.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.39.117.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

4581243614c4801879981cabde0a1615ae368a0b12c94b85aa945543ecb2edf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
content-encoding: gzip
age: 49731
via: 1.1 google
expires: Sun, 22 Sep 2024 21:28:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13811
date: Sat, 21 Sep 2024 21:28:12 GMT
content-type: application/x-javascript;charset=ISO-8859-1
vary: Accept-Encoding
server: nginx

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 104ms
33ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKW9XKX&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

content-md5: jwlUUXc1HMPClYXMpY+NPQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCD8E0A0C68C67
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 75396
x-content-type-options: nosniff
date: Sun, 22 Sep 2024 11:17:03 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 19:24:06 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 272231be-201e-00d7-738d-0bd9ad000000
cf-ray: 8c71e2ea2d9b6e08-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6881
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
95 KB 56ms
52ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZW8FMEPFC6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKW9XKX&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02c5d5615e6f44494a7b6ab02b8e3ca25ef1fa69a76b902788de33e7debf04da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Sun, 22 Sep 2024 11:17:03 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97196
date: Sun, 22 Sep 2024 11:17:03 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H/1.1 200
OK tag.js Show response
www.mczbf.com/tags/12143/ 54 KB
17 KB 162ms
39ms Script
application/javascript 2600:9000:28b2:600:16:4ed5:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mczbf.com/tags/12143/tag.js
Requested by: Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:28b2:600:16:4ed5:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 927d4039c3d1538ce62a4a717df1f448db8fb2fabf3b8af51ab45830e5cfb820

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

Transfer-Encoding: chunked
X-Robots-Tag: noindex, nofollow
X-Request-ID: e8c5a6f7-78d1-11ef-96d1-cb2fef0f7a52
Cache-Control: max-age=1800
Content-Encoding: gzip
Age: 981
Connection: keep-alive
Via: 1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 9WxQ-vHV_ut6yNX3dro_5ln58YcPn0p9p8OkxfgqFwldR6o6DvtRIQ==
Date: Sun, 22 Sep 2024 11:00:42 GMT
Content-Type: application/javascript; charset=UTF-8
X-Amz-Cf-Pop: JFK52-P8
Server: nginx

GET
H2 200 jquery-latest.min.js Show response
code.jquery.com/ 94 KB
33 KB 80ms
20ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-latest.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKW9XKX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-1762a"
age: 3293414
x-cache: HIT, HIT
date: Sun, 22 Sep 2024 11:17:03 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 10270, 95862
x-served-by: cache-lga21983-LGA, cache-yul1970021-YUL
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1727003824.710302,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33202
server: nginx

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/ 538 KB
212 KB 87ms
27ms Script
text/javascript 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lfo4p4lAAAAAK4050lVXXFwMderO5faFjUnkvTd

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

4943e91f7f53318d481ca07297395abbc52541c2be55d7276ecda152cd7ad9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.avon.com
Referer: https://www.avon.com/

Response headers

content-encoding: gzip
age: 2627
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Mon, 22 Sep 2025 10:33:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Sep 2024 10:33:16 GMT
last-modified: Tue, 03 Sep 2024 02:00:38 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 217247
x-xss-protection: 0
server: sffe

GET
H2 200 022d0231-84ce-4cf3-85d4-f965383ca81f.json Show response
cdn.cookielaw.org/consent/022d0231-84ce-4cf3-85d4-f965383ca81f/ 6 KB
2 KB 79ms
41ms XHR
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/022d0231-84ce-4cf3-85d4-f965383ca81f/022d0231-84ce-4cf3-85d4-f965383ca81f.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f0c682913893a08952bd32f05d586de3d1a36144d422335c7101bd2f2dbef31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

content-md5: /0BxpSY44yeOjM9mwDwM9w==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DC3A3C5E1975BA
age: 70359
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Mon, 23 Sep 2024 11:17:03 GMT
date: Sun, 22 Sep 2024 11:17:03 GMT
content-type: application/json
last-modified: Fri, 01 Mar 2024 22:10:13 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 17b94702-001e-00a9-5667-79f8f1000000
cf-ray: 8c71e2eb384f7151-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1781
x-ms-blob-type: BlockBlob
server: cloudflare

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 122ms
44ms Fetch
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZW8FMEPFC6&gtm=45je49j0v9126751945z8832010179za200zb832010179&_p=1727003822042&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=163091689.1727003824&ecid=89665104&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1727003823&sct=1&seg=0&dl=https%3A%2F%2Fwww.avon.com%2Frepstore%2Fswright1734%3Frep%3Dswright1734&dt=AVON&en=page_view&_fv=1&_nsi=1&_ss=1&ep.user_type_event=guest&ep.device_channel=pc_web&ep.page_grouping=Rep%20Store%20Pages&ep.attachment_status_event=Unattached&ep.avon_campaign_event=C19&ep.log_in_status_event=N&ep.attached_webpage_event=swright1734&up.user_type=guest&up.loa_count=0&up.first_order_campaign=0&up.user_language=en&tfd=4953
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZW8FMEPFC6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.avon.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 22 Sep 2024 11:17:04 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
294 B 255ms
30ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.avon.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8c71e2ecfa24a2c4-YUL
access-control-allow-origin: *
date: Sun, 22 Sep 2024 11:17:04 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 5e172f6d-3bf8-437e-a851-ed060442f4d1.js Show response
assets.revlifter.io/ 0
354 B 307ms
93ms Script
application/javascript 13.226.34.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revlifter.io/5e172f6d-3bf8-437e-a851-ed060442f4d1.js
Requested by: Host: www.avon.com
URL: https://www.avon.com/repstore/swright1734?rep=swright1734
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-105.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

x-amz-cf-pop: EWR53-C2
x-amz-version-id: TII5p.Sn8v3ZrJald4D1237g7vblA8wr
etag: "d41d8cd98f00b204e9800998ecf8427e"
via: 1.1 343d70dd2c23b73057116d47a342c588.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
content-length: 0
x-amz-cf-id: 1DOTXucY5r7_V4MtD-1BXBdOS5xS9AG58r3kjycd2QwwXEVmJ5wINA==
date: Sun, 22 Sep 2024 11:17:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Thu, 01 Aug 2024 09:41:40 GMT

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 982E 0
0 121ms
64ms Document
text/html 142.250.65.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfo4p4lAAAAAK4050lVXXFwMderO5faFjUnkvTd&co=aHR0cHM6Ly93d3cuYXZvbi5jb206NDQz&hl=en&v=EGbODne6buzpTnWrrBprcfAY&size=invisible&cb=fma3g8qje7tb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.228 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q2xria-XTZ3A9tE_GaBWMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Q2xria-XTZ3A9tE_GaBWMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Sep 2024 11:17:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 join-info Show response
prod-ecom-custapi-aws.avon.com/v1/avon/fund-raising/ 226 B
813 B 37ms
36ms XHR
application/json 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-ecom-custapi-aws.avon.com/v1/avon/fund-raising/join-info

Requested by

Host: www.avon.com
URL: https://www.avon.com/static/js/340.935f528b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-28-243.compute-1.amazonaws.com

Software

Resource Hash

cc398a7b3b5432b12dd13f46ca45cc758e5ea15db51e8e547bfad7fb65dc91aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Shopper-Id: 1727003819877
Referer: https://www.avon.com/
Accept-Language: en_US
Accept: application/json, text/plain, */*
Campaign-No: 202419
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
AccessId: ANhr_owtuOltHsya04XzD7mt8EYeKc2C8s1S8lei4Eye6jbJANNgUxqz9f9EGfdXPkk8PqbPTUzatGAaYKXIQA==

Response headers

access-control-max-age: 3600
content-encoding: gzip
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
x-content-type-options: nosniff
expires: 0
date: Sun, 22 Sep 2024 11:17:04 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.avon.com
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK pageInfo Show response
www.mczbf.com/12143/ 68 B
714 B 98ms
43ms Fetch
image/png 2600:9000:28b2:600:16:4ed5:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mczbf.com/12143/pageInfo
Requested by: Host: www.mczbf.com
URL: https://www.mczbf.com/tags/12143/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:28b2:600:16:4ed5:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://www.avon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded

Response headers

X-Robots-Tag: noindex, nofollow
X-Request-ID: 3222b5b5-78d4-11ef-9eb5-bdcdd522042d
Cache-Control: no-store
Connection: keep-alive
Via: 1.1 94ad62d30119f960dbd892be99684e02.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Content-Length: 68
X-Amz-Cf-Id: --BXaddWNWCYjSPFYFPUlTWkZEbOJ7ZNuTP7s5EKVtUOuEgkC8hN6g==
Date: Sun, 22 Sep 2024 11:17:04 GMT
Content-Type: image/png
X-Amz-Cf-Pop: JFK52-P8
Server: nginx

GET
H2 404 fund-profile Show response
prod-ecom-custapi-aws.avon.com/v1/avon/rep/ 42 B
720 B 41ms
40ms XHR
application/json 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-ecom-custapi-aws.avon.com/v1/avon/rep/fund-profile?accountNumber=17731305

Requested by

Host: www.avon.com
URL: https://www.avon.com/static/js/340.935f528b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-28-243.compute-1.amazonaws.com

Software

Resource Hash

975713288ac9947336d190d109a020d7c48c6633d1225165126501b450f51b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Shopper-Id: 1727003819877
Referer: https://www.avon.com/
Accept-Language: en_US
Accept: application/json, text/plain, */*
Campaign-No: 202419
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
AccessId: ANhr_owtuOltHsya04XzD7mt8EYeKc2C8s1S8lei4Eye6jbJANNgUxqz9f9EGfdXPkk8PqbPTUzatGAaYKXIQA==

Response headers

access-control-max-age: 3600
content-encoding: gzip
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
x-content-type-options: nosniff
expires: 0
date: Sun, 22 Sep 2024 11:17:04 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.avon.com
x-xss-protection: 1; mode=block

OPTIONS
H2 200 join-info
prod-ecom-custapi-aws.avon.com/v1/avon/fund-raising/ Frame 0
0 33ms
33ms Preflight 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-ecom-custapi-aws.avon.com/v1/avon/fund-raising/join-info
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-28-243.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept-language,accessid,campaign-no,shopper-id
Access-Control-Request-Method: GET
Origin: https://www.avon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
access-control-allow-origin: https://www.avon.com
access-control-max-age: 3600
content-length: 0
date: Sun, 22 Sep 2024 11:17:04 GMT

OPTIONS
H2 200 fund-profile
prod-ecom-custapi-aws.avon.com/v1/avon/rep/ Frame 0
0 38ms
37ms Preflight 3.224.28.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-ecom-custapi-aws.avon.com/v1/avon/rep/fund-profile?accountNumber=17731305
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.28.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-28-243.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept-language,accessid,campaign-no,shopper-id
Access-Control-Request-Method: GET
Origin: https://www.avon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,AccessId,Accept-Language,Campaign-No,Shopper-Id,If-None-Match,App-Device-Id,Is-App,recaptchaToken,actionName
access-control-allow-methods: GET,DELETE,PUT,POST,OPTIONS,PATCH,HEAD,CONNECT
access-control-allow-origin: https://www.avon.com
access-control-max-age: 3600
content-length: 0
date: Sun, 22 Sep 2024 11:17:04 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202402.1.0/ 430 KB
105 KB 30ms
30ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e912efba4dd82b798fb061f872b0016687932d1648098f501dff644a7ad77a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

content-md5: XwXx/WxMZ+UJJ5CmkZRGfQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5DEBBF484DE
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 68888
x-content-type-options: nosniff
date: Sun, 22 Sep 2024 11:17:04 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 21:32:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 25a8232f-f01e-00de-55c8-d7c323000000
cf-ray: 8c71e2edfecc6e08-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 106948
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/022d0231-84ce-4cf3-85d4-f965383ca81f/6564ea99-7931-4fe1-a9a9-93dd7f890594/ 433 KB
55 KB 193ms
192ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/022d0231-84ce-4cf3-85d4-f965383ca81f/6564ea99-7931-4fe1-a9a9-93dd7f890594/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f46fd76abf0d5ad52abbc89900f25a28c3f7bfda9d6a6586c62ab84ae6c4767b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

content-md5: JDzAIoTP4PGWDPiGlHD7zA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DC3A3C6B397D5E
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
x-content-type-options: nosniff
expires: Mon, 23 Sep 2024 11:17:04 GMT
date: Sun, 22 Sep 2024 11:17:04 GMT
content-type: application/json
last-modified: Fri, 01 Mar 2024 22:10:35 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 9b223332-701e-0068-6f72-795f13000000
cf-ray: 8c71e2eed9027151-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56531
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/202402.1.0/assets/ 10 KB
3 KB 116ms
116ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3321757433351762495ef3452adf0fcefa179583f4409dd04815c710c5e45f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

content-md5: fbMkGfGyyGne0SpdbrtK0Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5DEB7579EB3
x-ms-lease-status: unlocked
cf-cache-status: HIT
x-content-type-options: nosniff
date: Sun, 22 Sep 2024 11:17:04 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 21:31:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: abd38c55-801e-0059-0d85-d8960c000000
cf-ray: 8c71e2f0b9857151-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2707
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202402.1.0/assets/v2/ 63 KB
14 KB 39ms
39ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51dfbad7e1a227d3935016e5c4190e5e46e03daa4b249e5ded55f54235efbd7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

content-md5: CuBA9J6EcFGPNJ2JIqnd4w==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5DEB86BD0FF
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 82085
x-content-type-options: nosniff
date: Sun, 22 Sep 2024 11:17:04 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 21:31:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 77a97fbf-b01e-003c-47cd-d72751000000
cf-ray: 8c71e2f0c9867151-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13599
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202402.1.0/assets/ 21 KB
4 KB 115ms
115ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

content-md5: c7xAZ9MSGAobGaTYg/Qtag==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 22 Sep 2024 11:17:04 GMT
content-type: text/css
last-modified: Tue, 16 Jul 2024 21:32:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 69f66952-c01e-0033-036c-d8caa7000000
cf-ray: 8c71e2f0c9877151-YUL
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
624 B 30ms
29ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

content-md5: pcXWFGpuVeSg/jVnYCseRg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 47549
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 22 Sep 2024 11:17:05 GMT
content-type: image/svg+xml
last-modified: Thu, 19 Sep 2024 19:24:08 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 174112c4-c01e-0033-7872-0bcaa7000000
cf-ray: 8c71e2f3385e6e08-YUL
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
512 B 115ms
115ms Fetch
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 22 Sep 2024 11:17:05 GMT
content-type: image/svg+xml
last-modified: Thu, 19 Sep 2024 19:24:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 7ac7bddd-e01e-000d-4f8b-0b7c86000000
cf-ray: 8c71e2f35a2a7151-YUL
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 avon_logo.jpg
cdn.cookielaw.org/logos/978f1927-b8f6-4510-b2f7-f6294cf1dc32/5c3e5ad7-a199-4b85-afdd-b37e7905a436/dccd2c20-524c-41a6-b1b2-81ab2b1864fa/ 4 KB
4 KB 33ms
31ms Image
image/jpeg 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/978f1927-b8f6-4510-b2f7-f6294cf1dc32/5c3e5ad7-a199-4b85-afdd-b37e7905a436/dccd2c20-524c-41a6-b1b2-81ab2b1864fa/avon_logo.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45ebfc9e8dccad88d3302a156c4107a1521c39b5f5ef6c5a82fb7bcde257de78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

content-md5: 5nRbjkwSiBJbgspXpZ9gQA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: h2pri
etag: 0x8DB4CD01AF84559
x-ms-version: 2009-09-19
cf-cache-status: HIT
age: 70360
x-content-type-options: nosniff
date: Sun, 22 Sep 2024 11:17:05 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 18:48:09 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
x-ms-request-id: 781976ca-701e-0004-5427-b6b4eb000000
cf-ray: 8c71e2f3686e6e08-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4003
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 31ms
30ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 47550
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 22 Sep 2024 11:17:05 GMT
content-type: image/svg+xml
last-modified: Thu, 19 Sep 2024 19:24:08 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 6a6b8b1f-701e-0047-27cf-0a4ce1000000
cf-ray: 8c71e2f3686f6e08-YUL
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 favicon.ico
www.avon.com/ 1 KB
897 B 58ms
55ms Other
image/x-icon 2600:9000:23ca:b000:d:57c7:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avon.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:b000:d:57c7:2580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

New AVON Secu / Express

Resource Hash

53a6e218e3e1185975347407d851e673876077171bb76819c1b945acd735e247

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avon.com/repstore/swright1734?rep=swright1734

Response headers

content-encoding: gzip
etag: W/"47e-191fecf2ce0"
x-cache: Miss from cloudfront
x-amz-cf-id: 2aizgNtWJfSl_nFjeqHyDLr_FT27Ih10goUrSWomcKbc5YgF5StuQw==
date: Sun, 22 Sep 2024 11:17:05 GMT
content-type: image/x-icon
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2024 07:07:56 GMT
x-frame-options: DENY
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
cache-control: public, max-age=0
access-control-allow-credentials: true
via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P2
x-powered-by: Express
server: New AVON Secu

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.avon.com/	1969-12-31 23:59:59	Name: saturn_environment Value: prod
www.avon.com/	1969-12-31 23:59:59	Name: campaignNo Value: 202419
www.avon.com/	1969-12-31 23:59:59	Name: accessId Value: ANhr_owtuOltHsya04XzD7mt8EYeKc2C8s1S8lei4Eye6jbJANNgUxqz9f9EGfdXPkk8PqbPTUzatGAaYKXIQA%3D%3D
www.avon.com/	1970-01-21 01:52:59	Name: shopperId Value: 1727003819877
www.avon.com/	1969-12-31 23:59:59	Name: currentLanguage Value: en_US
.avon.com/	1970-01-21 09:19:23	Name: _ga_ZW8FMEPFC6 Value: GS1.1.1727003823.1.0.1727003823.0.0.89665104
.avon.com/	1970-01-21 09:19:23	Name: _ga Value: GA1.1.163091689.1727003824
.avon.com/	1970-01-21 09:12:11	Name: cjConsent Value: MHxOfDB8Tnww
.avon.com/	1970-01-21 09:12:11	Name: cjUser Value: 6250200e-9aab-4c99-bd1d-a8521ddaa721
.avon.com/	1970-01-21 09:19:23	Name: usi_return_visitor Value: Sun%20Sep%2022%202024%2004%3A17%3A04%20GMT-0700%20(Pacific%20Daylight%20Time)
.avon.com/	1970-01-21 08:28:59	Name: usi_session_count Value: 1
.avon.com/	1970-01-21 08:28:59	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Sep+22+2024+04%3A17%3A05+GMT-0700+(Pacific+Daylight+Time)&version=202402.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.avon.com%2Frepstore%2Fswright1734%3Frep%3Dswright1734&groups=C0002%3A0%2CC0005%3A0%2CC0004%3A0%2CC0001%3A1%2CC0003%3A0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://prod-ecom-custapi-aws.avon.com/v1/avon/bar/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://prod-ecom-custapi-aws.avon.com/v1/avon/repStore/swright1734 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://prod-ecom-custapi-aws.avon.com/v1/avon/repStore/undefined/media?mediaType=MEDIA_TYPE_MOV&page=1&pageSize=10 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://prod-ecom-custapi-aws.avon.com/v1/avon/rep/fund-profile?accountNumber=17731305 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:;frame-ancestors 'self' https://*.avon.com
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbap.com
acsbapp.com
assets.revlifter.io
cdn.acsbapp.com
cdn.cookielaw.org
classycosmeticsnow.com
code.jquery.com
geolocation.onetrust.com
graph.facebook.com
prod-ecom-custapi-aws.avon.com
sc-ls.spockee.io
unpkg.com
www.avon.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.mczbf.com
www.upsellit.com
13.226.34.105
142.250.65.228
142.251.40.227
157.240.241.17
2001:4860:4802:38::178
2600:9000:23ca:b000:d:57c7:2580:93a1
2600:9000:247b:8400:14:ccf8:7780:93a1
2600:9000:28b2:600:16:4ed5:12c0:93a1
2606:4700:10::6816:1cc
2606:4700:10::ac43:b9b
2606:4700:20::681a:aa5
2606:4700:4400::6812:2089
2606:4700::6811:f6cb
2606:4700::6812:562a
2607:f8b0:4006:81c::2008
2a04:4e42:400::649
3.224.28.243
3.33.251.168
34.117.39.58
02c5d5615e6f44494a7b6ab02b8e3ca25ef1fa69a76b902788de33e7debf04da
047c0f4527fbf771c5386bea26d086099935c4278c59a1054b6fae53e447e04e
0b6379402b2a1256795977bd1f381d8e58969158328aa3542284b710ddb39222
103b920578e4cc974ac10a0d397ccd030fc500e8a1425ff1928c5acc8964f1b7
17e021c5a1127c47e2fb3c9395235a1e7826d46537110d5eafa3f0f4fe7d9a90
1ab0484db897684cea4f54ee52246245225530d502e39726b250916f4aa4e4a8
1f1f69cd30083be79fd7ed82045bf0f2faa7a9f6a1199b81ea4224498e3305dc
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
3321757433351762495ef3452adf0fcefa179583f4409dd04815c710c5e45f6f
3f0c682913893a08952bd32f05d586de3d1a36144d422335c7101bd2f2dbef31
4581243614c4801879981cabde0a1615ae368a0b12c94b85aa945543ecb2edf4
45ebfc9e8dccad88d3302a156c4107a1521c39b5f5ef6c5a82fb7bcde257de78
47e3080969634b8a3a165d426e8cc5a28ac0b15599addf3ca33c3f8c4dfc0e6c
4943e91f7f53318d481ca07297395abbc52541c2be55d7276ecda152cd7ad9c3
4e45c7692423ec2d0b6dd609dd7467a5ec08fc83bb0f5a22f36c53a88f6e0c6b
51dfbad7e1a227d3935016e5c4190e5e46e03daa4b249e5ded55f54235efbd7a
53a6e218e3e1185975347407d851e673876077171bb76819c1b945acd735e247
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6193d0725b589da0caf0434a0238360262364b12e475bc34cbd6f6ec58943ff7
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65646336dab0e49ca3bea43384d5cd4820110c707226e320df27bf6a69647925
6894921b38427e7d22372792eeba60335f2bd8cc3574c6edfdbef818187feff5
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
76d3e76ca06340e79b7c121d65944be00008b682b0498b1c982bb3b570f0dd25
773792c6a0c3691f0948edd763d26836ef295fc565c409b6260a1961e723bf48
83e4c87061af70dd9f77102fae3675e081d33c42f0b77a6600dd1ae8415d87ea
84c3ced6463a2b5b6e58b80820c02b8c33d5ad29233fbcedc3bac0a121b0b171
86c709dc026d4b7b95c4545192edc31b87e03a87ae081b1f5d43415a994ec6cd
88e7a920da178a4699331e733d1818fd72ac3816d82f253ee754689d37e7b982
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
9163c819c516bc131e159a2266a3918c58f229ee59a8b5ae59ae003bfc5cad4d
91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f
91cda21458429c3d07157fe44706203343612e270bb1707c4d69679a0b7e1d96
927d4039c3d1538ce62a4a717df1f448db8fb2fabf3b8af51ab45830e5cfb820
9340e1074709aee3627b44fba4826ce9db24bd3c33d924fdcfd5bfe8d5375907
9700a860b55365e84b0b9763f4f2949537d00e160e099e1eec1c9db6bbdb86a0
975713288ac9947336d190d109a020d7c48c6633d1225165126501b450f51b9b
a18883bd618b76f0c5dd48129c617ac2817211cc7cb78bb8e7a07e743fc8b196
aadef69803eda971285541967a65293a2817b2428eafc63ccef4633b71dd3a19
b312b721ef292645e4f91132240f37fddc74da2210ec974fa35fd175efc9c150
caac3c085b4446069dff403b72c8917ab3d584b1148082e4078a6019e35413a8
cc398a7b3b5432b12dd13f46ca45cc758e5ea15db51e8e547bfad7fb65dc91aa
cf740cba14a75aaccc855e6d2a1add7d36578ec4078ee2393aea7f7cad9ac750
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8
dd24b7014d423a38b278d87858c8f51b32266d03206b064a2a30d1f303b7a239
e20ed4bea90c6b0c0686149a25e907349ca5a0b89c48d32605ab9067c730a64a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e667c297eb23df49cbfdc1789733173869e279b43b51c0c9ff73c83b501e0744
e912efba4dd82b798fb061f872b0016687932d1648098f501dff644a7ad77a35
eadbdb4ea7f252d6d828eb4a0d8fdfedeebe0c52e4570a2bceb068038bd810ce
eb85416fdde89cd1f835164340360053f9691b8a599cd0d692d5c9bf5d7de5ec
ee4ca74932197e7cf7989c308fd90adf808e23ad0c3645e713cbdcec1c2de052
f46fd76abf0d5ad52abbc89900f25a28c3f7bfda9d6a6586c62ab84ae6c4767b
f5c8b340ffcb5268a5eef78621bcc0fe672e5fb95decc4b07c5cd3d09c8b45fa
f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade
fb4c721469c99db9a254901a74ac4b48410ca92ac44ccef0577563618a8397dd

www.avon.com Open in urlscan Pro 2600:9000:23ca:b000:d:57c7:2580:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

96 %HTTPS

63 %IPv6

17 Domains

19 Subdomains

17 IPs

1 Countries

2751 kBTransfer

10084 kBSize

12 Cookies

13 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.avon.com Open in urlscan Pro
2600:9000:23ca:b000:d:57c7:2580:93a1 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

96 %
HTTPS

63 %
IPv6

17
Domains

19
Subdomains

17
IPs

1
Countries

2751 kB
Transfer

10084 kB
Size

12
Cookies

71 HTTP transactions
0 data transactions