urlscan.io logo urlscan.io
SecurityTrails logo

jeffreestarcosmetics.com Open in urlscan Pro
23.227.38.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://jeffreestarcosmetics.com/
Effective URL: https://jeffreestarcosmetics.com/
Submission: On February 20 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 6 countries across 35 domains to perform 181 HTTP transactions. The main IP is 23.227.38.32, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is jeffreestarcosmetics.com.
TLS certificate: Issued by R3 on January 19th 2024. Valid for: 3 months.
This is the only time jeffreestarcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 50 23.227.38.32 13335 (CLOUDFLAR...)
1 142.251.167.95 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 23.227.38.33 13335 (CLOUDFLAR...)
20 23.50.126.61 16625 (AKAMAI-AS)
4 151.101.130.133 54113 (FASTLY)
3 104.26.12.152 13335 (CLOUDFLAR...)
8 104.18.72.113 13335 (CLOUDFLAR...)
15 23.227.60.200 13335 (CLOUDFLAR...)
6 142.251.163.97 15169 (GOOGLE)
1 54.192.51.96 16509 (AMAZON-02)
4 142.251.163.94 15169 (GOOGLE)
2 151.101.2.133 54113 (FASTLY)
1 34.234.80.100 14618 (AMAZON-AES)
2 172.253.63.95 15169 (GOOGLE)
1 104.22.1.204 13335 (CLOUDFLAR...)
3 31.13.66.19 32934 (FACEBOOK)
3 172.253.63.101 15169 (GOOGLE)
5 23.222.16.154 20940 (AKAMAI-ASN1)
2 54.237.159.171 ()
2 13.127.102.73 16509 (AMAZON-02)
2 3.211.112.8 14618 (AMAZON-AES)
1 172.67.11.155 13335 (CLOUDFLAR...)
1 172.253.122.155 15169 (GOOGLE)
1 172.253.63.138 15169 (GOOGLE)
1 142.251.163.154 15169 (GOOGLE)
2 31.13.66.35 32934 (FACEBOOK)
3 104.16.53.111 13335 (CLOUDFLAR...)
1 1 172.253.63.155 15169 (GOOGLE)
1 1 172.253.63.103 15169 (GOOGLE)
1 142.250.31.94 15169 (GOOGLE)
1 37.19.207.34 60068 (CDN77 _)
1 104.18.7.32 13335 (CLOUDFLAR...)
1 74.119.119.142 19750 (AS-CRITEO)
2 47.112.135.248 ()
2 3.161.210.170 16509 (AMAZON-02)
12 151.101.66.132 54113 (FASTLY)
3 3.162.3.96 16509 (AMAZON-02)
1 104.26.10.250 13335 (CLOUDFLAR...)
2 74.119.119.139 19750 (AS-CRITEO)
2 143.198.251.218 14061 (DIGITALOC...)
2 54.230.48.123 16509 (AMAZON-02)
1 192.229.163.223 15133 (EDGECAST)
1 172.67.69.32 13335 (CLOUDFLAR...)
4 104.22.32.205 ()
181 43
50    23.227.38.32 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com
jeffreestarcosmetics.com
1    142.251.167.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f95.1e100.net
fonts.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    23.227.38.33 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: checkout.shopify.com
shop.app
20    23.50.126.61 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-126-61.deploy.static.akamaitechnologies.com
cdn-widgetsrepository.yotpo.com
staticw2.yotpo.com
cdn-loyalty.yotpo.com
4    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
static.klaviyo.com
3    104.26.12.152 (None, )

ASN13335 (CLOUDFLARENET, US)
amaicdn.com
8    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
15    23.227.60.200 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com
cdn.shopify.com
6    142.251.163.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f97.1e100.net
www.googletagmanager.com
1    54.192.51.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-96.yul62.r.cloudfront.net
d1stxfv94hrhia.cloudfront.net
4    142.251.163.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net
fonts.gstatic.com
2    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
static-tracking.klaviyo.com
1    34.234.80.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-80-100.compute-1.amazonaws.com
waves.retentionscience.com
2    172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net
ajax.googleapis.com
1    104.22.1.204 (None, )

ASN13335 (CLOUDFLARENET, US)
acsbapp.com
3    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
3    172.253.63.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f101.1e100.net
www.google-analytics.com
5    23.222.16.154 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-16-154.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    54.237.159.171 (Ashburn, United States)

ASN- ()
PTR: ec2-54-237-159-171.compute-1.amazonaws.com
app.restockrocket.io
2    13.127.102.73 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-127-102-73.ap-south-1.compute.amazonaws.com
customerapp.anncode.com
2    3.211.112.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-112-8.compute-1.amazonaws.com
p.yotpo.com
1    172.67.11.155 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.acsbapp.com
1    172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net
stats.g.doubleclick.net
1    172.253.63.138 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f138.1e100.net
www.merchant-center-analytics.goog
1    142.251.163.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
www.googleadservices.com
2    31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com
www.facebook.com
3    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
jsccustomerservice.zendesk.com
1    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
googleads.g.doubleclick.net
1    172.253.63.103 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f103.1e100.net
www.google.com
1    142.250.31.94 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net
www.google.ca
1    37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 _, GB)
PTR: 37-19-207-34.bunnyinfra.net
gdprcdn.b-cdn.net
1    104.18.7.32 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.weglot.com
1    74.119.119.142 (United States)

ASN19750 (AS-CRITEO, US)
dynamic.criteo.com
2    47.112.135.248 (Shenzhen, China)

ASN- ()
a.glosku.com
2    3.161.210.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-210-170.yul62.r.cloudfront.net
d18eg7dreypte5.cloudfront.net
12    151.101.66.132 (United States)

ASN54113 (FASTLY, US)
cdn.rebuyengine.com
3    3.162.3.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-96.yul62.r.cloudfront.net
beacon-v2.helpscout.net
1    104.26.10.250 (None, )

ASN13335 (CLOUDFLARENET, US)
discountmanager.amai.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    143.198.251.218 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
gdpr.apps.isenselabs.com
2    54.230.48.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-48-123.yul62.r.cloudfront.net
d3hb14vkzrxvla.cloudfront.net
1    192.229.163.223 (United States)

ASN15133 (EDGECAST, US)
cdn-swell-assets.yotpo.com
1    172.67.69.32 (United States)

ASN13335 (CLOUDFLARENET, US)
consentmo-geo.com
4    104.22.32.205 (None, )

ASN- ()
rebuyengine.com
Apex Domain
Subdomains		 Transfer
50 jeffreestarcosmetics.com
jeffreestarcosmetics.com
842 KB
23 yotpo.com
cdn-widgetsrepository.yotpo.com — Cisco Umbrella Rank: 10342
staticw2.yotpo.com — Cisco Umbrella Rank: 7618
p.yotpo.com — Cisco Umbrella Rank: 7249
cdn-loyalty.yotpo.com — Cisco Umbrella Rank: 14735
cdn-swell-assets.yotpo.com — Cisco Umbrella Rank: 17069
604 KB
16 rebuyengine.com
cdn.rebuyengine.com — Cisco Umbrella Rank: 15718
rebuyengine.com — Cisco Umbrella Rank: 15061
254 KB
15 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2285
695 KB
8 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2491
ekr.zdassets.com — Cisco Umbrella Rank: 2789
214 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
456 KB
6 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 3375
static-tracking.klaviyo.com — Cisco Umbrella Rank: 4233
42 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 708
144 KB
5 cloudfront.net
d1stxfv94hrhia.cloudfront.net
d18eg7dreypte5.cloudfront.net
d3hb14vkzrxvla.cloudfront.net
22 KB
4 gstatic.com
fonts.gstatic.com
126 KB
3 helpscout.net
beacon-v2.helpscout.net — Cisco Umbrella Rank: 12188
32 KB
3 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 4173
gum.criteo.com — Cisco Umbrella Rank: 461
27 KB
3 zendesk.com
jsccustomerservice.zendesk.com
1018 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
21 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 191
74 KB
3 amaicdn.com
amaicdn.com — Cisco Umbrella Rank: 24237
658 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
ajax.googleapis.com — Cisco Umbrella Rank: 434
62 KB
2 isenselabs.com
gdpr.apps.isenselabs.com — Cisco Umbrella Rank: 18285
663 B
2 glosku.com
a.glosku.com — Cisco Umbrella Rank: 362128
13 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
216 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 113
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
2 KB
2 anncode.com
customerapp.anncode.com
10 KB
2 restockrocket.io
app.restockrocket.io — Cisco Umbrella Rank: 96373
3 KB
2 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 4541
cdn.acsbapp.com — Cisco Umbrella Rank: 4745
92 KB
2 shop.app
shop.app — Cisco Umbrella Rank: 4691
3 KB
1 consentmo-geo.com
consentmo-geo.com — Cisco Umbrella Rank: 21650
588 B
1 amai.com
discountmanager.amai.com — Cisco Umbrella Rank: 137733
2 KB
1 weglot.com
cdn.weglot.com — Cisco Umbrella Rank: 10311
427 B
1 b-cdn.net
gdprcdn.b-cdn.net — Cisco Umbrella Rank: 39069
24 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 8927
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 141
2 KB
1 merchant-center-analytics.goog
www.merchant-center-analytics.goog — Cisco Umbrella Rank: 5604
259 B
1 retentionscience.com
waves.retentionscience.com — Cisco Umbrella Rank: 67012
109 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257
3 KB
181 35
Domain Requested by
50 jeffreestarcosmetics.com 2 redirects jeffreestarcosmetics.com
16 staticw2.yotpo.com jeffreestarcosmetics.com
staticw2.yotpo.com
cdn-widgetsrepository.yotpo.com
15 cdn.shopify.com jeffreestarcosmetics.com
12 cdn.rebuyengine.com jeffreestarcosmetics.com
cdn.rebuyengine.com
client
7 static.zdassets.com jeffreestarcosmetics.com
static.zdassets.com
6 www.googletagmanager.com jeffreestarcosmetics.com
www.googletagmanager.com
www.google-analytics.com
5 analytics.tiktok.com jeffreestarcosmetics.com
analytics.tiktok.com
4 rebuyengine.com jeffreestarcosmetics.com
4 fonts.gstatic.com fonts.googleapis.com
4 static.klaviyo.com jeffreestarcosmetics.com
static.klaviyo.com
3 beacon-v2.helpscout.net jeffreestarcosmetics.com
beacon-v2.helpscout.net
3 jsccustomerservice.zendesk.com static.zdassets.com
3 www.google-analytics.com jeffreestarcosmetics.com
www.googletagmanager.com
3 connect.facebook.net jeffreestarcosmetics.com
connect.facebook.net
3 amaicdn.com jeffreestarcosmetics.com
amaicdn.com
3 cdn-widgetsrepository.yotpo.com jeffreestarcosmetics.com
cdn-widgetsrepository.yotpo.com
2 d3hb14vkzrxvla.cloudfront.net jeffreestarcosmetics.com
2 gdpr.apps.isenselabs.com jeffreestarcosmetics.com
2 gum.criteo.com dynamic.criteo.com
gum.criteo.com
2 d18eg7dreypte5.cloudfront.net jeffreestarcosmetics.com
2 a.glosku.com jeffreestarcosmetics.com
2 www.facebook.com jeffreestarcosmetics.com
2 p.yotpo.com jeffreestarcosmetics.com
2 customerapp.anncode.com jeffreestarcosmetics.com
2 app.restockrocket.io jeffreestarcosmetics.com
2 ajax.googleapis.com amaicdn.com
jeffreestarcosmetics.com
2 static-tracking.klaviyo.com static.klaviyo.com
2 shop.app jeffreestarcosmetics.com
1 consentmo-geo.com jeffreestarcosmetics.com
1 cdn-swell-assets.yotpo.com cdn-loyalty.yotpo.com
1 discountmanager.amai.com jeffreestarcosmetics.com
1 cdn-loyalty.yotpo.com jeffreestarcosmetics.com
1 dynamic.criteo.com jeffreestarcosmetics.com
1 cdn.weglot.com jeffreestarcosmetics.com
1 gdprcdn.b-cdn.net jeffreestarcosmetics.com
1 www.google.ca jeffreestarcosmetics.com
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 www.merchant-center-analytics.goog www.googletagmanager.com
1 stats.g.doubleclick.net jeffreestarcosmetics.com
1 cdn.acsbapp.com acsbapp.com
1 ekr.zdassets.com static.zdassets.com
1 acsbapp.com jeffreestarcosmetics.com
1 waves.retentionscience.com d1stxfv94hrhia.cloudfront.net
1 d1stxfv94hrhia.cloudfront.net jeffreestarcosmetics.com
1 cdnjs.cloudflare.com jeffreestarcosmetics.com
1 fonts.googleapis.com jeffreestarcosmetics.com
181 48

This site contains links to these domains. Also see Links.

Domain
accessibe.com
www.tiktok.com
www.youtube.com
www.facebook.com
www.instagram.com
Subject Issuer Validity Valid
jeffreestarcosmetics.com
R3		 2024-01-19 -
2024-04-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
shop.app
E1		 2024-01-18 -
2024-04-17		 3 months crt.sh
*.yotpo.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-30 -
2025-01-29		 a year crt.sh
static.klaviyo.com
R3		 2024-01-13 -
2024-04-12		 3 months crt.sh
amaicdn.com
GTS CA 1P5		 2024-01-29 -
2024-04-28		 3 months crt.sh
zdassets.com
E1		 2024-01-04 -
2024-04-03		 3 months crt.sh
cdn.shopify.com
E1		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
static-tracking.klaviyo.com
R3		 2024-01-21 -
2024-04-20		 3 months crt.sh
retentionscience.com
Amazon RSA 2048 M03		 2023-10-09 -
2024-11-04		 a year crt.sh
acsbapp.com
GTS CA 1P5		 2023-12-26 -
2024-03-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
app.restockrocket.io
R3		 2024-01-19 -
2024-04-18		 3 months crt.sh
customerapp.anncode.com
R3		 2024-01-11 -
2024-04-10		 3 months crt.sh
yotpo.com
Amazon RSA 2048 M03		 2024-01-23 -
2025-02-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
merchant-center-analytics.goog
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
jsccustomerservice.zendesk.com
Cloudflare Inc ECC CA-3		 2023-07-17 -
2024-07-16		 a year crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-05 -
2024-11-11		 a year crt.sh
cdn.weglot.com
GTS CA 1P5		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-07		 3 months crt.sh
a.glosku.com
Encryption Everywhere DV TLS CA - G1		 2023-04-03 -
2024-04-02		 a year crt.sh
cdn.rebuyengine.com
R3		 2024-02-13 -
2024-05-13		 3 months crt.sh
*.helpscout.net
Amazon RSA 2048 M02		 2023-04-02 -
2024-04-30		 a year crt.sh
amai.com
E1		 2024-02-07 -
2024-05-07		 3 months crt.sh
gdpr.apps.isenselabs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-03 -
2024-11-17		 a year crt.sh
consentmo-geo.com
GTS CA 1P5		 2024-01-23 -
2024-04-22		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://jeffreestarcosmetics.com/
Frame ID: E19CEA8F037274DD45F0CC3581607C58
Requests: 166 HTTP requests in this frame

Frame: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-shopify-custom-pixel@0575/sandbox/modern/
Frame ID: 8310998ACDBD7B42AD338618FA660E53
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Frame ID: 61AAA374782E55356A6590DD8F654E5B
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=jeffreestarcosmetics.com&origin=onetag
Frame ID: 418C73FDE2A636E743391E7421E212AC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jeffree Star Cosmetics

Page URL History Show full URLs

  1. http://jeffreestarcosmetics.com/ HTTP 301
    https://jeffreestarcosmetics.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <meta id="amazon-payments
Overall confidence: 100%
Detected patterns
  • <script id="apple-pay
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • klaviyo\.com
Overall confidence: 100%
Detected patterns
  • cdn\.weglot\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

181
Requests

99 %
HTTPS

0 %
IPv6

35
Domains

48
Subdomains

43
IPs

6
Countries

4424 kB
Transfer

12286 kB
Size

41
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://jeffreestarcosmetics.com/ HTTP 301
    https://jeffreestarcosmetics.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://jeffreestarcosmetics.com/discount/CLEAR HTTP 302
  • https://jeffreestarcosmetics.com/
Request Chain 113
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/325015524/?random=140171344&cv=11&fst=1708431319053&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F&label=-vhjCOTXpOICEOSv_ZoB&tiba=Jeffree%20Star%20Cosmetics&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=0&ec_m=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)*SPAN%3Atrue%3A22%3Afalse*1&ec_sel=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)&ec_meta=SPAN%3Atrue%3A22%3Afalse&ec_lat=4&ec_s=1&pscdl=noapi&auid=1920387700.1708431319&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&ct_cookie_present=false&ocp_id=15fUZdOPCv6coPMP5ouN-Ag&sscte=1&crd=COy7sQI&pscrd=Ek9DaEVJZ0xqUnJnWVFsUDc1c3QyQWlZaWZBUkltQUxFRlJKdUhqeERWSHBjZm9vbzlUMHhxdW5kMXdQbWdsS0cxenFaam4tMWpqNzVQM2RzGlpDaEVJZ0xqUnJnWVF1cW1nNG9QbGdkLWFBUkl1QUVYVVFPZzhGUGp2MnJ3NEMwQmN0YXlGQlp2LTRZbDNxMmlsc29yQ0FwVG83Q0pOQ2luVzI2S2NfYW9nVGciEwiT15vP8rmEAxV-DmgIHeZFA48yAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC HTTP 302
  • https://www.google.com/pagead/1p-conversion/325015524/?random=140171344&cv=11&fst=1708431319053&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F&label=-vhjCOTXpOICEOSv_ZoB&tiba=Jeffree%20Star%20Cosmetics&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=0&ec_m=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)*SPAN%3Atrue%3A22%3Afalse*1&ec_sel=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)&ec_meta=SPAN%3Atrue%3A22%3Afalse&ec_lat=4&ec_s=1&pscdl=noapi&auid=1920387700.1708431319&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=Ek9DaEVJZ0xqUnJnWVFsUDc1c3QyQWlZaWZBUkltQUxFRlJKdUhqeERWSHBjZm9vbzlUMHhxdW5kMXdQbWdsS0cxenFaam4tMWpqNzVQM2RzGlpDaEVJZ0xqUnJnWVF1cW1nNG9QbGdkLWFBUkl1QUVYVVFPZzhGUGp2MnJ3NEMwQmN0YXlGQlp2LTRZbDNxMmlsc29yQ0FwVG83Q0pOQ2luVzI2S2NfYW9nVGciEwiT15vP8rmEAxV-DmgIHeZFA48yAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&ocp_id=15fUZdOPCv6coPMP5ouN-Ag&cid=CAQSGwAvHhf_pIfq5WJMssnECb_uJjxsQ0CEndmUuw&random=3601045730 HTTP 302
  • https://www.google.ca/pagead/1p-conversion/325015524/?random=140171344&cv=11&fst=1708431319053&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F&label=-vhjCOTXpOICEOSv_ZoB&tiba=Jeffree%20Star%20Cosmetics&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=0&ec_m=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)*SPAN%3Atrue%3A22%3Afalse*1&ec_sel=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)&ec_meta=SPAN%3Atrue%3A22%3Afalse&ec_lat=4&ec_s=1&pscdl=noapi&auid=1920387700.1708431319&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=Ek9DaEVJZ0xqUnJnWVFsUDc1c3QyQWlZaWZBUkltQUxFRlJKdUhqeERWSHBjZm9vbzlUMHhxdW5kMXdQbWdsS0cxenFaam4tMWpqNzVQM2RzGlpDaEVJZ0xqUnJnWVF1cW1nNG9QbGdkLWFBUkl1QUVYVVFPZzhGUGp2MnJ3NEMwQmN0YXlGQlp2LTRZbDNxMmlsc29yQ0FwVG83Q0pOQ2luVzI2S2NfYW9nVGciEwiT15vP8rmEAxV-DmgIHeZFA48yAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&ocp_id=15fUZdOPCv6coPMP5ouN-Ag&cid=CAQSGwAvHhf_pIfq5WJMssnECb_uJjxsQ0CEndmUuw&random=3601045730&ipr=y

181 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
jeffreestarcosmetics.com/
Redirect Chain
  • http://jeffreestarcosmetics.com/
  • https://jeffreestarcosmetics.com/
163 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
ee2c9001833e647ea59461dcbab7cfa5bfdbe14fa0ec37459d2b1e608d18e4fe
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8586ac922b6f7133-YUL
content-encoding
br
content-language
en
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Tue, 20 Feb 2024 12:15:17 GMT
etag
W/"cacheable:ad36a75a71e049de6b46819d94339bda"
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by
Shopify
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSAgKv90T0cUD3zq6fqlvTwTXUNuYG7WVLl%2B77%2FZbs7CfhoCRhF7Qyt8TeypTEmk6RhD8fGWu3as6hN6aKTwSnTefI1a9ceUmpKA9ZZA9s4SoUYItvEs4h7MfNr5juPM%2B%2FNu3x8O1QA4Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=238;desc="gc:30", db;dur=53, fetch;dur=1, render;dur=77, wasm, asn;desc="136787", edge;desc="YUL", country;desc="CA", theme;desc="143359049855", pageType;desc="index", servedBy;desc="dm2t", requestID;desc="36ed3264-9f68-4f9f-8681-8e08ca0f6e29" cfRequestDuration;dur=290.000200, earlyhints
strict-transport-security
max-age=7889238
vary
Accept
x-cache
miss
x-content-type-options
nosniff
x-dc
gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-request-id
36ed3264-9f68-4f9f-8681-8e08ca0f6e29
x-shardid
126
x-shopid
6732291
x-shopify-stage
production
x-sorting-hat-podid
126
x-sorting-hat-shopid
6732291
x-storefront-renderer-rendered
1
x-xss-protection
1; mode=block

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
8586ac913b646e05-YUL
Connection
keep-alive
Content-Security-Policy
frame-ancestors 'none';
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Feb 2024 12:15:16 GMT
Location
https://jeffreestarcosmetics.com/
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBV6ZuvS7ivvCKzYuusVMtYpFsQERF6N9qTXfartiQShxSxiz45eRTPr4hLfiAVlR47N9wmJV8wByru1Vqc9vQApwQO5GRlkfaGdAs3%2BoPNwShPLRWq0dx27u6RZAmF3v35DLt%2Fnm%2BrEeA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Server-Timing
processing;dur=11, db;dur=5, asn;desc="136787", edge;desc="YUL", country;desc="CA", pageType;desc="index", servedBy;desc="ms4m", requestID;desc="231282ee-1107-4647-8a14-a94dc6523740" cfRequestDuration;dur=62.999964
Transfer-Encoding
chunked
Vary
Accept
X-Content-Type-Options
nosniff
X-Dc
gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
X-Download-Options
noopen
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
none
X-Redirect-Reason
https_required
X-Request-ID
231282ee-1107-4647-8a14-a94dc6523740
X-ShardId
126
X-ShopId
6732291
X-Shopify-Stage
production
X-Sorting-Hat-PodId
126
X-Sorting-Hat-ShopId
6732291
X-Storefront-Renderer-Rendered
1
X-XSS-Protection
1; mode=block
alt-svc
h3=":443"; ma=86400
powered-by
Shopify
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Anton&family=Oswald:wght@400;600;700&family=PT+Sans+Narrow:wght@400;700&display=swap
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
ESF /
Resource Hash
a3c9f7f04fd3ace2d223fc29cf0f3f0c30a78ac5ff3538a510b87c8571d28cda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 12:15:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 12:15:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Feb 2024 12:15:17 GMT
style.scss.css
jeffreestarcosmetics.com/cdn/shop/t/242/assets/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/style.scss.css?v=140125147679381315831698331454
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
b5e3bbf3b396ac6e77914ab2b2747aa6d19836fad35e51ebfe8e0e7bedd5a7b8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
7795085
content-encoding
br
server-timing
imagery;dur=551.503, imageryFetch;dur=71.104, imageryProcess;dur=465.650;desc="scss", cfRequestDuration;dur=12.000084
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
54de4a79-8538-4866-a862-483b6f32a9f5
last-modified
Thu, 02 Nov 2023 04:03:45 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uJAcqoTTHQDswgzwXuL0VqRxPt5vgJbtpzjy0l03WROLERL2XH%2BoVRE%2FAeGb00DHQRsfDITinOZPYSeCS8JQLlvusjfvgRoEPybAhiIYAmVOQTmkbfpD6UdXUG5rkxCnSu0KUMIZpDUOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
8586ac944e157133-YUL
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0673/2291/t/242/assets/style.scss.css>; rel="canonical"
x-sorting-hat-podid
126
index.scss.css
jeffreestarcosmetics.com/cdn/shop/t/242/assets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/index.scss.css?v=182708044129241983101698318736
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
1bdea061b099a0124814c1f06200ed6b56602cde9c6c06b649c8f9c4f14de23b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
522938
content-encoding
br
server-timing
imagery;dur=104.248, imageryFetch;dur=43.659, imageryProcess;dur=58.013;desc="scss", cfRequestDuration;dur=19.000053
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
778a20d8-bcbf-42bc-92a5-7e57ff441f07
last-modified
Wed, 29 Nov 2023 08:15:49 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfBdGqVUcq%2BDXh5z11KTs48SC6n9HRk8NTiWbFsNxlDW3m52IYnmJc4dL2xuYGirlyElCJCzrPhsHrPGjroTEgm7oCxE%2F0%2Bizy%2BbS3R%2FYvTyAC6PxeUY3%2BU3bs0TdHtyHr4OmjOW6tFfXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
8586ac944e187133-YUL
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0673/2291/t/242/assets/index.scss.css>; rel="canonical"
x-sorting-hat-podid
126
app.min.js
jeffreestarcosmetics.com/cdn/shop/t/242/assets/ 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/app.min.js?v=130457090045099245821698331456
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
274a3c3d9b6a9d5b63daf1fdb72a3a6d500f23b4f393fc8eb8f23684b6471629
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
3422595
content-encoding
br
server-timing
imagery;dur=72.621, imageryFetch;dur=72.346, cfRequestDuration;dur=11.999846
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
09cb3e3b-972f-4fb0-bf2e-74c8542c470e
last-modified
Thu, 11 Jan 2024 21:22:08 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3c001XaTHcFeLBLCE20q8k2VPB%2FBDQ%2FUTFf70kGY0r4FOIBst%2F2yqLjiVdieVktRiOCHo2Vxd1oJ1%2Ba3VKq2TirVABqYnhISOJ%2FcPxh0elUDFKhi1X%2Fby6Qt%2B7LmCr9aNAf7KqS6wI6caw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
8586ac94ec277154-YUL
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0673/2291/t/242/assets/app.min.js>; rel="canonical"
x-sorting-hat-podid
126
md5.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4243f06574c94ddaf59ee6002236835be6cbe83a0554865520bfb52338d28a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7089399
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2194
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-2129"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IK5ioFjPGnw5P9VragFQI9zTq1df0OLugsNJNMdscQW5Lg%2BWLGeNSuoJrjAwj2g%2F%2FUmjbZonXN1hy7yj33WZOTaGyv46fYvIr39WSLgBe40OsiH25Ee7Mgjalp6Zuh%2BRU6iA5T1L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8586ac947a9ea246-YYZ
expires
Sun, 09 Feb 2025 12:15:17 GMT
preloads.js
jeffreestarcosmetics.com/checkouts/internal/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
795d25dbc0e09ab07cd9fe6bd4a64c640fe9506ae1a2bbc0090131154ef3df77
Security Headers
Name Value
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pp4pAurKxfgiVOHSQGLyRsDU6HL%2F4HAowVQ0wVg4zWjGvdcJhttYV2tAwVugiDmt2JWpfxPtlWp%2FOC0nVKEMWKXI%2Fo3%2FYKQwu4GJqxX%2B6wJayNBIZ4k1i1Dw7d5K2it6ygJ7DWgiporpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; encoding=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
server-timing
cfRequestDuration;dur=26.000023
timing-allow-origin
*
cf-ray
8586ac94fc4b7154-YUL
alt-svc
h3=":443"; ma=86400
preloads.js
shop.app/checkouts/internal/ 		0
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.app/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.33 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
checkout.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6i46Vl%2FDl7Jrgmf2SpQmsZgkUu3hImjLXjpwBFNZY9BUdPbP99Q9mjzb5k%2FdGsub6Wc2rps64iZBjM%2F6pyActiz9pkqTYK9qtny%2Bt8XkainDQu4bqumE0Xg3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60
server-timing
cfRequestDuration;dur=26.999950
timing-allow-origin
*
cf-ray
8586ac955c6a33fa-YUL
content-length
0
alt-svc
h3=":443"; ma=86400
load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js
jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/storefront/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
3410725
content-encoding
br
server-timing
imagery;dur=21.921, imageryFetch;dur=21.235, cfRequestDuration;dur=11.000156
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
581b3ddd-fe05-4b44-95ba-5423be3c1cf1
last-modified
Fri, 12 Jan 2024 00:49:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKsLfs9tjtpHJRZHiBbwlPlZ%2F4Ihi1Hmc9MNNL4bQgrb9bdSybKthgHbOQ4C02uRsDc2i%2F1Nt62KvzUzbNCoDeCsJE2YwYBj8FVIv0FI6aUR0FCAJWEtrPHmu486gHihWLy9hbznfQEkAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
cf-ray
8586ac94fc4c7154-YUL
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js>; rel="canonical"
x-sorting-hat-podid
-1
storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js
jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/shopify_pay/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js?v=20220906
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
3419450
content-encoding
br
server-timing
imagery;dur=106.470, imageryFetch;dur=27.660, cfRequestDuration;dur=14.999866
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
629d54d5-1e7a-4125-b007-e2c6fafab053
last-modified
Thu, 16 Nov 2023 20:27:35 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zV4aVIYXA6BlHhbqyZFQzmXGieH4ihittmygjIOrw%2BNF9YQmnIPCFAre5eNOdZ5Efcphyr53r5w3i2xFVdmnN3C2MEqSB7zU8PE5V5ECWZdzJGut7rbrkVUIqCugnvGvdhMXfXcW6PdOcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
cf-ray
8586ac94fc4d7154-YUL
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js>; rel="canonical"
x-sorting-hat-podid
-1
features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js
jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/storefront/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
3415080
content-encoding
br
server-timing
imagery;dur=151.511, imageryFetch;dur=26.945, cfRequestDuration;dur=12.999773
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
06335951-4c27-4ccc-8dfd-8614c00b4041
last-modified
Thu, 11 Jan 2024 23:37:16 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYKAWjG8U%2FoyxjiV121yY6fl3bx9ezjsocz4rt%2B1I%2FwxkI3Py8bi3YJOVlZOsPM4dOxTP7drDPO7TGDOucnZlAvaMWlVrfvMci0fzYE2DPY7lIBr6ETu25dEQALCpreihXLBxqR62v7JWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
cf-ray
8586ac94fc4f7154-YUL
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js>; rel="canonical"
x-sorting-hat-podid
-1
Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA
cdn-widgetsrepository.yotpo.com/v1/loader/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-widgetsrepository.yotpo.com/v1/loader/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a68a269e898c8144c46450bc23a492eae05b71c8355fc47b56d7e9de0f805c94

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

ratelimit-reset
42
content-encoding
gzip
date
Tue, 20 Feb 2024 12:15:17 GMT
x-kong-proxy-latency
18
x-ratelimit-limit-minute
5000
x-kong-upstream-latency
22
x-ratelimit-remaining-minute
4988
ratelimit-limit
5000
content-length
5683
correlation-id
44c5d7ed-5ae9-46c1-a753-6b8be5737cda
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
ratelimit-remaining
4988
access-control-allow-headers
*
klaviyo.js
static.klaviyo.com/onsite/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d81a59eb68f6ac46e7e7b17abf234e2718c2fd098305f5c05f965a9a841b8433
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 20 Feb 2024 12:15:17 GMT
age
2212
x-cache
HIT, HIT
content-length
919
x-served-by
cache-lga21965-LGA, cache-yyz4538-YYZ
server
nginx
x-timer
S1708431317.307943,VS0,VE1
etag
W/"f016e2a891cc36d1b60fb7a0de85c408"
allow
OPTIONS, GET
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
19, 1
common.js
amaicdn.com/discountmanager/ 		3 MB
654 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amaicdn.com/discountmanager/common.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de458cd476885db3b1b8a642545f35d444bd1a5fbe4c245ec7bcec0de83427e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-encoding
gzip
via
1.1 f67188cca541e8788c38e9eb35529bea.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000
x-amz-cf-pop
YTO50-C3
age
5949
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
668613
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 07 Feb 2024 08:18:57 GMT
server
cloudflare
etag
"1e80314c985ef4526307c6f8c6c3d914"
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/x-javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jE%2FbdMGWvXNMlXgy77ew0aqc4X8BsfVWebxz5UyE2%2BjXLhD4Rt7ErVklgPHgloyLa1yuf7wujuxxrKfsZMPjghPgjDPaPCAd6GHHci2ImitLDn0YcfyE1NhIC5D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=10800
accept-ranges
bytes
cf-ray
8586ac949d6c36bf-YYZ
x-amz-cf-id
IzFSSyuHVyMHhmG2dkST_z6trYAbri8BppHH5566OMd9791qKd7PWg==
common.css
amaicdn.com/discountmanager/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amaicdn.com/discountmanager/common.css
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9dda4253a3edf4e05f605a04fcd4bc87b88e53456f964519a3667462cc84244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-encoding
gzip
via
1.1 f7a96eacae195ce7e3982601464ebc84.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000
x-amz-cf-pop
YUL62-C2
age
5788
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
1681
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 07 Feb 2024 08:18:55 GMT
server
cloudflare
etag
"ac580c2b432441848eb7a4db08d5ad25"
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNUDEovJrQpw0CXnn3Y5Hz6eKM%2FxSRsXhXVMSuQvgftz07b4wm5xzFyu1PduDqfua7MYAf%2BFgrIKYeDSUd2bywn2JOJFarXG1f2vyys5W7rXnmtGR9gcFm1Dr4yb"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=10800
accept-ranges
bytes
cf-ray
8586ac949d6b36bf-YYZ
x-amz-cf-id
aJfNc8Nfrncd725JHOJMlPe4-04t3Wgeer_Eg_3o-b7md44ylkq4fA==
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=7974f39b-67ff-4bc1-9a4a-de60f7cb81d9
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
9X4B0G1GWNB25PJG
age
40
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-amz-id-2
4OYei3DkpSYkS6dKBDFbZjtSdVexoHjQ1eS9Mf3MCmEOCurZC/+Isbd1AVVpsiKAmJ7FWWviPJSrjy0q3mZxeg==
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgO%2BXp0m6WfUnnHY1gf9QetF5jWwotXsaCRfSWvsNsgTgk1ir77Zz9uIAxJAw7Ai%2Bfa9KQ6m52J%2BKtva5QHDjURoUxuzsW3QAdN4l5f6jhBQL34%2BmHzMURsiMHG4fu8ygKyHe%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8586ac94889e39dd-YYZ
access-control-allow-headers
*
ac-tiered-style.css
cdn.shopify.com/extensions/56240e4a-4d28-4985-80b1-b15de7ac4133/discountly-pos-tier-discount-62/assets/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/56240e4a-4d28-4985-80b1-b15de7ac4133/discountly-pos-tier-discount-62/assets/ac-tiered-style.css
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
a6eee58bc9d85eab55a8d76f49f03f44528975eb259573f418a7c78dbe425072
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
362065
content-encoding
br
server-timing
imagery;dur=44.755, imageryFetch;dur=44.264, cfRequestDuration;dur=10.999918
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
e2e65d7e-ebf1-46a4-a81e-49b54e7d5376
last-modified
Fri, 16 Feb 2024 07:40:02 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2UrepotuI%2BRLMfwEIKbFQSD8ulU%2F3wIjf8K9eDu47w3%2BZ2P1hTOj0npC1xQnJcUvD4L51EDL2wX1RdczjGIBGH5BbMvRO1Gggtue4dpiWdZiMH63OeXolBEtyORorqPLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/56240e4a-4d28-4985-80b1-b15de7ac4133/discountly-pos-tier-discount-62/assets/ac-tiered-style.css>; rel="canonical"
cf-ray
8586ac945be939c3-YYZ
gtm.js
www.googletagmanager.com/ 		124 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5PBK87Q
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
17037ee594465c750e2035b4fe14c314923be2fdb01058367e235d46005ce059
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48564
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Feb 2024 12:15:17 GMT
w.js
d1stxfv94hrhia.cloudfront.net/waves/v3/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1stxfv94hrhia.cloudfront.net/waves/v3/w.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-96.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6042b166cdc76df9094329890799d3832fc9d6d19ac22053c9a0f2088fe6634e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Mon, 19 Feb 2024 15:21:38 GMT
Content-Encoding
gzip
Via
1.1 b6989f0f2e150081d90f4c11e6692d3e.cloudfront.net (CloudFront)
Last-Modified
Wed, 08 Feb 2023 18:55:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
YUL62-C2
Age
75220
ETag
W/"8af578dcdc48235e08ec93906269dcc1"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
o5xwU9lZgI5Cj51P_yoolI_hcXsQNEUIhwVyYBFfw2a2HkJ_DNbUPA==
widget.js
staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/ 		442 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c9908c2748efa22a9d8884595d5a50e00731e361931aca0ace3151640da50a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

ratelimit-reset
36
content-encoding
gzip
date
Tue, 20 Feb 2024 12:15:17 GMT
x-kong-proxy-latency
20
env
PRODUCTION
x-ratelimit-limit-minute
5000
x-kong-upstream-latency
73
x-ratelimit-remaining-minute
4999
ratelimit-limit
5000
server-timing
cdn-cache; desc=HIT, edge; dur=85, origin; dur=0, ak_p; desc="1708431317312_400425156_1626182892_8467_3706_15_43_146";dur=1
content-length
146726
correlation-id
34e81991-db2a-408f-a9fd-511075c4ae01
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
public, max-age=8191
access-control-allow-credentials
true
ratelimit-remaining
4999
b842a21a8w6bc87f1fp748799bam4bde34bfm.js
jeffreestarcosmetics.com/cdn/wpm/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e7500d287d54893078314dbed04c4096522a596daffbaf53cbe8243100c74e20
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
390027
content-encoding
br
server-timing
imagery;dur=33.931, imageryFetch;dur=33.673, cfRequestDuration;dur=13.999939
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
dcb4df38-a3aa-480f-a050-2d33ad6dfffb
last-modified
Thu, 15 Feb 2024 23:54:50 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtYS3pR2jTPgd6sEa%2FXORrH%2Bh7VGMaoiZLp7oopiUbzR3IFXBDjiqLCPbVUgA0%2F%2BJcyfWhQCfSE6wNN4fio%2FsTBjgS6jv5iUEKTqhX32m9nr3Yq7GAsN07Ck5E1ws4Q0pOyzJzTyY2wDTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8586ac94fc517154-YUL
timing-allow-origin
*
link
<https://cdn.shopify.com/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js>; rel="canonical"
x-sorting-hat-podid
-1
trekkie.storefront.fc3f1aabbbf42bade5d1a83f4ea8b04c184cf3f3.min.js
jeffreestarcosmetics.com/cdn/s/ 		112 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.fc3f1aabbbf42bade5d1a83f4ea8b04c184cf3f3.min.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
b70781fcb8c41d1f65a11509925e4f423e62f7c0fb96208c9d23e18f6b1f5cde
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
587385
content-encoding
br
server-timing
imagery;dur=62.728, imageryFetch;dur=62.494, cfRequestDuration;dur=10.999918
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
c1f1927d-3bd7-40c0-8969-27e165d9567e
last-modified
Tue, 13 Feb 2024 17:05:31 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKtA4PzrF1sTptkXqxrI8rDlHUtZOFLHvWfanyuj3Jef5352y0%2Fs9QFY0EoKd0Md5YhAsV%2ByQbiuJhks9kvaKlMEbPqb8Ujn2SZnfdePUOnZ77H%2BDsUtfq6CwGDEdTfelaSMzf2HTV6xNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
cf-ray
8586ac94fc547154-YUL
timing-allow-origin
*
link
<https://cdn.shopify.com/s/trekkie.storefront.fc3f1aabbbf42bade5d1a83f4ea8b04c184cf3f3.min.js>; rel="canonical"
x-sorting-hat-podid
-1
shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
3412077
content-encoding
br
server-timing
imagery;dur=48.877, imageryFetch;dur=47.729, cfRequestDuration;dur=11.999846
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
33f025d5-baf9-402b-9633-310a73485be0
last-modified
Fri, 12 Jan 2024 00:27:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvM2knB5IQVgqTwcHpZEH5Db%2BAoBRouZCzjsDOlu68PiBuf%2FlQyvlnu0LZrotcZ3E55EnFpsUs%2FMFTcZ%2F7a4vkWtH1E6oQSiodNt%2BMf9DdQhggvNSo3%2F2ZuULqSCKg2SM7LiYpjT3y3v4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
cf-ray
8586ac94fc557154-YUL
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js>; rel="canonical"
x-sorting-hat-podid
-1
shopify-boomerang-1.0.0.min.js
jeffreestarcosmetics.com/cdn/shopifycloud/boomerang/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
3424279
content-encoding
br
server-timing
imagery;dur=22.033, imageryFetch;dur=21.781, cfRequestDuration;dur=9.999990
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
8f571782-b99e-4384-9fd9-6b888efeacb7
last-modified
Thu, 11 Jan 2024 21:03:58 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwQlZrQogeYC6X1Ca4GbnLyW5q4vjpxX8NQagJvJZ9tH6krCJZhudN2vDhxaBEOBc6PDrORjwT4iUxNIffHHr3hz7UWjZaTC8NXqyMeMhWfvVE30kI6GmoooSwL7c6XmhoVEJz4gorLD1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=3600, must-revalidate
cf-ray
8586ac94fc457154-YUL
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-sorting-hat-podid
-1
vdayheader.png
jeffreestarcosmetics.com/cdn/shop/files/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeffreestarcosmetics.com/cdn/shop/files/vdayheader.png?v=13740702845538464714
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
31c4e5bf8620de1ea3b8503c3df70c096c9668f824d2c61efde5dac252104a51
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
2224525
source-type
image/png
server-timing
imagery;dur=166.187, imageryFetch;dur=42.013, imageryProcess;dur=100.333;desc="image", cfRequestDuration;dur=12.000084
source-length
5257
content-length
2360
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
d9321e11-e31f-469c-a1c4-1c61245cf015
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Jan 2024 17:51:12 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0WCHtZ8U3Y%2FVx4bDdDAEfJujBapPFEIE0OURwf%2F6ukSWeq13XICwFVGa%2BA530iiZy9ZxMYDUNuM7ylUZkkQ4j87IuDg8RDWYznHXCHAM6yYPyHxjf46ZmCMGnLTFILbVA%2FIZ1yP2EBfHVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8586ac950c5c7154-YUL
x-sorting-hat-podid
126
loading.svg
jeffreestarcosmetics.com/cdn/shop/t/242/assets/ 		571 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/loading.svg?v=7860191987170627441698318736
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/style.scss.css?v=140125147679381315831698331454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
b13f731e33ca920632336078d904c853eb745e0bfff9007d732a5979e82f4d68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/style.scss.css?v=140125147679381315831698331454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
7622090
content-encoding
br
source-type
image/svg+xml
server-timing
imagery;dur=91.904, imageryFetch;dur=89.833, imageryProcess;dur=0.064;desc="image", cfRequestDuration;dur=13.000011
source-length
571
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
c6dc3dd5-e349-45d3-960a-92aa5da9f3b9
last-modified
Fri, 17 Nov 2023 11:09:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BWauHcUmh2nDYP68QnDTfq07vK%2FuV%2FlSnxkOAT35shHKVQiPUJfDLDgPp0CLo5jhMKs%2Bd6lOAeKfQduIqmlY8rJi0S7YfSTD1s70RRZbBFA%2B2mQaxQ0z5oIe6UNNemdVakDdvYWen1T0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
timing-allow-origin
*
cf-ray
8586ac950c5f7154-YUL
x-sorting-hat-podid
126
sprite-icon-6679e1aa.svg
jeffreestarcosmetics.com/cdn/shop/t/242/assets/ 		20 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/sprite-icon-6679e1aa.svg?v=20101525309612974631698318736
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/style.scss.css?v=140125147679381315831698331454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
575c6454d5b68907556ef61d448e895eae146fb02cc59082f7c7e94e9b54fc2f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/style.scss.css?v=140125147679381315831698331454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
7622090
content-encoding
br
source-type
image/svg+xml
server-timing
imagery;dur=83.254, imageryFetch;dur=74.900, imageryProcess;dur=0.114;desc="image", cfRequestDuration;dur=18.000126
source-length
20099
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
5edc419b-7494-4457-b0d5-d32e861df784
last-modified
Fri, 10 Nov 2023 08:57:00 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2Bb9UREbSt8KjP4hXP4nOCu2tG%2BdwSHpfVL3IFG1e7Yyfm%2BcZjqLq2BxI5igldJkDhVSU%2F9I2cxCmz9rotqxCTXpDZH%2BDcUC5FCyo5%2B1eStJCgdRfUpq%2B%2FPRNXzzbSr7ZyG%2FRBZO2R2N7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
timing-allow-origin
*
cf-ray
8586ac950c607154-YUL
x-sorting-hat-podid
126
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v53/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anton&family=Oswald:wght@400;600;700&family=PT+Sans+Narrow:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 21:47:22 GMT
x-content-type-options
nosniff
age
224875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21444
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:38:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Feb 2025 21:47:22 GMT
BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
fonts.gstatic.com/s/ptsansnarrow/v18/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anton&family=Oswald:wght@400;600;700&family=PT+Sans+Narrow:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
4b6275c7977f0cd7698d38c7726149bbb2a9902d33e7dd48a192a889c19f5ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 10:38:26 GMT
x-content-type-options
nosniff
age
437811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36344
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:05:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 10:38:26 GMT
1Ptgg87LROyAm3Kz-C8.woff2
fonts.gstatic.com/s/anton/v25/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/anton/v25/1Ptgg87LROyAm3Kz-C8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anton&family=Oswald:wght@400;600;700&family=PT+Sans+Narrow:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
f9ad420bf51c2930fc2a49d44209d202cb18acb2d8b82853a01023e69eab6885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 17:44:14 GMT
x-content-type-options
nosniff
age
153063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18796
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:21:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Feb 2025 17:44:14 GMT
BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2
fonts.gstatic.com/s/ptsansnarrow/v18/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsansnarrow/v18/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anton&family=Oswald:wght@400;600;700&family=PT+Sans+Narrow:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
c9881931311b77f935225d7eeb7ebd0395480a7737a56d427778c98534ade38a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 07:14:46 GMT
x-content-type-options
nosniff
age
450031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51384
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:10:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 07:14:46 GMT
fender_analytics.5021e5dc23a75179ed54.js
static-tracking.klaviyo.com/onsite/js/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/fender_analytics.5021e5dc23a75179ed54.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00ba7ec54b2450e898722c3a70a04ec4393720aec7628703e070f2980a63ed1e

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
fcE4Cr8zmtuYZnHZ28vsDVoEO5oPwRek
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 20 Feb 2024 12:15:17 GMT
x-amz-request-id
VHSA4QQ1P1QD1F6P
age
2213
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
12130
x-amz-id-2
eqz9hrswkvS0cW50b2t2e/rS/fbw4x01QTSY2myoALjOIFEm1dqG1I84GiAzfzDDMmikMnKTa40=
x-served-by
cache-lga21970-LGA, cache-yyz4540-YYZ
last-modified
Wed, 31 Jan 2024 19:11:23 GMT
server
AmazonS3
etag
"780a7c87c679165cf9dabbb24eac4d52"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
18ca0f804bf02e17b21cd098bf4809dc3f1c2fc4
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
2, 583
static.500134348b1f0969ffe3.js
static-tracking.klaviyo.com/onsite/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
a.8vL6w09uHoOx__c8l8Rss._YtP0zbq
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 20 Feb 2024 12:15:17 GMT
x-amz-request-id
AS5HKYSNDWHFWQPJ
age
2213
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
985
x-amz-id-2
lb2mEKN6as878KkhLA8/+6rSwe2GSwSFSq6iDg+a3Gf6YOkZB1bMgWyDkQdIjlUEPhfTP4+Fl00=
x-served-by
cache-lga21976-LGA, cache-yyz4540-YYZ
last-modified
Mon, 06 Nov 2023 18:18:30 GMT
server
AmazonS3
etag
"64de10774c3382fe4adddab07ea17f0d"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a957c60a472df3e447f40628303353bdd959aba8
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
407, 607
runtime.3a973aace1a7ad25cd9b.js
static.klaviyo.com/onsite/js/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/runtime.3a973aace1a7ad25cd9b.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d432e8204759faceeac8c0cdc7bd82dc67724437ab42e3818215490a72addff

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
aBod8TcB2phN6aBCcgBs3hu6btVl1Q1e
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 20 Feb 2024 12:15:17 GMT
x-amz-request-id
3PM5W5F4300DQ2EZ
age
2214
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
8241
x-amz-id-2
oSGDSCrtKG5qifk2e5Fpi9uQZRko9DCmrgpzFNytkGmqvZgs3oB7a9SZEIAeVrv6OSWRdVzdL5qHWTLpto3+D019Ox6e4tVxmqBBPAbs5Mk=
x-served-by
cache-lga21976-LGA, cache-yyz4574-YYZ
last-modified
Fri, 16 Feb 2024 23:54:01 GMT
server
AmazonS3
etag
"84d43530aceddae62ef74ca23269d707"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
b2e3239c21c04c5d64cb0d83048bd2bc262ea5b7
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
2, 693
sharedUtils.6f44d24aaee7b983c49d.js
static.klaviyo.com/onsite/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.6f44d24aaee7b983c49d.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ab508c9cdd594bf76615f192ca06ec371f2d057917a4b2226c53b146d044515

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
TeJfEmetVxQEOshF9sCOu0rvAWcor4LP
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 20 Feb 2024 12:15:17 GMT
x-amz-request-id
PSVXKZCVRHN5NW60
age
2214
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
16931
x-amz-id-2
/mDbKj8gazqiTSCUj3aoPjljYIeluUexSNQSfFP+WuEWYv2YYHMY3Uqtxj88rKhmLeRkKULruU3hXXzB5Bu9qAzwmwZnuVSB
x-served-by
cache-lga21931-LGA, cache-yyz4574-YYZ
last-modified
Tue, 06 Feb 2024 17:52:08 GMT
server
AmazonS3
etag
"c9f11014df3ec20694577b9733fb26e5"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
4fce91007c31be03dcf52b82abca6e8088b0cc97
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
38, 662
wave
waves.retentionscience.com/ 		2 B
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://waves.retentionscience.com/wave?wave=%7B%22version%22%3A%223.1.1%22%2C%22site_id%22%3A%22936%22%2C%22arrival_time%22%3A1708431317356%2C%22arrival_uri%22%3A%22https%3A%2F%2Fjeffreestarcosmetics.com%2F%22%2C%22page_title%22%3A%22Jeffree%20Star%20Cosmetics%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.36%22%2C%22language%22%3A%22en-US%22%2C%22fingerprint%22%3A%227c392022ca05254a9c564f0815826768%22%2C%22rsci_vid%22%3A%222e023df1-ea82-a42a-83b2-0a2bdccb0336%22%2C%22action%22%3A%22view%22%7D
Requested by
Host: d1stxfv94hrhia.cloudfront.net
URL: https://d1stxfv94hrhia.cloudfront.net/waves/v3/w.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.80.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-80-100.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 20 Feb 2024 12:15:17 GMT
cache-control
no-cache
content-type
text/javascript
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: amaicdn.com
URL: https://amaicdn.com/discountmanager/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f95.1e100.net
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 23:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
392273
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 23:17:24 GMT
app.js
acsbapp.com/apps/app/dist/js/ 		298 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.1.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f180bd22855ecbcb04f5337542bb8006a4324a603d45371a1a69efab9cb13d88

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPqkSlVySl7Bl0Zv6e9wSZysJpSqaPfKTJkPWWUvu8TG_YA5FXVge4AdzkJUpfiKIT36nzI
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Sun, 18 Feb 2024 20:00:36 GMT
server
cloudflare
etag
W/"bc27c41bba425f691c753fad5a258818"
vary
Accept-Encoding
x-goog-generation
1708286436241314
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=q1A1/A==, md5=vCfEG7pCX2kcdT+tWiWIGA==
access-control-expose-headers
*
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
305352
cf-ray
8586ac984a3436c4-YYZ
expires
Wed, 19 Feb 2025 12:15:17 GMT
7974f39b-67ff-4bc1-9a4a-de60f7cb81d9
ekr.zdassets.com/compose/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/7974f39b-67ff-4bc1-9a4a-de60f7cb81d9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=7974f39b-67ff-4bc1-9a4a-de60f7cb81d9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ed718cb3d6cda5977d8b5d38cc0b7bc792b1f2e1e77b6c84f898dae2a359c40
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
857d74b17bad2714-SEA, 857d74b17bad2714-SEA
x-runtime
0.010610
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7ed718cb3d6cda5977d8b5d38cc0b7bc"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32dJid6bO66KrHfTXHqs2P%2Ff%2F5MPBLJb5P2sgu7SZN%2Bcc%2FRpZn3ufv3P5xlV0qarynV4%2FrB3znOIr3HLmbtuAiWUhUQflVc%2BABTyhHuqMY%2Fv5dArr5%2BL2wkKHu3f%2FVRelng%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
8586ac984d99369d-YYZ
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f95.1e100.net
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 18 Feb 2024 13:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Feb 2025 13:01:11 GMT
/
jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-shopify-custom-pixel@0575/sandbox/modern/ Frame 8310 		40 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-shopify-custom-pixel@0575/sandbox/modern/
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
9c12bdebe3b8cde7104bf9ffa87e7607f0145e1a21fedf8df5e0c9ddc1fe7cf1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
414316
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000, public
cf-cache-status
HIT
cf-ray
8586ac9839197154-YUL
content-encoding
br
content-language
en
content-security-policy
block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Tue, 20 Feb 2024 12:15:17 GMT
etag
W/"cacheable:c735cfe03c1db2849c7ce08baae606ae"
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by
Shopify
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yJhYAQCH%2B3446kYJdRiYqJdXdpqdiXfl4WAJxFae9colrxOlRU9aSidWd%2BUHBUc0%2B%2Bs%2FZK74WKY4BRXnLtOSiGNK0907cWim%2FBPj5cGVVZfokOa0tHuu1KwJcUqLtdfA1u13E%2F0k17AoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=15, db;dur=5, asn;desc="577", edge;desc="YUL", country;desc="CA", theme;desc="143359049855", servedBy;desc="h4hs", requestID;desc="ec8f2a21-cb8c-4f41-8eb6-dd6cfb7a7613" cfRequestDuration;dur=13.999939, earlyhints
strict-transport-security
max-age=7889238
vary
Accept, Accept-Encoding
x-cache
miss
x-content-type-options
nosniff
x-dc
gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
ec8f2a21-cb8c-4f41-8eb6-dd6cfb7a7613
x-robots-tag
noindex, nofollow
x-shardid
126
x-shopid
6732291
x-shopify-stage
production
x-sorting-hat-podid
126
x-sorting-hat-shopid
6732291
x-storefront-renderer-rendered
1
x-xss-protection
1; mode=block
produce_batch
jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/ 		0
745 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.fc3f1aabbbf42bade5d1a83f4ea8b04c184cf3f3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing
cfRequestDuration;dur=58.000088
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
f50691db-0bef-425a-bc94-1a4562d7d64f
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVc14T1w%2B5sEaBRPdgQqp1mmPJCebPXgdXGD8Jkeu5lAIWhUP0Zz5TMFZB2%2BwK9AbCQq0JAFYutnPmJMZiRX1p4q5V6UrP%2FhEvVsP4zqV6LGbv6PTEtDFNLMI8ofCC3zAuhn9dZ81sRbVg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
8586ac98696b7154-YUL
worker.modern.js
jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/ 		50 KB
21 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
b83ef5c2af0819c75514e5ed1c975499ece93f8c9d369e3ba799abd450af5ef7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-encoding
br
x-permitted-cross-domain-policies
none
age
415296
server-timing
processing;dur=23, db;dur=11, asn;desc="30036", edge;desc="MSP", country;desc="US", servedBy;desc="n24t", requestID;desc="33baf2da-5de4-44bb-9dbd-c3c9ef00b35d", cfRequestDuration;dur=16.000032
x-sorting-hat-shopid
6732291
x-shardid
126
x-storefront-renderer-rendered
1
etag
W/"cacheable:7fe5d30a4a9e407d51843fb56402d17a"
x-shopid
6732291
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
text/javascript; charset=utf-8
content-language
en-US
cache-control
max-age=31536000, public
x-robots-tag
noindex, nofollow
date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-cache
miss
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
33baf2da-5de4-44bb-9dbd-c3c9ef00b35d
x-shopify-stage
production
server
cloudflare
x-download-options
noopen
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdFSNtvIwjdvham4T0kjanmUWM%2FJuyJvSPRAWEegh30rMrPBJ60bay68iD8KQm7SRR%2FcVgVY6XMtUi8WHIZLT7u%2BE1u9zD0U3TudjtxQzwlk3GK6HhlCk5DyOmPbrIAHqm6CQLMTCaUycg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8586ac9879757154-YUL
x-sorting-hat-podid
126
worker.modern.js
jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-shopify-app-pixel@0575/sandbox/ 		40 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-shopify-app-pixel@0575/sandbox/worker.modern.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
22b42b7a9e7309fef4a7f49838646f78bd75a36ee5c80ddfa43272d4927a5848
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-encoding
br
x-permitted-cross-domain-policies
none
age
415296
server-timing
processing;dur=19, db;dur=9, asn;desc="30036", edge;desc="MSP", country;desc="US", servedBy;desc="n24t", requestID;desc="6fa9ee65-790f-4a03-88f6-c1e99239c932", cfRequestDuration;dur=9.999990
x-sorting-hat-shopid
6732291
x-shardid
126
x-storefront-renderer-rendered
1
etag
W/"cacheable:b382dded7f523479d7f507e8b73fac51"
x-shopid
6732291
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
text/javascript; charset=utf-8
content-language
en-US
cache-control
max-age=31536000, public
x-robots-tag
noindex, nofollow
date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-cache
miss
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
6fa9ee65-790f-4a03-88f6-c1e99239c932
x-shopify-stage
production
server
cloudflare
x-download-options
noopen
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hylbNMQG215toyZHhwpHRqt9z%2B9QROGZK17W8HIi3G6ellsc8FkSQTUeghn%2By8AisKOEm8IJgkJ2z614%2B5PKBAUDMkLAzqGTkf0sbp6AP0W%2FOm%2BOv0FYewjlJqve%2FJg4bx6Mc33KG1sSjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8586ac9879777154-YUL
x-sorting-hat-podid
126
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.fc3f1aabbbf42bade5d1a83f4ea8b04c184cf3f3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Feb 2024 12:15:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
0378/xtQq3II5IWxBd/t5HLbl5u7DHXCptjt3qiibqlsO7D1UB7VsdEZyQ+5LUSFcjlfT4W3nyYU6NP4RKtexA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.fc3f1aabbbf42bade5d1a83f4ea8b04c184cf3f3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Feb 2024 11:01:27 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4430
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 20 Feb 2024 13:01:27 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJSB1HBC77UFRCHS58AG&lib=ttq
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.fc3f1aabbbf42bade5d1a83f4ea8b04c184cf3f3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.16.154 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-16-154.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9b7fca79bb6be4ae0e97e4dfbdc075e7756388b53b86275aae6faebf290cd4c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id
29b9c819.333f1a1
date
Tue, 20 Feb 2024 12:15:17 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2402201215174909409A43F36B64103B-491DD4C3C9038759-00
x-cache
TCP_MISS from a23-222-16-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time
11,23.222.16.150
server-timing
cdn-cache; desc=MISS, edge; dur=4, origin; dur=7, inner; dur=4
content-length
1557
pragma
no-cache
server
nginx
x-tt-logid
202402201215174909409A43F36B64103B
x-cache-remote
TCP_MISS from a23-48-100-39.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.48.100.39
x-tt-trace-host
01d0767ae155227f1f5c0f8616b9a8a0b7f58e91274702c8019a1a6280e70995f0d4a31f7261ea7d02d74ba646b1eea82856504190dcc8da70e0ffa179e9a9bb11bbb5ba467d63f159fb2dda504134b08748daca1838b3598399ae72295f290c9a8498d25370aa9598b2583e96e72713e5
expires
Tue, 20 Feb 2024 12:15:17 GMT
js
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-81RXDPTBJQ
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.fc3f1aabbbf42bade5d1a83f4ea8b04c184cf3f3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e052dd1f5d0cfefcdcb8f2098a39fdacccf085c2fda558af829fa070b13a3325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86867
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Feb 2024 12:15:17 GMT
bundle.js
cdn-widgetsrepository.yotpo.com/widget-assets/yotpo-pixel/2023-09-12_08-37-14/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-widgetsrepository.yotpo.com/widget-assets/yotpo-pixel/2023-09-12_08-37-14/bundle.js
Requested by
Host: cdn-widgetsrepository.yotpo.com
URL: https://cdn-widgetsrepository.yotpo.com/v1/loader/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c0eb59dfca4c7d7dc3cdc4a5bb5a90a9911c73e70b849235d091a2a5a43b59a4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
vilQqnoJ19jfqtevXBPX76AhdLD06pvu
content-encoding
gzip
date
Tue, 20 Feb 2024 12:15:17 GMT
x-amz-request-id
EBXC6ZVDBXKGP848
x-amz-server-side-encryption
AES256
content-length
14969
x-amz-id-2
+3HTRqh1DG1UOY/LqeAggiIpAoKoB/ltKxeXkfIjTswbcnJaa4jXgG39vRu00BnTAgwdLL8XEOo=
last-modified
Tue, 12 Sep 2023 08:37:16 GMT
server
AmazonS3
etag
"f6793186cdfe1fc13738a863f118da9d"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Feb 2025 12:15:17 GMT
app.v0.8.2-5645.js
cdn-widgetsrepository.yotpo.com/widget-assets/widgets-initializer/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-widgetsrepository.yotpo.com/widget-assets/widgets-initializer/app.v0.8.2-5645.js
Requested by
Host: cdn-widgetsrepository.yotpo.com
URL: https://cdn-widgetsrepository.yotpo.com/v1/loader/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2ab821ec4659f12402381a072f2ede6c8e1a7879740150c83b06b3bfa7a54292

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
pK1JPHUALccTlw30AdYEn5ucPp7Tt8bR
content-encoding
gzip
date
Tue, 20 Feb 2024 12:15:17 GMT
x-amz-request-id
DA2WE0H4VTKSHT7Y
x-amz-server-side-encryption
AES256
content-length
11959
x-amz-id-2
/ufCEzQbpcZcSP3p5I4asIeHpscQqMGTbf4ExCC3hRcN1Y4syWflmMfd95jGl2z1B9B8shpwIlc=
last-modified
Thu, 28 Dec 2023 17:40:22 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1703785221/ctime:1703785221/gid:117/gname:jenkins/md5:5aa7707a9cc6555655b5cfa41be7c398/mode:33188/mtime:1703785221/uid:110/uname:jenkins
etag
"5aa7707a9cc6555655b5cfa41be7c398"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Feb 2025 12:15:17 GMT
widget.css
staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/ 		480 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.css?widget_version=2022-12-28_17-32-53
Requested by
Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9efc3f5b9a825c28d7679a389d8f9e77fc78bebde99071d41891b49b59347a04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-encoding
br
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="1708431317853_400425156_1626185215_625_4211_15_0_255";dur=1
content-length
39611
x-xss-protection
1; mode=block
x-request-id
fcea86bfab0524755f128d0c0917b85c
x-runtime
0.084853
etag
W/"d241b6ae5dab934b9588c11ff8c974c8"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
public, max-age=4666
access-control-allow-credentials
true
access-control-allow-headers
*
produce_batch
jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/ 		0
741 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.fc3f1aabbbf42bade5d1a83f4ea8b04c184cf3f3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing
cfRequestDuration;dur=38.999796
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
fc1b2c27-38ed-4f8f-8671-1c20fc10ce57
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCujadSw8KXX5GRUoNyVEVLXeyu99JBJjgSVSwYRNCo27JfpKLIQnS4E83%2BLmrcD0pQOXQCFRIiuMEjCLSiWw4LB1LLAtH72otCqEARjeR9q2GqqGbn41NeXpCnpyOYLb6FT01exbcsmtg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
8586ac9899a47154-YUL
js
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-81RXDPTBJQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PBK87Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
278f99e711dad0ec54a2c4a9441e464cdf47e4c41c1a8c57c4e204c901b3973b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86901
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Feb 2024 12:15:17 GMT
produce_batch
jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/ 		0
752 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.fc3f1aabbbf42bade5d1a83f4ea8b04c184cf3f3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing
cfRequestDuration;dur=58.000088
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
8d39818f-74f1-4b70-9e29-25bf645b7d85
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIv%2F5BW29GIvuwqdlTEFe8ym%2FmwG27pfWDCmjEFiiunNyFiRNUxgB%2Bzs3HavZOi41LO%2BYm2X%2ByJIne5YZ%2FHWX0ymI52AtuNip%2BR9bLXUPfpL9qoIAGlFlx41ee0SvDZj5MyryEoWGoPGpw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
8586ac98a9bf7154-YUL
produce_batch
jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/ 		0
747 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/s/trekkie.storefront.fc3f1aabbbf42bade5d1a83f4ea8b04c184cf3f3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing
cfRequestDuration;dur=42.999983
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
15647533-ca7c-4170-b721-cd6f765d2782
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btLyFJuqqrIrUGRlAuIuz1ZCWQcO%2FVYe1td8I8pzTt445VOOAS93yC7rh8JWa%2FfMoFKQUTMGPeHTj9DJFXOjBjrRsDd2%2BZxizwMHxuIhKuREpjzUo7Ub%2FunUrkMQMOjx0uwPagEewoY3JA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
8586ac98a9c17154-YUL
0d6c9fafccdc6c1b1cbc4d0ba7ce7043.js
amaicdn.com/discountmanager/store/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amaicdn.com/discountmanager/store/0d6c9fafccdc6c1b1cbc4d0ba7ce7043.js?1708431317662
Requested by
Host: amaicdn.com
URL: https://amaicdn.com/discountmanager/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67fe368168d4d8dbfa1ce733163fe43075e50eb2696b487f84387ad27065282b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-encoding
gzip
via
1.1 9289d7ed5e4e6afe1ab2abc0c202a3c4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000
x-amz-cf-pop
YTO50-C3
age
728
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
967
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 20 Feb 2024 08:01:00 GMT
server
cloudflare
etag
"89815ec9f0767d031c50c757df8998a6"
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/x-javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9LDqRPay5j4ySoTd0Su3HuGTK1w1Lq6hOsrZW1UsUoUTbyTul8dCba9olJj6c1Espw73s8wRmWJ9pMT2lNjpqCG12hEA4bYbjez%2BVEsxo2Ydr2MwdP2SLgQ6r7o"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=10800
accept-ranges
bytes
cf-ray
8586ac98b97e36bf-YYZ
x-amz-cf-id
lk5TXYpOcbA1Daq1x7X3-OHUDgD5Iw8-g39NxACYAgCN_4dwKJ02vg==
setting.json
app.restockrocket.io/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.restockrocket.io/api/v1/setting.json?translation_locale=en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.159.171 Ashburn, United States, ASN (),
Reverse DNS
ec2-54-237-159-171.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ngrok-skip-browser-warning,x-shopify-shop-domain
Access-Control-Request-Method
GET
Origin
https://jeffreestarcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Headers
ngrok-skip-browser-warning,x-shopify-shop-domain
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Max-Age
7200
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Feb 2024 12:15:16 GMT
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1708431317&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=d3wNb63uZNBOQXTcz4i1mrnQzlYRLZ9jkmquuOgslRw%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1708431317&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=d3wNb63uZNBOQXTcz4i1mrnQzlYRLZ9jkmquuOgslRw%3D
Server
Cowboy
Via
1.1 vegur
ac-tiered-sub-product.js
customerapp.anncode.com/api/clientStoreSubtotalPdPage/6732291/143359049855/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customerapp.anncode.com/api/clientStoreSubtotalPdPage/6732291/143359049855/ac-tiered-sub-product.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.127.102.73 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-127-102-73.ap-south-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
b2dae0a5c9a0b003395edb9cc6626d1d276aeeb7f8a923148b5c246fdc5d3c83
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://undefined https://admin.shopify.com

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:15:18 GMT
Content-Security-Policy
frame-ancestors https://undefined https://admin.shopify.com
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"4464-NUJOb//9nQ7aeCDof7cecYALv+w"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
ac-tiered-sub-cart.js
customerapp.anncode.com/api/clientStoreSubtotal/6732291/143359049855/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customerapp.anncode.com/api/clientStoreSubtotal/6732291/143359049855/ac-tiered-sub-cart.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.127.102.73 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-127-102-73.ap-south-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
d4aa3444bfbeeef5b54c3c84ed94595c16b297c7fcbe18602fdb9b194642d7ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://undefined https://admin.shopify.com

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:15:18 GMT
Content-Security-Policy
frame-ancestors https://undefined https://admin.shopify.com
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"5613-WlvbI2BhjcT+BPEyJH5LuNTHIV0"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
setting.json
app.restockrocket.io/api/v1/ 		4 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.restockrocket.io/api/v1/setting.json?translation_locale=en
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.159.171 Ashburn, United States, ASN (),
Reverse DNS
ec2-54-237-159-171.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
4f939c473b1bee90fdfdc26e99aa663cbbb66e1f8c887630cc3e953cbfdf8857
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

ngrok-skip-browser-warning
skip
Referer
https://jeffreestarcosmetics.com/
X-Shopify-Shop-Domain
jeffree-star-cosmetics.myshopify.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:15:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1708431318&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=K1deOPPwDBTZ27nYKLsbuSQsijluhJjqPL1uGjabbjY%3D
X-Request-Id
5ee6a1d3-b6a1-4723-9001-3f80a432f624
X-Runtime
0.016299
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 31 Jan 2024 06:43:09 GMT
Server
Cowboy
X-Download-Options
noopen
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1708431318&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=K1deOPPwDBTZ27nYKLsbuSQsijluhJjqPL1uGjabbjY%3D"}]}
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=0, private, must-revalidate
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding, Origin
cart
jeffreestarcosmetics.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cart?view=drawer-ajax&timestamp=1708431317904
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
88836a5f64301e2642ccbc46006e144be76e2ca5a5383779a6264b35d1275112
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
miss
server-timing
processing;dur=50, db;dur=17, render;dur=1, wasm, asn;desc="136787", edge;desc="YUL", country;desc="CA", theme;desc="143359049855", pageType;desc="cart", servedBy;desc="68p2", requestID;desc="aa10da25-c5e6-4c73-ba00-42390af1f392", cfRequestDuration;dur=97.000122, earlyhints
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
aa10da25-c5e6-4c73-ba00-42390af1f392
x-shardid
126
x-storefront-renderer-rendered
1
x-shopify-stage
production
server
cloudflare
etag
W/"cacheable:aaad03827efefddd16ec1e91dc02d724"
x-shopid
6732291
x-frame-options
DENY
vary
Accept
content-type
text/html; charset=utf-8
content-language
en
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XDB3UyAz0GoW%2BTGO57ikTKsxS0cTvEZjpGq5oVA%2FBg3SS9R8Zf5tBWSuBYBbdj%2BhvEvn4Cu6r9zn%2Btt7A3K5su4FE%2Fx4As%2FrY9cEfWXRVG8PHI0Lo7HuPK9ojIHhTrN10yE7NzQDog1uA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8586ac990a447154-YUL
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid
126
consent-tracking-api.js
jeffreestarcosmetics.com/cdn/shopifycloud/consent-tracking-api/v0.1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cdn/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
1e1d70c43292db7f5a8aef104ea9034a559c98c62de1766cc15c29c70c6a1027
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
2
content-encoding
br
server-timing
imagery;dur=27.446, imageryFetch;dur=26.634, cfRequestDuration;dur=12.000084
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
6c66ac96-f31c-47e1-ae8d-e736c92cf67a
last-modified
Tue, 20 Feb 2024 12:07:44 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utMMv4%2BHwA8X8IuZEtjs%2FpkO04UUvpsxngyrGpy8XRsPtU3OdqlhDJCJRlFM0X97uoJ2xF%2FzoAZlTS%2F7h58rJxnSngp92FvmdH0AI3RIHBXkPgaco%2Bx6uElqO4jaDH20bIOaNV%2F6yj0YCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
cf-ray
8586ac990a4d7154-YUL
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-sorting-hat-podid
-1
session
shop.app/pay/ 		18 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shop.app/pay/session?v=1&token=ac9d8cd5-824e-4882-a16e-fcf38c111a35&shop_id=6732291
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.33 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
checkout.shopify.com
Software
cloudflare /
Resource Hash
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://*.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com; frame-ancestors admin.shopify.com https: *.myshopify.com admin.shopify.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://*.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com; frame-ancestors admin.shopify.com https: *.myshopify.com admin.shopify.com
x-permitted-cross-domain-policies
none
server-timing
cfRequestDuration;dur=70.000172
etag
W/"9b5179ea2a77fe69b294fbd2ed504eac"
vary
Accept, Origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-frame-options
DENY
x-robots-tag
noindex
date
Tue, 20 Feb 2024 12:15:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
p3p
CP="Not used"
alt-svc
h3=":443"; ma=86400
content-length
18
x-xss-protection
1; mode=block
x-request-id
28ec59ec-d0b4-4a57-8da3-611f38b0fa69
x-runtime
0.003833
server
cloudflare
x-download-options
noopen
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZSDzbWmQgKiWNTBNUhGQpO3K1FA%2FnbMVmtXkxg2MHIN00Eiy59cfgPwe6lRkbvnVJbgOAmV1vFZLT8JSDHuKr%2B1NDpgffKfUJUl8rGs3Og3pNtHKJ0%2BAUgx"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8586ac994ec27136-YUL
x-sorting-hat-podid
-1
bottomline
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/4383216828543/widget/ 		968 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/4383216828543/widget/bottomline
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a4bccaf689510d163684361a8bbfc7b4c2d3e57e1ff82802f8817d9cde1722f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=HIT, edge; dur=29, origin; dur=0, ak_p; desc="1708431317965_400425156_1626185701_2926_3006_15_0_219";dur=1
content-length
352
x-xss-protection
1; mode=block
x-request-id
4a48ea8be2494133dd7590fb3fdf6889
x-runtime
0.023059
etag
W/"3b05ac0038a559abfb61329edf0dc6bf"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-max-age
86400
access-control-allow-methods
GET,POST
cache-control
public, max-age=5648
access-control-allow-credentials
true
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-headers
*
bottomline
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/4728223006847/widget/ 		975 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/4728223006847/widget/bottomline
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ed39422762e3c316a2683518a93bb54aec56e2c43da4a7491ae9dda7eb2b3d72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=HIT, edge; dur=28, origin; dur=0, ak_p; desc="1708431317970_400425156_1626185719_2828_2666_15_0_219";dur=1
content-length
356
x-xss-protection
1; mode=block
x-request-id
1401fd788a83f386ab04014cbe35c5ac
x-runtime
0.022795
etag
W/"962eda0e7ec6c575e662d368d9060e5f"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-max-age
86400
access-control-allow-methods
GET,POST
cache-control
public, max-age=760
access-control-allow-credentials
true
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-headers
*
bottomline
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160850641023/widget/ 		973 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160850641023/widget/bottomline
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5a9f28d3d6a853380163d712a991ff3d64d3e9155519ec829cde87c411dd7a8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=HIT, edge; dur=25, origin; dur=0, ak_p; desc="1708431317970_400425156_1626185720_2583_2579_15_0_219";dur=1
content-length
356
x-xss-protection
1; mode=block
x-request-id
bf8ef50d40c23702ecb08e110d5f3484
x-runtime
0.021404
etag
W/"1faabc276405eaae9fcf85988145b38c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-max-age
86400
access-control-allow-methods
GET,POST
cache-control
public, max-age=787
access-control-allow-credentials
true
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-headers
*
bottomline
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/6732276990079/widget/ 		973 B
926 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/6732276990079/widget/bottomline
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5a4c313b65e6d5a926d44b5c15ec265e534820c2946ee06c26a0b3d8f8b34bb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=27, origin; dur=34, ak_p; desc="1708431317970_400425156_1626185721_6208_2112_16_0_219";dur=1
content-length
356
x-xss-protection
1; mode=block
x-request-id
fa4e714d3482f4bf2ac1d6751b0e0253
x-runtime
0.029626
etag
W/"6528a7332e540601630a8e64791d424e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-max-age
86400
access-control-allow-methods
GET,POST
cache-control
public, max-age=10800
access-control-allow-credentials
true
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-headers
*
bottomline
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160867025023/widget/ 		971 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160867025023/widget/bottomline
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
142454910814547d3e6caf0d9db0cd5f1fbe3c8189b8bd09061dad6f756893ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=HIT, edge; dur=37, origin; dur=0, ak_p; desc="1708431317970_400425156_1626185722_3727_2500_15_0_219";dur=1
content-length
354
x-xss-protection
1; mode=block
x-request-id
616efb746a0a0ef6e0d55d2958b296dd
x-runtime
0.049473
etag
W/"668b9680df9275442c0a8a460c7a67a3"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-max-age
86400
access-control-allow-methods
GET,POST
cache-control
public, max-age=787
access-control-allow-credentials
true
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-headers
*
bottomline
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160881442943/widget/ 		964 B
914 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160881442943/widget/bottomline
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4ab55733ee16c07f4173a190fe8511eb588ba56deabc44f0ff98543a03e5f10d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=HIT, edge; dur=25, origin; dur=0, ak_p; desc="1708431317970_400425156_1626185723_2565_2456_15_0_219";dur=1
content-length
350
x-xss-protection
1; mode=block
x-request-id
b4bec8c39a12e045582498803ac128cb
x-runtime
0.021323
etag
W/"9fe9ff8b12e4d87f9fe3b5076a8376b0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-max-age
86400
access-control-allow-methods
GET,POST
cache-control
public, max-age=805
access-control-allow-credentials
true
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-headers
*
bottomline
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160881934463/widget/ 		966 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160881934463/widget/bottomline
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c999cedc3fe6b6b188beb9a1d569be62a2022e635c22d2c0dc4c8f4a4b9ed843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=HIT, edge; dur=330, origin; dur=0, ak_p; desc="1708431318069_400425156_1626185724_40853_3005_15_0_219";dur=1
content-length
350
x-xss-protection
1; mode=block
x-request-id
4f44522b0ffd481d2530ddd0407473c3
x-runtime
0.023050
etag
W/"94c4ba423ccd991a578b73965b72cb77"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-max-age
86400
access-control-allow-methods
GET,POST
cache-control
public, max-age=754
access-control-allow-credentials
true
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-headers
*
bottomline
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160881967231/widget/ 		964 B
914 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160881967231/widget/bottomline
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
be8eeb1ad352bb92d5aa5cd7d89839c2d04c6b3f1c04276f55dc8ce5c7adb5fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=HIT, edge; dur=100, origin; dur=0, ak_p; desc="1708431317971_400425156_1626185725_10095_1520_15_0_219";dur=1
content-length
350
x-xss-protection
1; mode=block
x-request-id
ea43c7e398e88d7c934f56e1f5bb40d3
x-runtime
0.021988
etag
W/"906d653032ac8b15d39949d1f25be049"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-max-age
86400
access-control-allow-methods
GET,POST
cache-control
public, max-age=722
access-control-allow-credentials
true
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-headers
*
bottomline
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160881901695/widget/ 		964 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160881901695/widget/bottomline
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5c671f56760ca02685888dc5417cdba6020ffd8d4e27e27652026e7ab5d4cbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=HIT, edge; dur=38, origin; dur=0, ak_p; desc="1708431317970_400425156_1626185726_3857_2422_15_0_219";dur=1
content-length
349
x-xss-protection
1; mode=block
x-request-id
a813dbb5695ddca763f6b7cac27acdf4
x-runtime
0.020640
etag
W/"7cf0ee78fbf14c344912144090212a54"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-max-age
86400
access-control-allow-methods
GET,POST
cache-control
public, max-age=780
access-control-allow-credentials
true
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-headers
*
bottomline
staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160881999999/widget/ 		964 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/batch/app_key/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/domain_key/8160881999999/widget/bottomline
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f2e70152f8d6d73d7378013d95fb02cdfcf734ea2c172f2d3b81cc10f5253fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=HIT, edge; dur=12, origin; dur=0, ak_p; desc="1708431317990_400425156_1626185806_1607_2674_15_0_219";dur=1
content-length
347
x-xss-protection
1; mode=block
x-request-id
317f120c01e9249a228bb7ddc799ab33
x-runtime
0.020444
etag
W/"e0d35c0a1610ab2b63b4ec15f04ee829"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-max-age
86400
access-control-allow-methods
GET,POST
cache-control
public, max-age=755
access-control-allow-credentials
true
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-headers
*
i
p.yotpo.com/ 		35 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.yotpo.com/i?e=pv&page=Jeffree%20Star%20Cosmetics&se_va=Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA&cx=eyJwdl91dWlkIjo1NDAwNDAxNTJ9&dtm=1708431317928&tid=395179&vp=1600x1200&ds=2193x6329&vid=1&duid=ba3187cca3989af2&p=web&tv=js-0.13.2&fp=3880471021&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=America%2FLos_Angeles&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.112.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-112-8.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 20 Feb 2024 12:15:18 GMT
cache-control
max-age=86400, private
server
nginx
content-length
35
expires
Wed, 21 Feb 2024 12:15:18 GMT
open_sans.css
staticw2.yotpo.com/assets/ 		281 B
588 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/assets/open_sans.css
Requested by
Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.css?widget_version=2022-12-28_17-32-53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
adad0f387bdee702d1120265df725c20b92e9d1eaaca34557fd6208babd0cc1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.css?widget_version=2022-12-28_17-32-53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:17 GMT
content-encoding
gzip
last-modified
Tue, 13 Feb 2024 11:21:17 GMT
etag
"65cb50ad-d8"
env
PRODUCTION
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/css
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=604800
access-control-allow-credentials
true
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1708431317990_400425156_1626185807_460_4007_15_0_255";dur=1
content-length
216
expires
Tue, 27 Feb 2024 12:15:17 GMT
vdaylogo_360x.png
jeffreestarcosmetics.com/cdn/shop/files/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeffreestarcosmetics.com/cdn/shop/files/vdaylogo_360x.png?v=1643302836
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
804e093259daf597554c97abae95f9943330991c72f64b4b08141a6f41e94b6a
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2224525
source-type
image/png
server-timing
imagery;dur=310.724, imageryFetch;dur=40.284, imageryProcess;dur=269.584;desc="image", cfRequestDuration;dur=13.000011
source-length
553207
content-length
3903
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
4b3121cc-3151-4a31-a3a2-2d7f10d13986
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Jan 2024 17:51:11 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATuf3krP%2B8i%2Bt%2BHIuXvQpGPGELgRmLoBuv337H2J%2FdzPZhhNNs%2BZtOqBaynMrkYuZ%2BcDYEPiTZ0mMrdURXf56ZE%2FuPeaKob6mmy%2F6qo2caKHDfwAIgoe%2BICmV6qE2jNVXionXzpAHUu%2Ftg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8586ac997adc7154-YUL
x-sorting-hat-podid
126
mirrorrestockdesktop_1728x.png
jeffreestarcosmetics.com/cdn/shop/files/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeffreestarcosmetics.com/cdn/shop/files/mirrorrestockdesktop_1728x.png?v=1707494123
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
47fe90aeffdbd9c770012e4a04ddad4f2a44b0f6de6cf44e8e0bf3f5c0216996
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
129613
source-type
image/png
server-timing
imagery;dur=1179.976, imageryFetch;dur=162.908, imageryProcess;dur=1016.165;desc="image", cfRequestDuration;dur=20.999908
source-length
7930006
content-length
102324
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
eb455c46-68dd-4f06-ba95-1ddc157907bb
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Feb 2024 16:13:34 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCqtPERKYaVQPHtpW63UKBAKwtbX9OVnMW3Ly6q1joACRbWE5KmQLsUSGe54gviLGTMoKrYlsMZ73FMuwUQTjA2ZiQhIw6Un5Oi27CUSyGbRDr0RpZVrOGGEd7WtToZiCpYqSaSfHYV9bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8586ac997add7154-YUL
x-sorting-hat-podid
126
Orgydesktopblank_1728x.png
jeffreestarcosmetics.com/cdn/shop/files/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeffreestarcosmetics.com/cdn/shop/files/Orgydesktopblank_1728x.png?v=1706556064
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
d5f8db0e78183b1df2a602f7c86391d0148d02d88ab7162dbdf6e16e499eb251
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
129434
source-type
image/png
server-timing
imagery;dur=1421.686, imageryFetch;dur=338.346, imageryProcess;dur=1036.330;desc="image", cfRequestDuration;dur=16.999960
source-length
14424711
content-length
120482
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
b5b064d8-ea31-425e-9927-c8ae607af1d0
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 17 Feb 2024 13:35:32 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0G%2FYqAJoU5Tw685jFBt3xjaj3ic04mtCNL%2BbOZ6JMJh0X7CjsDnUFTQk0FXCNRm4MpvzPokh7qdjoRwA4vb7XPJcZZm3UwHHoEJWmrnFB8uiTYIcL7ZnoOdpe%2BQZpUFsdodYB6WfZGJotg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8586ac997adf7154-YUL
x-sorting-hat-podid
126
index.min.js
jeffreestarcosmetics.com/cdn/shop/t/242/assets/ 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/index.min.js?v=76853542979110582081698318736
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/shop/t/242/assets/app.min.js?v=130457090045099245821698331456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
baadb3c66c03833721cdcd0c583ad87af65665ebae8d1df7c0fd34549c9349fc
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
3424146
content-encoding
br
server-timing
imagery;dur=63.683, imageryFetch;dur=63.500, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
4020f542-81f2-4de1-848a-64d3f8c74011
last-modified
Thu, 11 Jan 2024 20:56:48 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9mZHD7kCmY1HMgHu3geFAXxpvxVioBZkavybybBQN1g7BHIqRL1zakWIWFb9feJsRXPjmKTuFInxrAv9kcK9rI94mmO7P9lcMw2N21KQShoCNkaEQqfuNnbLp6G4f3c9Oh83taZ44yg9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
8586ac997ae07154-YUL
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0673/2291/t/242/assets/index.min.js>; rel="canonical"
x-sorting-hat-podid
126
widget.js
staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/ 		442 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.js?v2enforce=true
Requested by
Host: cdn-widgetsrepository.yotpo.com
URL: https://cdn-widgetsrepository.yotpo.com/widget-assets/widgets-initializer/app.v0.8.2-5645.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c9908c2748efa22a9d8884595d5a50e00731e361931aca0ace3151640da50a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-encoding
br
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=HIT, edge; dur=10, origin; dur=0, ak_p; desc="1708431318005_400425156_1626185870_1206_4736_15_0_146";dur=1
content-length
106066
x-xss-protection
1; mode=block
x-request-id
c650967d9501d4cf7e41c6c4fb9dbb75
x-runtime
0.037684
etag
W/"f3ff5fbae6f900eb7ed1b479044cb3d5"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
public, max-age=5577
access-control-allow-credentials
true
access-control-allow-headers
*
config.json
cdn.acsbapp.com/config/jeffreestarcosmetics.com/ 		162 B
724 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/config/jeffreestarcosmetics.com/config.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.11.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6512595609fdc29866dc751e191fa2b516122b67c810688c18b0848b1ca2921

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPrMlN3fHj1nO5GWW9qrR6PXnsUlUAy-ziT6INCQDthW3eO8UBd8WFhdBIVv1x2-oaYKl3WoKPXO69MIEJD7cklWg16tS92e
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Sat, 24 Jun 2023 14:30:26 GMT
server
cloudflare
etag
W/"8d5539af2092c8680c6dd509685ebd9c"
vary
Accept-Encoding
x-goog-hash
crc32c=LPhSkA==, md5=jVU5ryCSyGgMbdUJaF69nA==
x-goog-generation
1687617026607737
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
162
cf-ray
8586ac9d7e5d7116-YYZ
expires
Wed, 19 Feb 2025 12:15:18 GMT
web-widget-main-a0370fe.js
static.zdassets.com/web_widget/messenger/latest/ Frame 61AA 		435 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=7974f39b-67ff-4bc1-9a4a-de60f7cb81d9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a7979bfdb428aeee14c8f23b2671d0bc0924aef257bf0d1e332da168bf5b5b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
x-amz-version-id
ZLQfQ8VAJywf0FRWmUxy0uJpQtEO7ERS
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
FG1FZ3ZKF67RV71B
age
96685
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
KEHktd298CMOolHlBMafryZ0a+8H2s7n4EL3gAVr5GH+db4c8rbUODx1s3UH+NQhPHyGoBEWo6U=
last-modified
Thu, 15 Feb 2024 16:57:38 GMT
server
cloudflare
etag
W/"0716a89c7772dd4e6b2228378ee4842c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGKCuv3eCacAGqCYGN3C7Af2GRIQIROXbYoZQvXlxqd7lIjUP13xNbpsrASAppNAGBwoXCgP3y%2BxYLI2lcwoYWfqrFza31MOxrIKNp0%2FXvy0IxzG8qcsBuhGnjUDfCMJlyeJsKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8586ac9d3b1039dd-YYZ
access-control-allow-headers
*
expires
Fri, 14 Feb 2025 16:57:37 GMT
main.MTU3YmJkODI0Mg.js
analytics.tiktok.com/i18n/pixel/static/ 		387 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0Mg.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJSB1HBC77UFRCHS58AG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.16.154 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-16-154.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6d0da62e544b9db6c48c83dc185f6835cd5d1605eae727be748775076ab9ca76

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id
333f508
date
Tue, 20 Feb 2024 12:15:18 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240125200848CFCE2B038FEC94691FBA
x-tt-trace-id
00-240125200848CFCE2B038FEC94691FBA-1196540EBD667283-00
vary
Accept-Encoding
x-cache
TCP_HIT from a23-222-16-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01958474c439d7730563a2eac91d561659691f32bf131f9d751b388abaebeb3918d38710e24e77501cb127aef79cf609302737e6b71cc1e4572cb8ee09ff6a4fec2cf66c18878900da93ff33aecdda50f21c2c927648d9f8dfd774a8804f6206ec
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16
content-length
104866
destination
www.googletagmanager.com/gtag/ 		211 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-325015524&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-81RXDPTBJQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
5baf89a261c96182953979499c0095130f3a77a1ed3638fd5415e24ff9deff18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77397
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Feb 2024 12:15:18 GMT
destination
www.googletagmanager.com/gtag/ 		209 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=MC-0MGTFZ50PE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-81RXDPTBJQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
322d4cef888338d0ce45a5e82085dc1b26b748cc756991b494345695c84a49f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77742
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Feb 2024 12:15:18 GMT
collect
www.google-analytics.com/j/ 		15 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=375385643&t=pageview&_s=1&dl=https%3A%2F%2Fjeffreestarcosmetics.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Jeffree%20Star%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABBAAAACgCIAB~&jid=812582752&gjid=1952301097&cid=715113857.1708431319&tid=UA-72991237-1&_gid=694405638.1708431319&_slc=1&did=BwiEti&z=1782253836
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
90c91c3158b038a688cd4a400bc1b33a49672f001404efab1f4e62c8e0ba5d3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 12:15:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jeffreestarcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72991237-1&cid=715113857.1708431319&jid=812582752&gjid=1952301097&_gid=694405638.1708431319&_u=YGBAgEABBAAAAGgCIAD~&z=581711565
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 20 Feb 2024 12:15:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jeffreestarcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
yotpo-widget-font.woff
staticw2.yotpo.com/assets/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/assets/yotpo-widget-font.woff?version=2022-12-28_17-32-53
Requested by
Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.css?widget_version=2022-12-28_17-32-53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ded3cc824f7bd6d490d247ad247bc13cd3205f3dca15e6afa78610dc8a4d1143

Request headers

Referer
https://staticw2.yotpo.com/Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA/widget.css?widget_version=2022-12-28_17-32-53
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
last-modified
Tue, 13 Feb 2024 11:21:17 GMT
etag
"65cb50ad-3000"
env
PRODUCTION
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
server-timing
cdn-cache; desc=HIT, edge; dur=17, ak_p; desc="1708431318678_400425156_1626189261_1916_5225_15_0_255";dur=1
accept-ranges
bytes
content-length
12288
expires
Tue, 27 Feb 2024 12:15:18 GMT
open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
staticw2.yotpo.com/web-fonts/opensans/v34/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://staticw2.yotpo.com/web-fonts/opensans/v34/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
Requested by
Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/assets/open_sans.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
52a27a6a1c1821efdf20d91ece59d5f29ba3ba28cc8480e2f73f3007216e7729

Request headers

Referer
https://staticw2.yotpo.com/assets/open_sans.css
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
vyz.i4QOdLlLZUMzbqnnDnj5xOURPlW1
content-encoding
gzip
date
Tue, 20 Feb 2024 12:15:18 GMT
x-amz-request-id
3GZP48HZPHM94C6M
x-amz-server-side-encryption
AES256
env
PRODUCTION
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1708431318763_400425156_1626189262_28_5279_15_84_255";dur=1
content-length
56207
x-amz-id-2
AVW+KWzn0MQLONFIz0AJFLUTNI0W/4WILShMZzb0IuwFhhmpoVzIUo7ps/B7IjP9orSFapedl7M=
last-modified
Tue, 27 Jun 2023 19:16:47 GMT
server
AmazonS3
etag
"441a81103fda7f9c3b41cffd77d8c65c"
vary
Accept-Encoding
access-control-max-age
31536000
content-type
font/woff2
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
expires
Wed, 19 Feb 2025 12:15:18 GMT
produce_batch
jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/ 		0
744 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing
cfRequestDuration;dur=47.999859
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
c7ae0494-066e-4b7e-9321-40f0fca23cf5
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuChqpoL%2BUflsK%2BHNyaVnOhXJrq9AGXh9y8dSQrtMEDWtKcUUWAihA0jdwjhNqP3jvbGuqDKOEnQ%2B2EJSxwWMKo1N4yl71Zfh1jc76Brfe4pl37alAin9JtIIu6hBctCK1i0bvBCwZFRhw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
8586ac9e2a067154-YUL
171279846853517
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/171279846853517?v=2.9.147&r=stable&domain=jeffreestarcosmetics.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
6e95092d7d2c14c77997509d39e65d5f7a00ad84787afab7d328cfc3bcc6b658
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Feb 2024 12:15:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11017
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
UETfBzB86v+rQPjFJa/XZctyMU1SocKNmfuMEkIwdrn4pr7t982nAA3On3BGBdk4UF+P+ASpFSr+/MzoOZGv2w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-81RXDPTBJQ&gtm=45je42e0v9128893694za200&_p=1708431317246&gcd=13l3l3l3l1&npa=0&dma=0&cid=715113857.1708431319&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&dp=%2F&dt=Jeffree%20Star%20Cosmetics&dl=https%3A%2F%2Fjeffreestarcosmetics.com%2F&sid=1708431318&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2158
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-81RXDPTBJQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 12:15:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jeffreestarcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		250 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-81RXDPTBJQ&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
514e50bb7c48595c8c2c5d67709ddc45b607044105c567d1645045e94d446878
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88725
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Feb 2024 12:15:18 GMT
/
jeffreestarcosmetics.com/
Redirect Chain
  • https://jeffreestarcosmetics.com/discount/CLEAR
  • https://jeffreestarcosmetics.com/
163 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
fa0b52021665d0356c4dc592c7e4b11b4f2bc8e756b160e3478474139d10adc5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
miss
server-timing
processing;dur=193, db;dur=53, render;dur=76, wasm, asn;desc="136787", edge;desc="YUL", country;desc="CA", theme;desc="143359049855", pageType;desc="index", servedBy;desc="7p8r", requestID;desc="e5e5d0a8-700d-4dc0-8b35-be2e6b8fc98c", cfRequestDuration;dur=240.000010, earlyhints
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
e5e5d0a8-700d-4dc0-8b35-be2e6b8fc98c
x-shardid
126
x-storefront-renderer-rendered
1
x-shopify-stage
production
server
cloudflare
etag
W/"cacheable:debdd4e57a5328f732ce178ec40ec68a"
x-shopid
6732291
x-frame-options
DENY
vary
Accept
content-type
text/html; charset=utf-8
content-language
en-CA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHxba7NHG2rkp0jhCt5LoDlRDN4Pt4o47auM7dzlqgrnlRVnbIfC2sL%2FsiJ4EO4G6uoRFNPzNEShzzfQUbpnQlHJ%2BZI6ZxjmHL%2Bd0QYnQ%2BpEce9QQUMKep%2BTOi35L0y8Xf6N5f3xLsjI5w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8586aca08e5e7154-YUL
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid
126

Redirect headers

date
Tue, 20 Feb 2024 12:15:18 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=store_code&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fdiscounts&source%5Bsection%5D=storefront&source%5Buuid%5D=01c88664-6642-4342-a501-cb6a86b6a5dd
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-northamerica-northeast2,gcp-us-central1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
73
server-timing
processing;dur=71, cfRequestDuration;dur=130.000114
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=store_code&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fdiscounts&source%5Bsection%5D=storefront&source%5Buuid%5D=01c88664-6642-4342-a501-cb6a86b6a5dd
x-sorting-hat-shopid
6732291
x-request-id
01c88664-6642-4342-a501-cb6a86b6a5dd
x-shardid
126
x-shopify-stage
production
server
cloudflare
x-shopid
6732291
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0SPLUnKWCn084yrUJdjZBWtdqSCT7ywRd1EneEZ8lgZ%2Bk3yPytAQ8kGEj35nNM7r2UX83oiOkfF9plpbPv5qeqKGkzsq%2B0PnX7mgyQJnJMbyo4A75gCwiovUAMx13SPXKE3b1l%2BkSvdFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
https://jeffreestarcosmetics.com/
content-language
en-CA
x-download-options
noopen
cf-ray
8586ac9edb137154-YUL
x-robots-tag
noindex, nofollow
x-liquid-rendered-at
2024-02-20T12:15:18.946754382Z
x-sorting-hat-podid
126
336094328318530
connect.facebook.net/signals/config/ 		30 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/336094328318530?v=2.9.147&r=stable&domain=jeffreestarcosmetics.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C207%2C144%2C105%2C127%2C120%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
26402aa93bad9cc1bf7a84fd7c0c8106e0604a4b996eb03d844bcd3f3c82f59f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Feb 2024 12:15:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4902
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
J++FseBgX8q+FuqMrnNZuuShZWg87eq1DAvFVZKnxw6w318iinR1tVDcnXPoInrhoDFQEXMyWSqwCE48hZQkzg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
identify_0a875.js
analytics.tiktok.com/i18n/pixel/static/ 		137 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0Mg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.16.154 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-16-154.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id
333f68b
date
Tue, 20 Feb 2024 12:15:18 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202401231543502FA6B88A5B2C1AC92BE5
x-tt-trace-id
00-2401231543502FA6B88A5B2C1AC92BE5-563A47C8F0B49CC3-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-222-16-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
016ff8e15703b1bd4a6b713ffa7af327861c1ddefe8793057a4505d60138c77559fb122c0c34cbc0247cd77ba38d8fafa47a0bc33613a807b3967a55cfdb715c3521634a0a1fff39f16eea6cfa1879a3e745e24c523a8b0e0cf4cefad98c07a0cc
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
37062
pixel
analytics.tiktok.com/api/v2/ 		0
844 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0Mg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.16.154 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-16-154.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6cf78ce.333f6c9
date
Tue, 20 Feb 2024 12:15:19 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240220121518FAAFD45D9C77C83A62F3-378616A07F41D03B-00
x-cache
TCP_MISS from a23-222-16-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time
105,23.222.16.150
server-timing
cdn-cache; desc=MISS, edge; dur=7, origin; dur=102, inner; dur=100
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240220121518FAAFD45D9C77C83A62F3
x-cache-remote
TCP_MISS from a23-220-106-153.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1.1-53905974) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
103,23.220.106.153
x-tt-trace-host
01d0767ae155227f1f5c0f8616b9a8a0b7f58e91274702c8019a1a6280e70995f0c60e0b13d7e3b21dc933c35c5b63e3065e44bc4e499e71901a9eaefcbdf5fdf89021492867268ab56c794fe32762bf5536cdee91c6c9178aba8fe0e41115ef0e5261bd1cf49d1a6b506fac824c9485ce
access-control-allow-headers
Authorization,*
expires
Tue, 20 Feb 2024 12:15:19 GMT
en-us-json-a0370fe.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 61AA 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-a0370fe.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceb09275cdd331c7f6a45251bade3bdf6e027c26b220bb91e53f107418b9af8c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
x-amz-version-id
u2PDhummP8_ehE3OIftmg51YNEzdU7oe
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8PWT7HGRFHACWEDQ
age
96686
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
sWKd8rEq5L/35xbU50nlJNr7GoQniwlDIsAcLAwWG/VllWdxJtRiiSYXrsdH9ZaCR1+i60eJJs8=
last-modified
Thu, 15 Feb 2024 16:57:40 GMT
server
cloudflare
etag
W/"afa8158c4aa1aa2dccba0d36fd3c0e2f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEs3lsq2aUcHzFuPkqQhcqnIT0MNlKAgcEtOibokqNMvkvhjo772i5rgF7GUF1qCdltXyNpDr%2BhsvV76FeuTNjqmKEvdr4m9%2B0C0eP0qc8Ek12lsWF%2Bmik0NHkwHM4mggsuP1YY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8586ac9fedfb39dd-YYZ
access-control-allow-headers
*
expires
Fri, 14 Feb 2025 16:57:39 GMT
web-widget-4852-a0370fe.js
static.zdassets.com/web_widget/messenger/latest/ Frame 61AA 		139 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-a0370fe.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
x-amz-version-id
F7uXOz2A_5aQqfTP_rhX1FqPLAydr3fO
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8PWGCYM9XFAW9EDM
age
96686
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
h79KNqf53xy+7kfGrXJaVl/3V2wLvtIVSuQ0MP0XnV0T49eFv7Hilx5MHcMqDkU6WtG1G6nyD9Q=
last-modified
Thu, 15 Feb 2024 16:57:38 GMT
server
cloudflare
etag
W/"ea51d3eb674c1f286144bbe26ba05c86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3v5BCHuTgOcRtntSy0QrOcmTXEgpiYy4yRoWW2kqxtmncmJY5x6koevbItxsfN0IzFDvFzOAw8hVTA80osG%2Bb%2Fh%2FVaQjIB3WSz%2F41jTDwNVEs682SpAzBqLrt6%2FviWarWa6lpE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8586ac9fedfc39dd-YYZ
access-control-allow-headers
*
expires
Fri, 14 Feb 2025 16:57:37 GMT
web-widget-1327-a0370fe.js
static.zdassets.com/web_widget/messenger/latest/ Frame 61AA 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-1327-a0370fe.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
x-amz-version-id
rHIrdQ08Y6NwProz9wmIqzko_Nsv8IHu
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8PWMRHHV3A4Q6F05
age
96686
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
AkFTj+A8gvVvURp8ZfY8ujtYOV9cuZIHOXvo9hOF3oCW6enQTR3nWIKHHbKbPOEkrrmz7SJy+DU=
last-modified
Thu, 15 Feb 2024 16:57:38 GMT
server
cloudflare
etag
W/"bd26f2d30e94f25a4a0b875c335aca6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLUBILU%2BGL8SlvHRDbRq6DagnamP7glYMZ274OrIv6rGP4Bk7%2FvHIeYgxFbxBxF1jvsWqxSpJ8S8xYLGVhWCR8JzM0PTC2u0UgbjOzr6WE1x0Cwe17rQYtcy5eV%2BdYqjNj7vqp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8586ac9fedfd39dd-YYZ
access-control-allow-headers
*
expires
Fri, 14 Feb 2025 16:57:37 GMT
web-widget-5178-a0370fe.js
static.zdassets.com/web_widget/messenger/latest/ Frame 61AA 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-a0370fe.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c0d0133f0c4de69506db43902173fb3e04ca467c2e4f03453247a544fe7c122
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
x-amz-version-id
MVqLhUsMGNUapmIjFyQQbDvr_okOHKWu
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8PWJEF7X84Z4D0EH
age
96686
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
1qSLbXp5Bl5CQLdAt3B8Z/5UNMxhvj8i66Wp1Z5IMu/jK8BMs1YUzU3jkKULXcxWxEnHiZ+09ZvCzM14HA6asQ==
last-modified
Thu, 15 Feb 2024 16:57:38 GMT
server
cloudflare
etag
W/"4155d9334495aef51624739a922987ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHWNeuWEHz7vN0oNOEuE1l2qyeeW%2F9E0rSsL0R194wpM8S9ulC%2B%2Bv81EHA2NB1T5wH3xYfNZVmxH%2BMgjGHF%2FpIg9xEH87HDKV4qgLquZhokcPibnPExP9CfwOeRqAAkkKOiF%2BY0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8586ac9fedfe39dd-YYZ
access-control-allow-headers
*
expires
Fri, 14 Feb 2025 16:57:37 GMT
web-widget-9535-a0370fe.js
static.zdassets.com/web_widget/messenger/latest/ Frame 61AA 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-a0370fe.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aeee8d7b8f59a4332c9d10016b6d08ce58270a1ba6e5e3964e4a67ef44659a2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
x-amz-version-id
fFWzIFin_CmioGvF1MZFNVN5UYAoZZpx
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8PWK5B9QZEWEKJPD
age
96686
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
PrR4ATVEUudA7ngSPiyqNuPgAYWtnDF2cOQ/eUzV0L7T7ijkkl1DOpKA36k4LZWWhbRmMpNW8rLC3vTVsblApg==
last-modified
Thu, 15 Feb 2024 16:57:38 GMT
server
cloudflare
etag
W/"dac47767d3defab30fc014d56fbe8017"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4%2F6dFbcp1uYDLQ4cxzwcJtQtG%2BKj1Vl5mIn5qtWbL6TXsmSFMQ10EwQ1Qet5GIeoWj8A6hX1WEydSEv%2BUTHHa4LBQiHbjWDJOGsPNfCdoMe3lv7lvnVF940ub41LyMAAsGcY3I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8586ac9fedff39dd-YYZ
access-control-allow-headers
*
expires
Fri, 14 Feb 2025 16:57:37 GMT
collect
www.merchant-center-analytics.goog/mc/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.merchant-center-analytics.goog/mc/collect?v=2&tid=MC-0MGTFZ50PE&gtm=45ve42e0v9121514119za200&_p=1708431317246&gcd=13l3l3l3l1&npa=0&dma=0&cid=715113857.1708431319&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dp=%2F&dt=Jeffree%20Star%20Cosmetics&dl=https%3A%2F%2Fjeffreestarcosmetics.com%2F&sid=1708431319&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2405
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=MC-0MGTFZ50PE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 12:15:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jeffreestarcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/325015524/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/325015524/?random=1708431319053&cv=11&fst=1708431319053&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F&label=-vhjCOTXpOICEOSv_ZoB&tiba=Jeffree%20Star%20Cosmetics&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=0&ec_m=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)*SPAN%3Atrue%3A22%3Afalse*1&ec_sel=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)&ec_meta=SPAN%3Atrue%3A22%3Afalse&ec_lat=4&ec_s=1&pscdl=noapi&auid=1920387700.1708431319&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2F&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-325015524&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
ec2b3779943f7a3860b5b49f07bbda7d87608c25e5d894fb1d930d34851f842d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 12:15:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1708
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
NineLives_360x.png
jeffreestarcosmetics.com/cdn/shop/files/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeffreestarcosmetics.com/cdn/shop/files/NineLives_360x.png?v=1697213003
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
a2343ccb9a5bf31efbd289dcdd65840f4731bec8f655bf162bcec83fbb14ade8
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
517778
source-type
image/png
server-timing
imagery;dur=422.838, imageryFetch;dur=97.400, imageryProcess;dur=324.580;desc="image", cfRequestDuration;dur=15.000105
source-length
1275008
content-length
12168
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
64bf60ab-9297-4053-b81f-bca5579a21a0
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Feb 2024 16:03:12 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjk9W5%2FJJWRA2NEI%2FK2qrAdsPNyA%2FxQ%2FeAASp9y6%2FaTtOh4Gy0soc0317L5hJlVWMo9UdqnUxXe9A%2F5%2BVdxXJyUpHGLQMHaW0nDYAScJZ1%2BiWroxSOsT7OgWUF3S%2FOsQDG7kHD9A2zpTgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8586aca08e6b7154-YUL
x-sorting-hat-podid
126
PinkCat2_360x.png
jeffreestarcosmetics.com/cdn/shop/files/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeffreestarcosmetics.com/cdn/shop/files/PinkCat2_360x.png?v=1707491184
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
b0342339841f4af8e7c8e24d08303fefb49d25f62d6b800eca84c8aa2afdbaf3
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
936369
source-type
image/png
server-timing
imagery;dur=329.154, imageryFetch;dur=46.178, imageryProcess;dur=282.005;desc="image", cfRequestDuration;dur=15.999794
source-length
1815589
content-length
11898
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
2232235e-df57-4670-bb36-b64cb6ac61ef
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Feb 2024 16:02:40 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPgztlQqyuI6sExUXTEfaVqztYX2K9A63hXjkgILp2zguJ56BfETfBGldEBhuE4VYlNCwKMnklre8ik6C%2Bjo2KZHd3Q0eEbgVJZrlcPN6NhgEKtVrQ7IaINnI4LL7YpmgnopPUEn9g1nWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8586aca08e6e7154-YUL
x-sorting-hat-podid
126
PurpleCat2_360x.png
jeffreestarcosmetics.com/cdn/shop/files/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeffreestarcosmetics.com/cdn/shop/files/PurpleCat2_360x.png?v=1707491335
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
8f8bdb39a3d037c0dd030ddeea68df3f11ae6718175f960052e812c280b463b3
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
936368
source-type
image/png
server-timing
imagery;dur=309.839, imageryFetch;dur=33.023, imageryProcess;dur=276.055;desc="image", cfRequestDuration;dur=13.999939
source-length
1681486
content-length
13200
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
7ae42e77-68ed-4905-9039-cbeb002baa40
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Feb 2024 16:02:41 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvZp8fF1FLeieGgBrRoQQgzrI0caFxMZRiXcEgELpXctNcqeRKYjTSeSWhePoMx4A4bZaLLuzhir%2B501JdScKtIsXisQYkcgCZkWsdiInmLmX4ojqGqVrhvunEdeP0Qw%2B8aVTCjpbQ%2Fkzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8586aca08e707154-YUL
x-sorting-hat-podid
126
01-1_Hand_Mirror_-_Beauty_Killer_-_Pink_Chrome_360x.jpg
jeffreestarcosmetics.com/cdn/shop/products/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeffreestarcosmetics.com/cdn/shop/products/01-1_Hand_Mirror_-_Beauty_Killer_-_Pink_Chrome_360x.jpg?v=1647719369
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
9e29ef150ec9124531a5a9587349775a0806a31515de4fe6605349c60f11875d
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
936368
source-type
image/jpeg
server-timing
imagery;dur=204.462, imageryFetch;dur=79.057, imageryProcess;dur=123.857;desc="image", cfRequestDuration;dur=13.000011
source-length
626891
content-length
3564
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
4a615c33-97ed-4bc4-925f-3d7ea5755283
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Feb 2024 16:03:12 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdibZQXGs8uikTTKvYdB8WnDVMvdkrEgmu9b6nahQTNi%2FGXUlZtO3lavaBQct8jQNby%2FlAV23k5mFJqMRkJMZhLtYCPSQX2q1DfBTACdv6wIf5Cri0PIXrJasoApWAw6ZvSnJ%2BxjpElY0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8586aca08e727154-YUL
x-sorting-hat-podid
126
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=171279846853517&ev=PageView&dl=https%3A%2F%2Fjeffreestarcosmetics.com%2F&rl=&if=false&ts=1708431319122&sw=1600&sh=1200&v=2.9.147&r=stable&a=shopify&ec=0&o=4126&fbp=fb.1.1708431319121.17957707&ler=empty&cdl=API_unavailable&it=1708431318743&coo=false&eid=sh-c6711f69-AADD-46DE-7E46-3C68C1B3CA98&exp=e1&rqm=GET
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Feb 2024 12:15:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=336094328318530&ev=PageView&dl=https%3A%2F%2Fjeffreestarcosmetics.com%2F&rl=&if=false&ts=1708431319126&sw=1600&sh=1200&v=2.9.147&r=stable&a=shopify&ec=0&o=4126&fbp=fb.1.1708431319121.17957707&ler=empty&cdl=API_unavailable&cs_est=true&it=1708431318743&coo=false&eid=sh-c6711f69-AADD-46DE-7E46-3C68C1B3CA98&exp=e1&rqm=GET
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Feb 2024 12:15:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pv
jsccustomerservice.zendesk.com/frontendevents/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jsccustomerservice.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://jeffreestarcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
8586aca0fdf039ef-YYZ
date
Tue, 20 Feb 2024 12:15:19 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGE%2BP%2Fkzt%2FCnvkr3H61AhFnlyfOj70%2FzweC2rvroXYTBvBP%2BVV2k9bFhdCGnw0LDURwq1XsTGnvvc3LXq8YYExL7OpfdCZPpJ2KZffpWsYaRXyMSQhmc4Xby7NJv%2B%2Bo8ytG1jys0s2SaqRQDwgoXug%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
8586aca0fdf039ef-YYZ
x-zendesk-zorg
yes
pv
jsccustomerservice.zendesk.com/frontendevents/ Frame 61AA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jsccustomerservice.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9161H5IUxuGhi2Dxxmaqfxtca3BuJBr6L%2FH0mu6V2fj0ZFXjDdx%2FExFYsm3c0xZjdWk%2Fzec1%2Fuamn6eefMBgYBuGs2s1qWZ2hFZMuLSuONeflay%2BWfEt6qdc17LNPl8WDqkWD%2BLVMl5Yv1radIP4DA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8586aca1ded139ef-YYZ
content-length
0
x-request-id
8586aca1ded139ef-YYZ
config
jsccustomerservice.zendesk.com/embeddable/ Frame 61AA 		781 B
1018 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jsccustomerservice.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba548478d053bb6421285c667cb31830ff18506fb39970e73610411dfd042cf0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-755d88db79-phkw7
x-cached
MISS
x-request-id
8586aca0fded39ef-YYZ
x-runtime
0.002549
last-modified
Tue, 20 Feb 2024 11:35:48 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJ08aHWziY29iE4T0sIPm1J0kQ2aFQaUYVVxC8raps4DLDcBkl9e%2BFuXuwKHGvAM6G9VlfBq5uhyPnaiKz2CviG%2FmdKwNPenyQ3%2BTTTiSWf3LO0JfXH7GPZC2QM%2FUVS68ZyO4FLqEao66F%2B24yyKng%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
8586aca0fded39ef-YYZ
act
analytics.tiktok.com/api/v2/pixel/ 		0
840 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0Mg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.16.154 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-16-154.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
72d48fc.333f820
date
Tue, 20 Feb 2024 12:15:19 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24022012151934A6DD8F9164826C577C-52421EF18D5D4ECB-00
x-cache
TCP_MISS from a23-222-16-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time
50,23.222.16.150
server-timing
cdn-cache; desc=MISS, edge; dur=18, origin; dur=43, inner; dur=39
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024022012151934A6DD8F9164826C577C
x-cache-remote
TCP_MISS from a23-220-106-152.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
43,23.220.106.152
x-tt-trace-host
01d0767ae155227f1f5c0f8616b9a8a0b7f58e91274702c8019a1a6280e70995f034d4a21606403ab4cfca8068e08249543499a7c10b3b168d05797bff0e7d5dde62578ec4f1384072e86dc6227a2805cbd77061b060a71cdef2cfd1ec4812cfad749282df95a4e011ba023c880712954e
access-control-allow-headers
Authorization,*
expires
Tue, 20 Feb 2024 12:15:19 GMT
/
www.google.ca/pagead/1p-conversion/325015524/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/325015524/?random=140171344&cv=11&fst=1708431319053&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=12...
  • https://www.google.com/pagead/1p-conversion/325015524/?random=140171344&cv=11&fst=1708431319053&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2F...
  • https://www.google.ca/pagead/1p-conversion/325015524/?random=140171344&cv=11&fst=1708431319053&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fj...
42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-conversion/325015524/?random=140171344&cv=11&fst=1708431319053&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F&label=-vhjCOTXpOICEOSv_ZoB&tiba=Jeffree%20Star%20Cosmetics&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=0&ec_m=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)*SPAN%3Atrue%3A22%3Afalse*1&ec_sel=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)&ec_meta=SPAN%3Atrue%3A22%3Afalse&ec_lat=4&ec_s=1&pscdl=noapi&auid=1920387700.1708431319&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=Ek9DaEVJZ0xqUnJnWVFsUDc1c3QyQWlZaWZBUkltQUxFRlJKdUhqeERWSHBjZm9vbzlUMHhxdW5kMXdQbWdsS0cxenFaam4tMWpqNzVQM2RzGlpDaEVJZ0xqUnJnWVF1cW1nNG9QbGdkLWFBUkl1QUVYVVFPZzhGUGp2MnJ3NEMwQmN0YXlGQlp2LTRZbDNxMmlsc29yQ0FwVG83Q0pOQ2luVzI2S2NfYW9nVGciEwiT15vP8rmEAxV-DmgIHeZFA48yAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&ocp_id=15fUZdOPCv6coPMP5ouN-Ag&cid=CAQSGwAvHhf_pIfq5WJMssnECb_uJjxsQ0CEndmUuw&random=3601045730&ipr=y
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Server
142.250.31.94 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 12:15:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Feb 2024 12:15:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.ca/pagead/1p-conversion/325015524/?random=140171344&cv=11&fst=1708431319053&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F&label=-vhjCOTXpOICEOSv_ZoB&tiba=Jeffree%20Star%20Cosmetics&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=0&ec_m=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)*SPAN%3Atrue%3A22%3Afalse*1&ec_sel=%23footerNewsletterForm%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)&ec_meta=SPAN%3Atrue%3A22%3Afalse&ec_lat=4&ec_s=1&pscdl=noapi&auid=1920387700.1708431319&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=Ek9DaEVJZ0xqUnJnWVFsUDc1c3QyQWlZaWZBUkltQUxFRlJKdUhqeERWSHBjZm9vbzlUMHhxdW5kMXdQbWdsS0cxenFaam4tMWpqNzVQM2RzGlpDaEVJZ0xqUnJnWVF1cW1nNG9QbGdkLWFBUkl1QUVYVVFPZzhGUGp2MnJ3NEMwQmN0YXlGQlp2LTRZbDNxMmlsc29yQ0FwVG83Q0pOQ2luVzI2S2NfYW9nVGciEwiT15vP8rmEAxV-DmgIHeZFA48yAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&ocp_id=15fUZdOPCv6coPMP5ouN-Ag&cid=CAQSGwAvHhf_pIfq5WJMssnECb_uJjxsQ0CEndmUuw&random=3601045730&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
produce_batch
jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/ 		0
747 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing
cfRequestDuration;dur=59.999943
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
c8fbe438-d114-46a1-bfc9-d63426cbb229
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpsU0UtSmCA99O5T9mSJVogYsNDMKfYtrd0GcBveqs6N2lDedv%2B8%2BSBY8VaIBlQ4u1ohU7xkTLtj%2BZX9guhUM0JSr%2FjW7d9llgW2aoFeka6t3ulb5PC2NyWLvrJkv66nw1zp%2FjFLY%2FiRvg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
8586aca208cb7154-YUL
gdpr_cookie_consent.min.js
gdprcdn.b-cdn.net/js/ 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdprcdn.b-cdn.net/js/gdpr_cookie_consent.min.js?shop=jeffree-star-cosmetics.myshopify.com
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
bd333d99f5ea7bfe6364efc97b9ba49d7232faad6923732e2af32f184aeb8d5e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
content-encoding
br
cdn-edgestorageid
925
perma-cache
HIT
cdn-storageserver
NY-346
cdn-cachedat
02/20/2024 10:31:42
cdn-pullzone
176374
last-modified
Tue, 20 Feb 2024 10:27:41 GMT
server
BunnyCDN-ASB1-925
cdn-fileserver
754
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65d47e9d-1854b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
921dc4f4-2f03-4785-aefa-df9a43743874
cache-control
public, max-age=31919000
cdn-requestid
03a3e3f89ed2ed6e4deae06e33959b04
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
weglot_script_tag.js
cdn.weglot.com/ 		0
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.weglot.com/weglot_script_tag.js?shop=jeffree-star-cosmetics.myshopify.com
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
x-amz-version-id
null
via
1.1 614ee5305862f7e9bae65335466e5512.cloudfront.net (CloudFront)
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-cf-pop
YTO50-P1
age
7088320
x-cache
Hit from cloudfront
content-length
0
last-modified
Tue, 09 Jun 2020 10:38:01 GMT
server
cloudflare
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8586aca43b18a1da-YYZ
x-amz-cf-id
jbLMeurgqPiDFLbBADGfLu7YuHp6_VqGfBFPPSTfMfzkzJzHhol8EA==
expires
Wed, 19 Feb 2025 12:15:19 GMT
ld.js
dynamic.criteo.com/js/ld/ 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=88392&shop=jeffree-star-cosmetics.myshopify.com
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.142 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e94e9489245d6fac2a4c2eabba920f5dd5b8af77474a9fe89a80bb13a4048832
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
glosku-bundle.js
a.glosku.com/shopify-client/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.glosku.com/shopify-client/glosku-bundle.js?shop=jeffree-star-cosmetics.myshopify.com
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.112.135.248 Shenzhen, China, ASN (),
Reverse DNS
Software
/
Resource Hash
6ed50f35dfa84208081e6994ac3758e141451835192d3cf6b3f6cb9b623dea86
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:21 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 06:11:21 GMT
etag
W/"65813409-9389"
vary
Accept-Encoding
content-type
application/javascript
yWvW8B4ulm3fpojUdQiCew.js
cdn-loyalty.yotpo.com/loader/ 		92 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-loyalty.yotpo.com/loader/yWvW8B4ulm3fpojUdQiCew.js?shop=jeffree-star-cosmetics.myshopify.com
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.126.61 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-126-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a95267db319f32a8e567c3a8018bf3a2a5199a95dddbbb1523f747eac4e655e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

ratelimit-reset
1
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-permitted-cross-domain-policies
none
x-ratelimit-limit-second
10000
x-kong-proxy-latency
4
x-ratelimit-remaining-second
9999
x-kong-upstream-latency
25
date
Tue, 20 Feb 2024 12:15:19 GMT
ratelimit-limit
10000
content-length
13286
x-xss-protection
1; mode=block
x-request-id
19df777aeabb34ad2649a098aa9a4d51
x-runtime
0.020906
referrer-policy
strict-origin
correlation-id
42dd4bfe-ec4c-4fc3-b23a-30e3a48470fe
etag
W/"a95267db319f32a8e567c3a8018bf3a2"
x-download-options
noopen
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-max-age
86400
access-control-allow-methods
GET,POST
cache-control
private, must-revalidate, max-age=0
access-control-allow-credentials
false
access-control-allow-origin
*
ratelimit-remaining
9999
access-control-allow-headers
*
klaviyo.js
static.klaviyo.com/onsite/js/ 		2 KB
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RSWrmg&shop=jeffree-star-cosmetics.myshopify.com
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d81a59eb68f6ac46e7e7b17abf234e2718c2fd098305f5c05f965a9a841b8433
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 20 Feb 2024 12:15:19 GMT
age
2214
x-cache
HIT, HIT
content-length
919
x-served-by
cache-lga21965-LGA, cache-yyz4538-YYZ
server
nginx
x-timer
S1708431320.664349,VS0,VE0
etag
W/"f016e2a891cc36d1b60fb7a0de85c408"
allow
OPTIONS, GET
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
19, 2
subscription.js
d18eg7dreypte5.cloudfront.net/scripts/integrations/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d18eg7dreypte5.cloudfront.net/scripts/integrations/subscription.js?shop=jeffree-star-cosmetics.myshopify.com
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.210.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-210-170.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e0fb284dfac5a1db0eea756850a45bde214c49d22585550133189f2ca152e61

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:39:31 GMT
content-encoding
gzip
via
1.1 cedddf018b0456d4e84e339e4b25cc2e.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 13:38:58 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
5749
etag
W/"710bc9e3a1e1d31aad9496abf1aecbbd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
9HA5r6TND6VHegus9FY21TsMLfk32IJHilWK5V_p_N8nv_FMKxPIOg==
smsbump_timer.js
d18eg7dreypte5.cloudfront.net/browse-abandonment/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d18eg7dreypte5.cloudfront.net/browse-abandonment/smsbump_timer.js?shop=jeffree-star-cosmetics.myshopify.com
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.210.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-210-170.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51c359916588443d85c516f76c343c7e6787b8216d8933ed4864d3fc824d795d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:39:31 GMT
content-encoding
gzip
via
1.1 cedddf018b0456d4e84e339e4b25cc2e.cloudfront.net (CloudFront)
last-modified
Tue, 24 Oct 2023 10:57:43 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
5749
etag
W/"8d2ce02190fe08a267c23b6ba7fd758f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
1xfcFjxV4GMh9JBQLm0RYQWa5IPPiCLbdCezQbTT3zS7GaNfgAOzwA==
rebuy.js
cdn.rebuyengine.com/onsite/js/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rebuyengine.com/onsite/js/rebuy.js?shop=jeffree-star-cosmetics.myshopify.com
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3984155b79c00a4fd83f8925dee82397a2adf1359e03ce2a84dbecf62ba899a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
0
x-cache
MISS
content-length
19025
x-served-by
cache-yyz4582-YYZ
last-modified
Tue, 20 Feb 2024 10:41:15 GMT
server
nginx
x-timer
S1708431320.703447,VS0,VE132
etag
W/"65d481cb-cc1f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, stale-while-revalidate=1800
accept-ranges
bytes
x-cache-hits
0
runtime.latest.en.12f1297c1bc60b67102b.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.latest.en.12f1297c1bc60b67102b.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
52536
content-encoding
br
server-timing
imagery;dur=18.480, imageryFetch;dur=17.619, cfRequestDuration;dur=12.000084
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
e51f139e-48d3-43b4-9782-66aec4895ddc
last-modified
Mon, 19 Feb 2024 21:16:42 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5ekgAQWg%2Ff8EK4T7S4hBzM2hyEU2yNLPryFz4AVsw5y7tB3RU8a8iekyjHhSS3NIyEky%2BI%2BNf%2FvAA9KPK%2FHiFE4cK8dfYdmo6wbSkR6WH2%2BKPIiYi5vPy5lTHo9BmeeqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.latest.en.12f1297c1bc60b67102b.js>; rel="canonical"
cf-ray
8586aca40f7f36fc-YYZ
/
beacon-v2.helpscout.net/ 		458 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-96.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d77d7d789dece7d7b2bc638753bc2a74e9633482a357e1d7db54846bd01de56c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:07 GMT
content-encoding
gzip
via
1.1 39bd4dd36d89ac693c6b532053af59d6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
YUL62-P2
age
13
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
328
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 20 Feb 2024 12:02:03 GMT
server
AmazonS3
etag
"9d53dceed817ff5bba11c10f09ad2f81"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=120, s-maxage=120, public
accept-ranges
bytes
x-amz-cf-id
X4yhTmoSQIp-4KWSjwA9CWxHwQ6AsjkQ9jFOExlCNz_1Ipguv5oOgQ==
get-flash-sale
discountmanager.amai.com/api/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://discountmanager.amai.com/api/get-flash-sale?user_id=200250&signature=df2e7fe0b0703375bd8de65b9c4153d5
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.250 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b824e8c6d9f5635e8fc1b2a2ad0f7400b8fe7bb26c347d68cc30e43823bc0b97

Request headers

Accept
*/*
Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
server
cloudflare
x-ratelimit-remaining
9462
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6nJY8zdkSWuVXQM4Ljoxw4h8w9Lfa2BfXQNSGXJ6JTEQo4LslOvK1sgah8kAT7Qqw0gzxmeF1Qwl0BB0uzhKtCTJCGVArXay34x2Dik3XOg%2FxveDUhZvnZ64sH0qRr7Sm5PgDRo%2FiciLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, must-revalidate
x-ratelimit-limit
10000
cf-ray
8586aca4391639ef-YYZ
access-control-allow-headers
X-Requested-With, Content-Type, X-Token-Auth, Authorization
expires
-1
472.latest.en.d0f7ab639a07ec458210.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
81 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/472.latest.en.d0f7ab639a07ec458210.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
79270
content-encoding
br
server-timing
imagery;dur=29.907, imageryFetch;dur=29.437, cfRequestDuration;dur=9.999990
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
bdbdb9da-311d-4758-b1e1-fbdcb77d03e7
last-modified
Mon, 19 Feb 2024 13:15:53 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ky%2BcqqDlVO06m9BYEOOjJnxt%2BbjLbYafWVCE2SCV0TSs51Dk1lq40MaWbXnBCJHKQuHkzzOGQXLiTuIDjGO6uDOi1VfmaeZuVkHMs665k8hGIhJ5JpnYNFyVHP4EQsy1Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/472.latest.en.d0f7ab639a07ec458210.js>; rel="canonical"
cf-ray
8586aca46ff936fc-YYZ
i
p.yotpo.com/ 		35 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.yotpo.com/i?e=se&se_ca=star_rating&se_ac=loaded&se_la=category_page&se_va=Uoj2LIVgKqLoj9pAFJtdwcwQuFgM2rWonz3rUKvA&cx=eyJwdl91dWlkIjo1NDAwNDAxNTIsImRvbWFpbl9rZXkiOlsiNDM4MzIxNjgyODU0MyIsIjQ3MjgyMjMwMDY4NDciLCI4MTYwODUwNjQxMDIzIiwiODE2MDg4MTQ0Mjk0MyIsIjgxNjA4NjcwMjUwMjMiLCI4MTYwODgxOTAxNjk1IiwiODE2MDg4MTk5OTk5OSIsIjY3MzIyNzY5OTAwNzkiLCI4MTYwODgxOTY3MjMxIiwiODE2MDg4MTkzNDQ2MyJdLCJjb3VudF9wcm9kdWN0cyI6MTAsImRhdGFfc291cmNlIjoiZGVmYXVsdCJ9&dtm=1708431319732&tid=687347&vp=1600x1200&ds=2193x4667&vid=1&duid=ba3187cca3989af2&p=web&tv=js-0.13.2&fp=3880471021&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=America%2FLos_Angeles&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.112.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-112-8.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 20 Feb 2024 12:15:19 GMT
cache-control
max-age=86400, private
server
nginx
content-length
35
expires
Wed, 21 Feb 2024 12:15:19 GMT
02-1_Hand_Mirror_-_Beauty_Killer_2_-_Onyx_Chrome_360x.jpg
jeffreestarcosmetics.com/cdn/shop/products/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeffreestarcosmetics.com/cdn/shop/products/02-1_Hand_Mirror_-_Beauty_Killer_2_-_Onyx_Chrome_360x.jpg?v=1647719520
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
ca70f137d1b611b871c1019b744b62dbee58028da6373482cfacbb2f6b998279
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
936364
source-type
image/jpeg
server-timing
imagery;dur=146.032, imageryFetch;dur=33.649, imageryProcess;dur=110.055;desc="image", cfRequestDuration;dur=13.999939
source-length
293129
content-length
2938
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
3270d7f3-612c-4b36-8d6c-ce15cad27c4c
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Feb 2024 16:08:48 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADD%2BpQHabI83D4%2FfJ37zsO8rB6BmEgcbSsijRLHJI7tlzu2oHtM3YBlVsYKIc8FZt24mU7aZtGlKVWD7C%2Brytc08z%2FPODEjLcawp245Xq8FAY8X7%2FV5oPpy1P264tG0NMlo5B1I%2F3l7xZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8586aca48c5c7154-YUL
x-sorting-hat-podid
126
BloodyHatchetMirror_360x.png
jeffreestarcosmetics.com/cdn/shop/products/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeffreestarcosmetics.com/cdn/shop/products/BloodyHatchetMirror_360x.png?v=1671767089
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e7fd2689d338da03bc9b56d99bf5d65e50486aa914025d9f1e31ac4f81fddd2a
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
936364
source-type
image/png
server-timing
imagery;dur=327.642, imageryFetch;dur=63.603, imageryProcess;dur=263.009;desc="image", cfRequestDuration;dur=26.999950
source-length
2811319
content-length
8156
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
7d3c044e-dd2a-437f-938f-10608eaa6a71
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Feb 2024 16:02:42 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b40hlmJHFU3CNwAeVqaRUaMG%2F%2FXPyCm12DTUrC%2BLVya5SyO0EiIGcZY2n5Dzpricq4wRpGTJciijtPKCcBgUZjWnUxZHb7Hdj9XY1OdieN7NnFHJ0%2FWPDRUEw3tOeke61k7BR5Q4XfAUfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8586aca48c5d7154-YUL
x-sorting-hat-podid
126
05Orgy-Open_Lid-Web_360x.jpg
jeffreestarcosmetics.com/cdn/shop/products/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeffreestarcosmetics.com/cdn/shop/products/05Orgy-Open_Lid-Web_360x.jpg?v=1629846488
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
8e7657b7ac6c90046a9d47a9e0356a394bbab40b3604063073abd712bdd2f6e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
7707486
source-type
image/jpeg
server-timing
imagery;dur=311.823, imageryFetch;dur=67.497, imageryProcess;dur=229.120;desc="image", cfRequestDuration;dur=12.000084
source-length
3171396
content-length
10816
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
09f38d7a-bce9-4f56-b7a3-8089976b3c6c
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 02 Nov 2023 12:43:02 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ihsvDtQFhZKQ2LK91JxGMRYRxtNxH15qrbaS48Phs8c752N25ekckSniU6q02LJqIsAjjSVc0BZQehjtXy0mrWJn7z4cifAhYIlXL%2BRiy%2BktQPrq4yH3lqSCEcexHjXioodlJZksCN5dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8586aca48c5f7154-YUL
x-sorting-hat-podid
126
21-2Liquid-Lipstick-Closed_Wand-DesignerBlood-WebResize_5d6f0841-f37c-4a6c-a888-1557d4e679fb_360x.jpg
jeffreestarcosmetics.com/cdn/shop/products/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeffreestarcosmetics.com/cdn/shop/products/21-2Liquid-Lipstick-Closed_Wand-DesignerBlood-WebResize_5d6f0841-f37c-4a6c-a888-1557d4e679fb_360x.jpg?v=1633384967
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
875ebbdc170c6a5c9e052aa642eba6d6634f0fee83987784f6e30b9513c8a7d0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
2905372
source-type
image/jpeg
server-timing
imagery;dur=149.892, imageryFetch;dur=56.130, imageryProcess;dur=92.166;desc="image", cfRequestDuration;dur=13.000011
source-length
414143
content-length
6292
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
5e8e7953-58a6-4de2-8ad0-5714d949c045
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 08 Jan 2024 10:38:09 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXtlLX9jmgp3dIKoHyJusUfBBbOejLbDDEDQyp%2FhhIaczehZLa61%2FlprrEfRRoBKIF8kaIB%2BcvQjFcxp5eI72JJH5E%2FuyWtFF43C6ZvWHMjAutxlcgC2C9qO9NBVl%2BPeHlgO8OnOIg6R4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8586aca49c617154-YUL
x-sorting-hat-podid
126
vendor.3884d31f.js
beacon-v2.helpscout.net/static/js/ 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.3884d31f.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-96.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c376d148361f36809d62e7ad6274300a3ca246889d1bee927be6eadd12cbee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 11:21:14 GMT
content-encoding
gzip
via
1.1 39bd4dd36d89ac693c6b532053af59d6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
YUL62-P2
age
3246
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17768
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 19 Feb 2024 22:18:25 GMT
server
AmazonS3
etag
"5080ce4e019c8c43fe25a97a8560a638"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
2WHX3XImKdHkQAFdLbinCGmc80PK0pF5hblrC2g-mX69BslnYoXeOg==
main.79bd109c.js
beacon-v2.helpscout.net/static/js/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/main.79bd109c.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-96.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7fd029004a6b9231b85746a6ae04b2f17919845a6cea6c853f33d54593131bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:02:55 GMT
content-encoding
gzip
via
1.1 39bd4dd36d89ac693c6b532053af59d6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
YUL62-P2
age
745
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
12610
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 20 Feb 2024 12:02:04 GMT
server
AmazonS3
etag
"369297559e22a1365a7553f7ceb06c0b"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript
cache-control
max-age=315360000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
wu-oJ0oxs4zcnoHZyWoXy4G7U8epbXRLrNbDi18bZ4QRks7TpOJy6A==
produce
jeffreestarcosmetics.com/.well-known/shopify/monorail/v1/ 		0
747 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/.well-known/shopify/monorail/v1/produce
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing
cfRequestDuration;dur=48.000097
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
2176b8ec-0e6f-4b31-9835-36a2386f0dde
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMdDtW4iu1lPUgCdXacfmo1Iis%2BZo7k%2BAuRdkSiU1NS535h84pgvRHYyYU1kJaMgvI40yDRR%2Fg4y7AsEuNI1mRlFDRXHx%2Btm7MxXH19k51y%2FjLGinecnjL00w3ZyIfAn32jdmt%2FxkAWgoA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://jeffreestarcosmetics.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
8586aca49c667154-YUL
syncframe
gum.criteo.com/ Frame 418C 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=jeffreestarcosmetics.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=88392&shop=jeffree-star-cosmetics.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://jeffreestarcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 12:15:19 GMT
server
Kestrel
server-processing-duration-in-ticks
426931
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
versioning
gdpr.apps.isenselabs.com/users/ 		113 B
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gdpr.apps.isenselabs.com/users/versioning?shop=jeffree-star-cosmetics.myshopify.com&lqch=null&lqcl=null&version=null&designMode=false
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.251.218 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
fa4903bd30ee6e3f3e49f98bb9f7f1fd32a0a21a76553bfa6cdc62a2dc2d346b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:15:20 GMT
Content-Encoding
gzip
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=5, max=200
Content-Length
109
93a2c230-eb12-4070-acd6-b7392ab6f134
d3hb14vkzrxvla.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d3hb14vkzrxvla.cloudfront.net/v1/93a2c230-eb12-4070-acd6-b7392ab6f134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.48.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-48-123.yul62.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
beacon-device-id,beacon-device-instance-id,correlationid,helpscout-origin,helpscout-release
Access-Control-Request-Method
GET
Origin
https://jeffreestarcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
beacon-device-id, beacon-device-instance-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-methods
GET
access-control-allow-origin
https://jeffreestarcosmetics.com
age
27
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
content-length
0
date
Tue, 20 Feb 2024 12:14:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method
via
1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
x-amz-cf-id
u_1J8lkgUcnPAJ1QYChCCacwffl5eA_9tI0Jo_tu_OBru4YC0J7JbQ==
x-amz-cf-pop
YUL62-C2
x-cache
Hit from cloudfront
x-ratelimit-limit-ai-ask-hour
25
x-ratelimit-limit-attachments-hour
10
x-ratelimit-limit-chat-tokens-hour
25
x-ratelimit-limit-conversations-hour
10
x-ratelimit-limit-general-minute
60
x-ratelimit-limit-identify-hour
25
x-ratelimit-remaining-ai-ask-hour
25
x-ratelimit-remaining-attachments-hour
10
x-ratelimit-remaining-chat-tokens-hour
25
x-ratelimit-remaining-conversations-hour
10
x-ratelimit-remaining-general-minute
60
x-ratelimit-remaining-identify-hour
25
93a2c230-eb12-4070-acd6-b7392ab6f134
d3hb14vkzrxvla.cloudfront.net/v1/ 		118 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d3hb14vkzrxvla.cloudfront.net/v1/93a2c230-eb12-4070-acd6-b7392ab6f134
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.48.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-48-123.yul62.r.cloudfront.net
Software
/
Resource Hash
38996929233554cd02a0f970ab6abe51162137a7760e2b84a588739b5a607dc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

correlationId
88d554bf-0ccd-44b5-aaf0-20990d6a78a1
Helpscout-Release
2.2.163
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Accept
application/json, text/plain, */*
Beacon-Device-ID
596b6382-4015-4ae9-ae3c-80d2a0982b18
Referer
https://jeffreestarcosmetics.com/
Beacon-Device-Instance-ID
c4e3e1ce-dd69-4489-84c7-9c86b4817f36
Helpscout-Origin
Beacon-Embed

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Error from cloudfront
x-ratelimit-remaining-ai-ask-hour
25
x-ratelimit-remaining-identify-hour
25
x-ratelimit-limit-general-minute
60
x-ratelimit-remaining-conversations-hour
10
x-ratelimit-limit-identify-hour
25
x-ratelimit-remaining-chat-tokens-hour
25
x-ratelimit-limit-conversations-hour
10
x-ratelimit-limit-attachments-hour
10
vary
Origin,Access-Control-Request-Method
content-type
application/json
access-control-allow-origin
https://jeffreestarcosmetics.com
x-ratelimit-remaining-general-minute
60
access-control-expose-headers
Resource-ID
access-control-allow-credentials
true
x-ratelimit-remaining-attachments-hour
10
x-ratelimit-limit-ai-ask-hour
25
x-amz-cf-id
rQBhfmbBI0jjiNWLZ3DEnwsFk3dVWvFRq69S6vr9yj_PANyBARpXCw==
x-ratelimit-limit-chat-tokens-hour
25
748.latest.en.ee3af826f9b349c71c90.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
71 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/748.latest.en.ee3af826f9b349c71c90.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
486608
content-encoding
br
server-timing
imagery;dur=32.589, imageryFetch;dur=32.358, cfRequestDuration;dur=9.000063
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
e8401d48-9e1c-4764-a6ec-55214b328f39
last-modified
Wed, 14 Feb 2024 20:52:39 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FL9duH4Z9bLiSXg550YHyK1E4Urtz5AD2c0MkCXgdPmLKFAS9C3kcrkkHalMk1XohLPOzQcyDQiiZSSy8NMCR8e%2FkPxLYxgQy1B%2FA8FRC6mH629HGskxlhDxbZKKbs5sA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/748.latest.en.ee3af826f9b349c71c90.js>; rel="canonical"
cf-ray
8586aca4f8dd36fc-YYZ
app.v1.0.368.js
cdn-swell-assets.yotpo.com/ 		1 MB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-swell-assets.yotpo.com/app.v1.0.368.js
Requested by
Host: cdn-loyalty.yotpo.com
URL: https://cdn-loyalty.yotpo.com/loader/yWvW8B4ulm3fpojUdQiCew.js?shop=jeffree-star-cosmetics.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.223 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (cha/8121) /
Resource Hash
7aa07cb9eb4dcbd11651911e5b51ddfcca63a7407e4e82f6cbe1e217688af9e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
content-encoding
gzip
x-amz-version-id
PqtSMCVj7ESk1vw4sS8qzdrlxa61XPgb
last-modified
Sun, 12 Mar 2023 15:50:42 GMT
server
ECS (cha/8121)
x-amz-meta-s3cmd-attrs
uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1678636240/atime:1678636240/md5:578610ba47467921af169ff4767b704b/ctime:1678636240
age
62017
x-amz-request-id
CW4VXSSVCF9W08J6
etag
"578610ba47467921af169ff4767b704b+gzip"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
HIT
content-type
text/plain
content-length
196015
x-amz-id-2
4bnRBQrRrbZF4P7S9vCqPq8l//W97mOMxcIAQPOqolhbZh+NfZ02/I9zODK9+gMGKas2bN+V10s=
global.1708117459.js
cdn.rebuyengine.com/onsite/js/ 		608 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rebuyengine.com/onsite/js/global.1708117459.js
Requested by
Host: cdn.rebuyengine.com
URL: https://cdn.rebuyengine.com/onsite/js/rebuy.js?shop=jeffree-star-cosmetics.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
37b6736d71011a65fee56af5a86569abb3a04a767af141197960ca861c4e83e0
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
4063
x-cache
HIT
content-length
178849
x-served-by
cache-yyz4582-YYZ
last-modified
Mon, 19 Feb 2024 12:50:44 GMT
server
nginx
x-timer
S1708431320.877294,VS0,VE0
etag
W/"65d34ea4-97f75"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, stale-while-revalidate=1800
accept-ranges
bytes
x-cache-hits
108
global.min.1708117459.css
cdn.rebuyengine.com/onsite/css/ 		170 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.rebuyengine.com/onsite/css/global.min.1708117459.css
Requested by
Host: cdn.rebuyengine.com
URL: https://cdn.rebuyengine.com/onsite/js/rebuy.js?shop=jeffree-star-cosmetics.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cea0db802f77991710cc504fa657fa2b08c8209da5e01d34bb2590ae15fb048d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
4069
x-cache
HIT
content-length
18727
x-served-by
cache-yyz4582-YYZ
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 18 Feb 2024 12:13:04 GMT
server
nginx
x-timer
S1708431320.877012,VS0,VE0
etag
W/"65d1f450-2a7b8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=0, stale-while-revalidate=1800
accept-ranges
bytes
x-cache-hits
108
40.latest.en.43731eb585ef4ff8d8b1.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/40.latest.en.43731eb585ef4ff8d8b1.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
101930
content-encoding
br
server-timing
imagery;dur=18.551, imageryFetch;dur=18.374, cfRequestDuration;dur=10.999918
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
6706fefd-9111-44c6-ad24-7799c417b160
last-modified
Mon, 19 Feb 2024 07:52:34 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XC5J%2FBuaSYYm8yy0iT8sRABNQP%2BYGpInatijG0ukYGu8iHv1a9OMr6NGpeb5t9Ahq6fBrwWWJZon17c%2BWbUP5rl6FslkVv9CJPNEXtdnsitZbfs8dqtJydqtBXlGxMvwwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/40.latest.en.43731eb585ef4ff8d8b1.js>; rel="canonical"
cf-ray
8586aca5493236fc-YYZ
json
gum.criteo.com/sid/ Frame 418C 		449 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=onetag&domain=jeffreestarcosmetics.com&sn=ChromeSyncframe&so=0&topUrl=jeffreestarcosmetics.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=jeffreestarcosmetics.com&origin=onetag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a2225eb0354c1b15d1930ddc23f2f90bd2fc181a1299391b15abbb489e887b51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/syncframe?topUrl=jeffreestarcosmetics.com&origin=onetag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 12:15:19 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1986882
expires
0
app.latest.en.efe05aa7882c0cd17155.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
220 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.efe05aa7882c0cd17155.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
52535
content-encoding
br
server-timing
imagery;dur=32.880, imageryFetch;dur=32.602, cfRequestDuration;dur=10.999918
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
84fa6205-cc8e-4820-a179-a940c2fb002d
last-modified
Mon, 19 Feb 2024 21:15:25 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCCkTQ7oXR%2BkBAufDdyIM5qZzJQW3RNKhgLaLi1SgBsTlN%2FwWbYHKh7UJOROcNkAKTYW07y3wMITBAQcqH7hW1bJsbwNgNGRsKpx2ZOx7fsOcAnAWPzUyy6LNyz%2FlJZvIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.efe05aa7882c0cd17155.js>; rel="canonical"
cf-ray
8586aca5b9af36fc-YYZ
config
cdn.rebuyengine.com/api/v1/user/ 		1 KB
1012 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.rebuyengine.com/api/v1/user/config?shop=jeffree-star-cosmetics.myshopify.com
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b4e3e26512d8f55bffd4823de2ad8e9e0c88f413ce42fb5d8f5e3dee961d8874
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';
content-encoding
gzip
via
1.1 varnish
date
Tue, 20 Feb 2024 12:15:20 GMT
access-control-allow-private-network
true
age
0
strict-transport-security
max-age=300
x-cache
MISS
content-length
573
x-served-by
cache-yyz4569-YYZ
referrer-policy
no-referrer-when-downgrade
server
nginx
x-timer
S1708431320.084198,VS0,VE216
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, stale-while-revalidate=1800
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Rebuy-User-Token
x-cache-hits
0
240.latest.en.d48b54ea867b809eedba.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
961 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/240.latest.en.d48b54ea867b809eedba.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
1610731
content-encoding
br
server-timing
imagery;dur=21.505, imageryFetch;dur=21.156, cfRequestDuration;dur=12.000084
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
04f1cdfa-a1de-458c-94d8-4f74179d236a
last-modified
Thu, 01 Feb 2024 19:30:01 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoyKig%2FaHWrg2Ti5ni6MNDPajTdOyEpV3vI7OJDEfyRJxE4QxnWmQVntAjT1%2B9QnkFjywAP1jmcDxwTfn7OAbuvQ9Zz5HlQal%2BFl6xPyI0uc8IWfaxYx5aIGJyMUZ9%2FUcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/240.latest.en.d48b54ea867b809eedba.js>; rel="canonical"
cf-ray
8586aca67b0f36fc-YYZ
904.latest.en.01a28a5ca38afc4a9fa1.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/904.latest.en.01a28a5ca38afc4a9fa1.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
79656
content-encoding
br
server-timing
imagery;dur=19.733, imageryFetch;dur=17.952, cfRequestDuration;dur=9.000063
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
1de48980-7b3f-42c9-93f0-f1457cda3663
last-modified
Mon, 19 Feb 2024 13:17:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yu9T1JaaIhPqFq1fiQvpcaawg53WmJseUa7EXag5Dz2c%2B8J79vOYqPWLbLlbJWddKDGB6oyz7JRPUzojhcFQNfSQjcdeWDhbCgoMV6eOx2g8dmGXYXcP2u5bFmiiorCcXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/904.latest.en.01a28a5ca38afc4a9fa1.js>; rel="canonical"
cf-ray
8586aca6ab4936fc-YYZ
44.latest.en.ed5da7e5a1dddfca0e79.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/44.latest.en.ed5da7e5a1dddfca0e79.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
1181885
content-encoding
br
server-timing
imagery;dur=19.681, imageryFetch;dur=18.138, cfRequestDuration;dur=11.000156
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
90ad05b1-dcc1-4036-85de-f9c985377fe2
last-modified
Tue, 06 Feb 2024 19:34:00 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihZMArg9tYTYuCeTIv0eiQ5nYONIAnKFIaDmmgFY5zawVh%2Fu%2FZgOsNBujbLDKRfLdX79I4Z4AhW%2B%2F0SA5X%2FpLmoMbJgL3gHuOkmf7m6vwzcqK0TT%2Bvk3OM1qd4CJg%2B7MNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/44.latest.en.ed5da7e5a1dddfca0e79.js>; rel="canonical"
cf-ray
8586aca6db8d36fc-YYZ
checkIp
consentmo-geo.com/users/ 		50 B
588 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consentmo-geo.com/users/checkIp
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a93f1e46e08c87e904c21fbd724bb377022d93e9fd0ebc6f733e239f730abaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
content-encoding
br
referrer-policy
same-origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=86400, enforce
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRpzw7fYvJuMmcFTNl114G%2BR6Tw3rtzKmxxscfEdNSOP7DRYwVcNjE%2F%2B0yfHvrTOYKW1cn3z4DtU%2B9blULN%2FV7Zscnfcj3gMZm8ykkkckpeBDUM87jXXfkLZMtST72hPGm97"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
cf-ray
8586aca749bc3a03-YYZ
x-xss-protection
1; mode=block
OnePage.latest.en.52201164e80d74dec26a.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
240 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/OnePage.latest.en.52201164e80d74dec26a.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
52536
content-encoding
br
server-timing
imagery;dur=25.271, imageryFetch;dur=25.050, cfRequestDuration;dur=9.999990
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
0d169ed6-edb4-480d-a6ac-d95ef79d3740
last-modified
Mon, 19 Feb 2024 21:14:18 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M78Ad1Byv559yHICxDfjED9SRhmrizqi0UkY3Co6%2Bb3f%2Bu8D2mT9%2BhM%2BciwHPEej2BJbcHaO87kQyyCWsEdzHYGeH58zZMojL0qh9Pa9yzVsR%2ByFmpYN2H%2BkJIzWSuEOVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/OnePage.latest.en.52201164e80d74dec26a.js>; rel="canonical"
cf-ray
8586aca73c2e36fc-YYZ
472.latest.en.ce3c6a8cbd6993df914d.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
25 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/472.latest.en.ce3c6a8cbd6993df914d.css
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
82547
content-encoding
br
server-timing
imagery;dur=23.804, imageryFetch;dur=23.530, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
7e88a779-b704-4083-b54e-5bdb977721dc
last-modified
Mon, 19 Feb 2024 13:01:20 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6H00Y7IbWUtNG8Q70jdC9ZzY58l3RFO3jY38o8%2Bni7h0z3qSdfrFzJCCB7bGZRGxiFKhdP6dv9LBL10hRj%2FCW0pzrEQmZgKazF2MmYeu3Rn7RPJi8E8uI%2FawgDfxI42hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/472.latest.en.ce3c6a8cbd6993df914d.css>; rel="canonical"
cf-ray
8586aca7cca936fc-YYZ
stylesheet
cdn.rebuyengine.com/api/v1/user/ 		25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.rebuyengine.com/api/v1/user/stylesheet?shop=jeffree-star-cosmetics.myshopify.com&cache_key=1708232057
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3ef2cc8a6e5399c9d43a9b238fba4ae4dfa32a863211bc9555158274929e88ba
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';
content-encoding
gzip
via
1.1 varnish
date
Tue, 20 Feb 2024 12:15:20 GMT
access-control-allow-private-network
true
age
6329
strict-transport-security
max-age=300
x-cache
HIT
content-length
2898
x-served-by
cache-yyz4582-YYZ
referrer-policy
no-referrer-when-downgrade
server
nginx
x-timer
S1708431320.326057,VS0,VE1
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css; charset: UTF-8;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Rebuy-User-Token
x-cache-hits
1
vendor-flickity.js
cdn.rebuyengine.com/onsite/js/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rebuyengine.com/onsite/js/vendor-flickity.js?id=173b1a75ff3dadd963c0
Requested by
Host: cdn.rebuyengine.com
URL: https://cdn.rebuyengine.com/onsite/js/global.1708117459.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8b880a457a131cb1f783b2b06c49ffed7355a1e1f080c49530a0ae0c3655829f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
235
x-cache
HIT
content-length
12982
x-served-by
cache-yyz4582-YYZ
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Feb 2024 10:22:31 GMT
server
nginx
x-timer
S1708431320.327108,VS0,VE0
etag
W/"65d32be7-c180"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800, stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
13
geolocation
rebuyengine.com/api/v1/customers/ 		218 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rebuyengine.com/api/v1/customers/geolocation?key=b45c636874b5dfcf2727947b54d6e6c95d192b38&cache_key=1708232057
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.32.205 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
eb29b8b1a7c192ac5f50496b7fce448fc7ea8ae807d860b91d1197ffb3cc5286
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
content-security-policy
frame-ancestors 'self';
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
access-control-allow-private-network
true
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
cf-ray
8586aca85d2b398d-YYZ
access-control-allow-headers
Content-Type, X-Rebuy-User-Token
cart.json
jeffreestarcosmetics.com/ 		283 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cart.json
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
7de0583e4a8491b5c4a498e79dc78a4d456d8849c13c44df2d309225fcda6e77
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
server-timing
processing;dur=25, db;dur=11, asn;desc="136787", edge;desc="YUL", country;desc="CA", servedBy;desc="78nr", requestID;desc="fe308335-e8f6-4b32-9f63-4c2501bce127", cfRequestDuration;dur=73.999882
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
fe308335-e8f6-4b32-9f63-4c2501bce127
x-shardid
126
x-storefront-renderer-rendered
1
x-shopify-stage
canary
server
cloudflare
x-shopid
6732291
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
application/json; charset=utf-8
content-language
en-CA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FBUJhWtFdNhqTJV8UJLL8e1%2Bk7xgh1e22kc6KnUQvgxUPo9TUCipqZYVaWthSPr%2BBU8FSF2nsBuCr2ADpcUslNLfpr4AlHOfYy4oeIbfo8gdJq%2F9LOnTwzLjgaT1UYSRW9xHi9jSIlJlA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8586aca82a077154-YUL
x-cartjs-cache
1
x-sorting-hat-podid
126
x-cartjs-updatedat
1708431318
settings
cdn.rebuyengine.com/api/v1/widgets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.rebuyengine.com/api/v1/widgets/settings?id=119096&cache_key=1708232057
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
808347cd92e2dd4fe36fae008e3f6e3c9d5f480de159b1352bb45508e118fe01
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';
content-encoding
gzip
via
1.1 varnish
date
Tue, 20 Feb 2024 12:15:20 GMT
access-control-allow-private-network
true
age
6329
strict-transport-security
max-age=300
x-cache
HIT
content-length
1951
x-served-by
cache-yyz4569-YYZ
referrer-policy
no-referrer-when-downgrade
server
nginx
x-timer
S1708431320.337179,VS0,VE1
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Rebuy-User-Token
x-cache-hits
1
settings
cdn.rebuyengine.com/api/v1/widgets/ 		63 B
121 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.rebuyengine.com/api/v1/widgets/settings?id=131642&cache_key=1708232057
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
56a8394bca708353fa136437106494aa54b76a9b1fa791d720e59354cb25414e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';
date
Tue, 20 Feb 2024 12:15:20 GMT
via
1.1 varnish
strict-transport-security
max-age=300
access-control-allow-private-network
true
x-cache
MISS
x-served-by
cache-yyz4569-YYZ
referrer-policy
no-referrer-when-downgrade
server
nginx
x-timer
S1708431320.337401,VS0,VE36
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
x-cache-hits
0
settings
cdn.rebuyengine.com/api/v1/widgets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.rebuyengine.com/api/v1/widgets/settings?id=131608&cache_key=1708232057
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
46c2e87676af82866e8c4ab53ca12f086015e75f73b7656e429640e34d2e17b2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';
content-encoding
gzip
via
1.1 varnish
date
Tue, 20 Feb 2024 12:15:20 GMT
access-control-allow-private-network
true
age
6329
strict-transport-security
max-age=300
x-cache
HIT
content-length
1897
x-served-by
cache-yyz4569-YYZ
referrer-policy
no-referrer-when-downgrade
server
nginx
x-timer
S1708431320.337826,VS0,VE1
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Rebuy-User-Token
x-cache-hits
1
SmartBanner.js
cdn.rebuyengine.com/onsite/js/ 		1 KB
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rebuyengine.com/onsite/js/SmartBanner.js?id=1675ced5c22e6168b233
Requested by
Host: cdn.rebuyengine.com
URL: https://cdn.rebuyengine.com/onsite/js/global.1708117459.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
427cf90de1188977bd53dd34b7ee86a3e10a6aee3f0aa094b516ad1c31a1d0c3
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
6561
x-cache
HIT
content-length
675
x-served-by
cache-yyz4582-YYZ
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 18 Feb 2024 18:06:02 GMT
server
nginx
x-timer
S1708431320.338711,VS0,VE0
etag
W/"65d2470a-4fd"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800, stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
84
app.latest.en.e5a7f63ca146c0549466.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.e5a7f63ca146c0549466.css
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
5932766
content-encoding
br
server-timing
imagery;dur=25.359, imageryFetch;dur=24.724, cfRequestDuration;dur=9.999990
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
7aa81df6-827c-4dbe-96bd-68cbdfe12fad
last-modified
Wed, 13 Dec 2023 20:02:17 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7300fBlAJEaMTW9MYabGA4lxX9HWlthmOkqdnqtksw1eoOZy2T46F476ESucM%2BSpmj%2B5ori7SX7chmebmv511NG9SCLr%2FkSaVd%2BJqyOP3xnjxMggFc6upLeMXOi8ESNww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.e5a7f63ca146c0549466.css>; rel="canonical"
cf-ray
8586aca81d0f36fc-YYZ
getCookieConsentSettings
gdpr.apps.isenselabs.com/users/ 		21 B
267 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gdpr.apps.isenselabs.com/users/getCookieConsentSettings?shop=jeffree-star-cosmetics.myshopify.com&sa=0&country=CA&state=0
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.251.218 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
38b904a1cf83df048360fb2480571b749fd98d57e11f1afdffb5a74a78166fea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:15:20 GMT
Server
Apache/2.4.29 (Ubuntu)
Vary
User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=5, max=199
Content-Length
21
rebuy-flickity.min.1708117459.css
cdn.rebuyengine.com/onsite/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.rebuyengine.com/onsite/css/rebuy-flickity.min.1708117459.css?cache_key=1708232057
Requested by
Host: cdn.rebuyengine.com
URL: https://cdn.rebuyengine.com/onsite/js/global.1708117459.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4da9c823fd881c1d78e789f325894c042fe9426aaa26117b285e0d7dfc1e7ad4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
8003
x-cache
HIT
content-length
1074
x-served-by
cache-yyz4582-YYZ
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 20 Feb 2024 09:32:46 GMT
server
nginx
x-timer
S1708431320.351148,VS0,VE1
etag
W/"65d471be-1721"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1800, stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
1
SmartCart.js
cdn.rebuyengine.com/onsite/js/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rebuyengine.com/onsite/js/SmartCart.js?id=19db71827583a488506d
Requested by
Host: cdn.rebuyengine.com
URL: https://cdn.rebuyengine.com/onsite/js/global.1708117459.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4ad6f47e8a8d0519d0ba07ddee7afdd41c2f55cf9f066ae18ddb2f7befa6f0ec
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
3682
x-cache
HIT
content-length
18235
x-served-by
cache-yyz4582-YYZ
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 18 Feb 2024 13:01:00 GMT
server
nginx
x-timer
S1708431320.375721,VS0,VE0
etag
W/"65d1ff8c-10183"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800, stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
82
904.latest.en.4d273af8acf76b1eb555.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/904.latest.en.4d273af8acf76b1eb555.css
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
1278790
content-encoding
br
server-timing
imagery;dur=25.738, imageryFetch;dur=25.509, cfRequestDuration;dur=12.000084
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
31095294-2b7b-40ea-954b-9a5173823bee
last-modified
Mon, 05 Feb 2024 16:17:33 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HElj7jRzimON5W2%2BCpwPXXUPWY6MC19JUvs9dWi5dMBUFRJNZbz8KtYRLVjluSLwWt9ipCivHzI0TYa2RTFPZXXzFh%2FVKG9rEkAGTZsfW9uE2dNrNdg5UpHBDPBnqtCprg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/904.latest.en.4d273af8acf76b1eb555.css>; rel="canonical"
cf-ray
8586aca85d7836fc-YYZ
457.latest.en.0c56a163bd2cc1f47527.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/457.latest.en.0c56a163bd2cc1f47527.css
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
407480
content-encoding
br
server-timing
imagery;dur=281.538, imageryFetch;dur=41.122, cfRequestDuration;dur=12.000084
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
f666f7aa-357a-43ac-a45f-7c0d7207a7ef
last-modified
Thu, 15 Feb 2024 19:01:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zD9peBiO6BGsamsRbxSDXKZE36V%2BiHLAvWwTJGL24vJLSAIk3EGVvmsIMK6UrzjaYA9zkpLl6O1fIaeM675Nf0YkyQQCC9I0X17DNfDJY6o4mNw3N7ZByV4pHHVYlPKrmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/457.latest.en.0c56a163bd2cc1f47527.css>; rel="canonical"
cf-ray
8586aca89dbd36fc-YYZ
141966
rebuyengine.com/api/v1/custom/id/ 		1 KB
643 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rebuyengine.com/api/v1/custom/id/141966?key=b45c636874b5dfcf2727947b54d6e6c95d192b38&limit=8&url=https%3A%2F%2Fjeffreestarcosmetics.com%2F&shopify_product_ids=&shopify_variant_ids=&shopify_collection_ids=&shopify_order_ids=&filter_inputs=no&uuid=fe607aed-50f0-457e-909f-62786ec627f3&cart_token=c97172fa9a31798911a5fc246e2f9f20&cart_subtotal=0&cart_count=0&cart_line_count=0&cart_item_count=0&cart%5Btoken%5D=c97172fa9a31798911a5fc246e2f9f20&cart%5Bsubtotal%5D=0&cart%5Bline_count%5D=0&cart%5Bitem_count%5D=0&cart%5Battributes%5D=%257B%257D&cart%5Bnotes%5D=&cache_key=1708232057&product_groups=yes
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.32.205 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ee288c07388eebe7ef64078fd0d342a64a7c1ec2021c0d850abebedd4c9225f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
content-security-policy
frame-ancestors 'self';
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
access-control-allow-private-network
true
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
cf-ray
8586aca8cd90398d-YYZ
access-control-allow-headers
Content-Type, X-Rebuy-User-Token
update.js
jeffreestarcosmetics.com/cart/ 		332 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cart/update.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
aa5053e312f7605942f6e073524ff976b44204a049ca77fc92fd850db7100d2d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=28332204-5210-475c-8764-8dea31cc8116
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=28332204-5210-475c-8764-8dea31cc8116

Request headers

Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=28332204-5210-475c-8764-8dea31cc8116
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-northamerica-northeast2,gcp-us-central1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-envoy-upstream-service-time
71
server-timing
processing;dur=69, cfRequestDuration;dur=128.000021
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=28332204-5210-475c-8764-8dea31cc8116
x-sorting-hat-shopid
6732291
x-request-id
28332204-5210-475c-8764-8dea31cc8116
x-shardid
126
x-shopify-stage
production
server
cloudflare
x-shopid
6732291
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en-CA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2Fqi83Fdw2hWRTpznew68bhCfjZwjjxufA0D4IvsXehc%2BEdJxltmvzFmFRY1cQ6xRPaeCisX3NO4iDskkPCMR%2Bwm2VNAMyM55Zl0rxOOPa1gNUgHs28NQbVs1MudJzo22pb0subeqA6ZjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8586aca8daef7154-YUL
x-liquid-rendered-at
2024-02-20T12:15:20.518963224Z
x-sorting-hat-podid
126
jsc-logo-black_x320.png
cdn.shopify.com/s/files/1/0673/2291/files/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0673/2291/files/jsc-logo-black_x320.png?v=1613148469
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/checkouts/internal/preloads.js?permanent-domain=jeffree-star-cosmetics.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeffreestarcosmetics.com/
Origin
https://jeffreestarcosmetics.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
7084200
source-type
image/png
server-timing
imagery;dur=110.346, imageryFetch;dur=95.302, imageryProcess;dur=14.345;desc="image", cfRequestDuration;dur=9.999990
source-length
4048
content-length
4159
x-xss-protection
1; mode=block
x-request-id
07a56dc4-c0aa-44ec-9a8d-4e126527d636
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 29 Nov 2023 09:24:47 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQOXOi4aec%2BxrFIaAbkI7wL50cPp9IJRQZ6kytcXY9pLpZafu%2BxEl80EKRVuNQqdlmnuPumVnU5591FTE2L95%2BknSlUWRmHdbD6IXrQ2jxTTWpnrcQQYoAh0P61aWAoSLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0673/2291/files/jsc-logo-black_x320.png>; rel="canonical"
cf-ray
8586aca8ce0636fc-YYZ
cart.json
jeffreestarcosmetics.com/ 		332 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cart.json
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
aa5053e312f7605942f6e073524ff976b44204a049ca77fc92fd850db7100d2d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:20 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
server-timing
processing;dur=15, db;dur=5, asn;desc="136787", edge;desc="YUL", country;desc="CA", servedBy;desc="c2nh", requestID;desc="47b84d11-5c4b-4b01-a241-658981e0753d", cfRequestDuration;dur=66.999912
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
47b84d11-5c4b-4b01-a241-658981e0753d
x-shardid
126
x-storefront-renderer-rendered
1
x-shopify-stage
production
server
cloudflare
x-shopid
6732291
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
application/json; charset=utf-8
content-language
en-CA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNBTHZawqh7qsrh4HhyrwVWYhGh2P6OFgRIhrtlInhU4f79dvRxva1TL1KKlShdi9HEOEnCX2jfmK%2FlHYcdBdt11Z9Oh3R9VAS20fMwoK4tzHukh5tL6CpoBwHFHtifOHyf8FDfht8r9SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8586aca9dc727154-YUL
x-cartjs-cache
1
x-sorting-hat-podid
126
x-cartjs-updatedat
1708431320
cart.js
jeffreestarcosmetics.com/ 		332 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cart.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
aa5053e312f7605942f6e073524ff976b44204a049ca77fc92fd850db7100d2d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:21 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
server-timing
processing;dur=17, db;dur=6, asn;desc="136787", edge;desc="YUL", country;desc="CA", servedBy;desc="5rtb", requestID;desc="6aa112d1-fdd7-4a9e-b246-ae05e4eaaaec", cfRequestDuration;dur=98.000050
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
6aa112d1-fdd7-4a9e-b246-ae05e4eaaaec
x-shardid
126
x-storefront-renderer-rendered
1
x-shopify-stage
production
server
cloudflare
x-shopid
6732291
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en-CA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHzJWXZjT6xVq8BvjWquklOXmVrpNqYJKbCj6glLBCtz2%2BxJt232oB0WlHvrDi46k9sXzosRz769bPhkkns%2FxlJ3uzQrNYTvoIpP0Q0onl7r53fs06lfCqIXMc2IHaZysmh4tIwHAP%2F9Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8586acad29607154-YUL
x-cartjs-cache
1
x-sorting-hat-podid
126
x-cartjs-updatedat
1708431320
bulk
rebuyengine.com/api/v2/analytics/event/ 		27 B
110 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rebuyengine.com/api/v2/analytics/event/bulk?cache_key=1708232057
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.32.205 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e9c2891c066c83b534ee619c4731ea1de8bf1c1b130a0c1d8dc651f35bc5c913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-Rebuy-User-Token
b45c636874b5dfcf2727947b54d6e6c95d192b38
Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 12:15:21 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cf-ray
8586acaebb94398d-YYZ
content-length
27
x-xss-protection
1; mode=block
bulk
rebuyengine.com/api/v2/analytics/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rebuyengine.com/api/v2/analytics/event/bulk?cache_key=1708232057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.32.205 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-rebuy-user-token
Access-Control-Request-Method
POST
Origin
https://jeffreestarcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,X-Rebuy-User-Token
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
allow
OPTIONS, POST
cf-cache-status
DYNAMIC
cf-ray
8586acae5b39398d-YYZ
date
Tue, 20 Feb 2024 12:15:21 GMT
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
cart.js
jeffreestarcosmetics.com/ 		332 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cart.js
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
aa5053e312f7605942f6e073524ff976b44204a049ca77fc92fd850db7100d2d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:21 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
server-timing
processing;dur=27, db;dur=7, asn;desc="136787", edge;desc="YUL", country;desc="CA", servedBy;desc="ds6x", requestID;desc="8b16a0e5-e7ae-4d29-a1ca-6b91cdd4bf5a", cfRequestDuration;dur=82.000017
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
8b16a0e5-e7ae-4d29-a1ca-6b91cdd4bf5a
x-shardid
126
x-storefront-renderer-rendered
1
x-shopify-stage
production
server
cloudflare
x-shopid
6732291
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en-CA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nmiXmougDDdZnh22%2FN%2FiXFVcZ7WZC%2F5i8ALp%2BlxqqDDYPQw%2Bijkcc87LA2zC0nV6CrQ2t2G7c6aNYl7jWFDFZxhH6bTTDidJi6IYqfCf5IRpV6CU7j2qml2qvzjMhbFf9CaCejqND2fmg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8586acaefc607154-YUL
x-cartjs-cache
1
x-sorting-hat-podid
126
x-cartjs-updatedat
1708431320
area
a.glosku.com/api/v1/shopify-client/ 		39 B
409 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.glosku.com/api/v1/shopify-client/area
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.112.135.248 Shenzhen, China, ASN (),
Reverse DNS
Software
/
Resource Hash
05ce2c1d790f2396211c1c5ba79cc0ab6c3b74feb72c28d39f5d3b96a3174a71
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://jeffreestarcosmetics.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:22 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, UPDATE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Cache-Control, Content-Language, Content-Type
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
39
scorpioavailabledesktop_1728x.png
jeffreestarcosmetics.com/cdn/shop/files/ 		211 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeffreestarcosmetics.com/cdn/shop/files/scorpioavailabledesktop_1728x.png?v=1700090812
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
d70af1bf07eb98b1264c5e0682aae4df02105d917f6b8859383116ee54f78f5b
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://jeffreestarcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:22 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
source-type
image/png
server-timing
imagery;dur=1552.914, imageryFetch;dur=301.773, imageryProcess;dur=1250.266;desc="image", cfRequestDuration;dur=45.000076
source-length
17598737
content-length
215832
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
c50b571a-84c3-4ad5-8b70-163bbf16df32
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 18 Feb 2024 23:02:04 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTuOD4f0W13d2ILCm2pTpTp8%2B7wixTZg80UQow%2B4MbJxukYSUUmYP7wdyHeklpYMst1DS2hATtsVmxnIiS3KteXl%2Fqa761%2FzPJwd0QjmdJMqFFQXO5nT8znpG0IHdRxNqQ%2BtHsTvaGbRWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8586acb35a147154-YUL
x-sorting-hat-podid
126
/
jeffreestarcosmetics.com/cart/ 		11 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cart/?view=ac_cart_subtotal_tiers
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
fe9670ac491353425384a019c03db79ab25f9c92c9d4a8dace55c9f30279c928
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://jeffreestarcosmetics.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:22 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
miss
server-timing
processing;dur=122;desc="gc:63", db;dur=20, render;dur=1, wasm, asn;desc="136787", edge;desc="YUL", country;desc="CA", theme;desc="143359049855", pageType;desc="cart", servedBy;desc="7p8r", requestID;desc="bd4b7736-f9cd-4e22-8519-8e411f672c5c", cfRequestDuration;dur=170.000076, earlyhints
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
bd4b7736-f9cd-4e22-8519-8e411f672c5c
x-shardid
126
x-storefront-renderer-rendered
1
x-shopify-stage
production
server
cloudflare
etag
W/"cacheable:38d282b9882d6dd0c4bcf9bf5a8dc949"
x-shopid
6732291
x-frame-options
DENY
vary
Accept
content-type
text/html; charset=utf-8
content-language
en-CA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dd1f6eaMs9lqNRN8w%2BEQJh%2FxQIEGPuD7C0ShQahrK538J1Q16YfOLMxDfSGQ%2Bgp%2B%2BFUWfsCh%2FVKRSz9XjD8iIywBI%2BoyIgTSvMtDaeiF19wwAXk8iRP7OSqKtcHuX2UPPS4UQWEvLhAhBA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8586acb43b637154-YUL
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid
126
/
jeffreestarcosmetics.com/cart/ 		11 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jeffreestarcosmetics.com/cart/?view=ac_cart_subtotal_tiers
Requested by
Host: jeffreestarcosmetics.com
URL: https://jeffreestarcosmetics.com/cdn/wpm/b842a21a8w6bc87f1fp748799bam4bde34bfm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
fe9670ac491353425384a019c03db79ab25f9c92c9d4a8dace55c9f30279c928
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://jeffreestarcosmetics.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:15:22 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
hit, server
server-timing
processing;dur=25, db;dur=8, asn;desc="136787", edge;desc="YUL", country;desc="CA", theme;desc="143359049855", pageType;desc="cart", servedBy;desc="jrw9", requestID;desc="fce474c9-7733-4ac4-bded-ad6febb5cf13", cfRequestDuration;dur=72.999954, earlyhints
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
6732291
x-request-id
fce474c9-7733-4ac4-bded-ad6febb5cf13
x-shardid
126
x-storefront-renderer-rendered
1
x-shopify-stage
production
server
cloudflare
etag
W/"cacheable:38d282b9882d6dd0c4bcf9bf5a8dc949"
x-shopid
6732291
x-frame-options
DENY
vary
Accept
content-type
text/html; charset=utf-8
content-language
en-CA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEbfLNBYGqr42MymL5ldkJzIS9G4oHqsYAbjq08KyHppYdN9ZfqO1YThbgqL4qSdJIN7CoRNPd8Ra3WPIvcB40WhypFc3otXkc6aAdCtTIIX6NMQpr7M%2Fc2P8uA4tZt4WgCgGL%2B%2BNcr6Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8586acb5edcc7154-YUL
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid
126

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| SDG function| _ string| __webpack_public_path__ object| dataLayer function| md5 object| _rs_ajax function| _check_cart object| _rsq object| Shopify object| ShopifyPay object| __st boolean| ShopifyPaypalV4VisibilityTracking object| _klOnsite object| klaviyo object| meta string| attr object| ShopifyAnalytics object| gaDevIds object| trekkie object| BOOMR object| Spurit object| _learnq string| __klKey object| RSCI function| clearImmediate function| setImmediate object| regeneratorRuntime function| applyFocusVisiblePolyfill object| Polaris object| zEWebpackACJsonp function| zE function| zEmbed object| webPixelsManager function| fbq function| _fbq function| ga string| GoogleAnalyticsObject string| TiktokAnalyticsObject object| ttq function| gtag object| webpackChunk_klaviyo_onsite_modules object| yotpoWidgetsContainer object| core object| google_tag_manager object| google_tag_data function| EndlessScroll function| Room number| EDGE_RANGE_WIDTH function| getUserMedia object| yotpo function| Yotpo object| JSON2 object| jstz function| EXIF object| _visit function| Beacon function| $ function| jQuery object| ACDiscountApp object| globalFields number| themeId string| shopId object| script function| createRestockRocketContainer function| createRestockRocketScript object| _RestockRocketConfig function| objectFitPolyfill object| lazySizesConfig object| lazySizes object| webpackChunkaccess_widget object| pure_JSON object| pure_CSS function| pure_URL function| pure_fetch function| pure_Set function| pure_Map object| AJS object| acsbJS object| AccessiBe object| acsb object| accessWidget object| badgeEditor boolean| zEACLoaded object| gaplugins object| gaGlobal object| gaData object| globalFieldsCartPage_AC object| cartObject object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| GooglebQhCsO number| BOOMR_onload number| visuallyReady object| SMSBumpKlaviyoForms function| encrypt function| generateRandomString function| chunk function| deleteAllData object| Criteo object| criteo_q undefined| firstFocusableElement undefined| lastFocusableElement undefined| preferencesActivationElement boolean| isTrackingEventListenerExecuted boolean| isGoogleConsentModeEnabled boolean| appEmbed object| currentScript boolean| userIsInSaleOfDataRegion function| getParents function| handleEventForInformationDialog function| toggleFade boolean| iSenseGDPRPreferences function| clearCookie object| isenseGDPR function| checkPreferencesStatus function| showPreferences function| hideCookieBar function| handleConsent function| logCustomerAcceptance function| getCookieInfo function| storeGCMUpdatedState function| isGCMUpdateEventRequired function| handleDataLayer function| setReopenWidgetKeyboardAccessibility function| reopen_widget function| isense_gdpr_bar function| loadCSS function| toggleDialog function| toggleInformationDialog function| botCheck function| changePreferencesClassicSection function| consentmoGetDeviceType function| int2ip object| cookieconsentisense object| beaconJsonp object| swellConfig object| _rebuy object| Rebuy object| rebuyConfig object| webpackChunk_rebuy function| swellrequire object| Materia object| User object| OAuth object| jQuery1124022167262185238967 object| spapi object| swellAPI object| Swell boolean| gdpr_loaded object| glosku function| pure_addEventListener function| pure_removeEventListener

41 Cookies

Domain/Path Name / Value
jeffreestarcosmetics.com/ Name: secure_customer_sig
Value:
jeffreestarcosmetics.com/ Name: localization
Value: CA
jeffreestarcosmetics.com/ Name: cart_currency
Value: USD
.jeffreestarcosmetics.com/ Name: _cmp_a
Value: %7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22sale_of_data_region%22%3Afalse%7D
.jeffreestarcosmetics.com/ Name: _tracking_consent
Value: %7B%22reg%22%3A%22%22%2C%22region%22%3A%22CAON%22%2C%22con%22%3A%7B%22CMP%22%3A%7B%22a%22%3A%22%22%2C%22p%22%3A%22%22%2C%22s%22%3A%22%22%2C%22m%22%3A%22%22%7D%7D%2C%22v%22%3A%222.1%22%2C%22lim%22%3A%5B%22CMP%22%5D%7D
.jeffreestarcosmetics.com/ Name: _shopify_y
Value: ac9d8cd5-824e-4882-a16e-fcf38c111a35
.jeffreestarcosmetics.com/ Name: _orig_referrer
Value:
.jeffreestarcosmetics.com/ Name: _landing_page
Value: %2F
jeffreestarcosmetics.com/ Name: receive-cookie-deprecation
Value: 1
.jeffreestarcosmetics.com/ Name: rsci_vid
Value: 2e023df1-ea82-a42a-83b2-0a2bdccb0336
.jeffreestarcosmetics.com/ Name: _shopify_s
Value: cfffe238-fe65-4eb4-8c98-1e993f04a786
.jeffreestarcosmetics.com/ Name: _shopify_sa_t
Value: 2024-02-20T12%3A15%3A17.838Z
.jeffreestarcosmetics.com/ Name: _shopify_sa_p
Value:
jeffreestarcosmetics.com/ Name: _sp_ses.b16e
Value: *
.tiktok.com/ Name: _ttp
Value: 2cdAwCG6OLiD1HjcIH6OpFPC81t
.yotpo.com/ Name: pixel
Value: bd83219d-45bc-41c8-4c58-12fd2adae710
.jeffreestarcosmetics.com/ Name: _gid
Value: GA1.2.694405638.1708431319
.jeffreestarcosmetics.com/ Name: _gat
Value: 1
jeffreestarcosmetics.com/ Name: __kla_id
Value: eyJjaWQiOiJaVEptWlRWa05EUXRZVFZpWkMwMFpHVTNMVGhqTUdVdE1qa3hNR0kzWlRrMU9XRmgiLCIkcmVmZXJyZXIiOnsidHMiOjE3MDg0MzEzMTksInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vamVmZnJlZXN0YXJjb3NtZXRpY3MuY29tLyJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTcwODQzMTMxOSwidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly9qZWZmcmVlc3RhcmNvc21ldGljcy5jb20vIn19
.jeffreestarcosmetics.com/ Name: _ga_81RXDPTBJQ
Value: GS1.1.1708431318.1.0.1708431318.0.0.0
.jeffreestarcosmetics.com/ Name: _ga
Value: GA1.1.715113857.1708431319
jeffreestarcosmetics.com/ Name: shopify_pay_redirect
Value: pending
.jeffreestarcosmetics.com/ Name: _tt_enable_cookie
Value: 1
.jeffreestarcosmetics.com/ Name: _ttp
Value: 3Z7q7AgI6c_dd4d6kGxa-AnnyOx
jeffreestarcosmetics.com/ Name: discount_code
Value: CLEAR
jeffreestarcosmetics.com/ Name: cart
Value: c97172fa9a31798911a5fc246e2f9f20
.jeffreestarcosmetics.com/ Name: _ga_0MGTFZ50PE
Value: GS1.1.1708431319.1.0.1708431319.0.0.0
.jeffreestarcosmetics.com/ Name: _gcl_au
Value: 1.1.1920387700.1708431319
.jeffreestarcosmetics.com/ Name: _fbp
Value: fb.1.1708431319121.17957707
jeffreestarcosmetics.com/ Name: __wtba
Value: eyJ1aSI6eyJ0IjoxNzA4NDMxMzE3Ljk2NiwibSI6MCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIxLjAuNjE2Ny4xODQgU2FmYXJpLzUzNy4zNiJ9LCJxIjpbWyJwYWdlX3ZpZXdlZCIseyJlbnRpdHlfdHlwZSI6ImhvbWUiLCJlbnRpdHlfaWQiOiIiLCJwYWdlIjoiLyIsInRpbWVzdGFtcCI6MTcwODQzMTMxOS4xMDh9XV0sInBpIjp7Im5hbWUiOiIvIiwiY291bnQiOjF9fQ==
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
jeffreestarcosmetics.com/ Name: _sp_id.b16e
Value: ba3187cca3989af2.1708431318.1.1708431320.1708431318
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: c873321e-5cb0-4d8c-9fe1-959d1b4d9c90
.jeffreestarcosmetics.com/ Name: cto_bundle
Value: HLdIe19zQ2NBU09IcDBGUFZJS3RBckhJa1pLbVppcVBZMHhWcUV4cWd0bDZ2bEsyd2ZDSXZxcXNKbHFhUE5ndnh0OWlTZ2dLc25ESTFQTlJySWZST1lleHBEMGJ2UHpVSXd0anlseXRnMmNqcTdjOUQxQUxXRURZd1VxeVJXTWR0OCUyQnA0MTFGMkJybUYlMkYzbFVVUnl4NlA3UU51MXQlMkZJVFFpSVZEMW5rNG9OTmpiY1ElM0Q
jeffreestarcosmetics.com/ Name: _r_experiment_1448
Value: %7B%22cartToken%22%3A%22c97172fa9a31798911a5fc246e2f9f20%22%2C%22experiment%22%3A%7B%22experimentId%22%3A%221448%22%2C%22selectedInstance%22%3A%7B%22id%22%3A%221448%22%2C%22alias_name%22%3A%22%22%2C%22element_id%22%3A%22119096%22%2C%22traffic%22%3A%2280%22%7D%2C%22unselectedInstances%22%3A%5B%7B%22id%22%3A%221447%22%2C%22alias_name%22%3A%22%22%2C%22element_id%22%3A%22113198%22%2C%22traffic%22%3A%2220%22%7D%5D%7D%7D
jeffreestarcosmetics.com/ Name: _rsession
Value: 8c687574562d40b0
jeffreestarcosmetics.com/ Name: _ruid
Value: eyJ1dWlkIjoiZmU2MDdhZWQtNTBmMC00NTdlLTkwOWYtNjI3ODZlYzYyN2YzIn0%3D
jeffreestarcosmetics.com/ Name: cart_ts
Value: 1708431320
jeffreestarcosmetics.com/ Name: cart_sig
Value: c99bb373e2f605ec6808f775e1a70b2d
jeffreestarcosmetics.com/ Name: keep_alive
Value: a12d130e-bb4f-4cfb-96cf-fbcfe3cffe84

39 Console Messages

Source Level URL
Text
javascript warning URL: https://jeffreestarcosmetics.com/(Line 3586)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://jeffreestarcosmetics.com/(Line 3586)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
%c[smsbump web pixel] color:cyan pixel script loaded
other warning URL: https://jeffreestarcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
%c[smsbump web pixel] color:cyan version: 46184b326bc614905ba667fa988bdc50
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
%c[smsbump web pixel] color:pink pixel api [object Object]
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
console.trace
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
console.groupEnd
other warning URL: https://jeffreestarcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
%c[smsbump web pixel] color:pink cookie_data [object Object]
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
console.trace
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
console.groupEnd
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
%c[smsbump web pixel] color:pink cookie CREATE
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
console.trace
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
console.groupEnd
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
%c[smsbump web pixel] color:pink setting cookie __wtba: [object Object] Tue, 19 Jan 2038 03:14:07 GMT
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
console.trace
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
console.groupEnd
other warning URL: https://jeffreestarcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
%c[smsbump web pixel] color:pink add event listeners
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
console.trace
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
console.groupEnd
other warning URL: https://connect.facebook.net/signals/config/171279846853517?v=2.9.147&r=stable&domain=jeffreestarcosmetics.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://jeffreestarcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jeffreestarcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
%c[smsbump web pixel] color:pink setting cookie __wtba: [object Object] Tue, 19 Jan 2038 03:14:07 GMT
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
console.trace
worker info URL: https://jeffreestarcosmetics.com/wpm@842a21a8w6bc87f1fp748799bam4bde34bf/web-pixel-65663@46184b326bc614905ba667fa988bdc50/sandbox/worker.modern.js(Line 2)
Message:
console.groupEnd
other warning URL: https://jeffreestarcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jeffreestarcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jeffreestarcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jeffreestarcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jeffreestarcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jeffreestarcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jeffreestarcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://d3hb14vkzrxvla.cloudfront.net/v1/93a2c230-eb12-4070-acd6-b7392ab6f134
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://jeffreestarcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jeffreestarcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://cdn.rebuyengine.com/api/v1/widgets/settings?id=131642&cache_key=1708232057
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.glosku.com
acsbapp.com
ajax.googleapis.com
amaicdn.com
analytics.tiktok.com
app.restockrocket.io
beacon-v2.helpscout.net
cdn-loyalty.yotpo.com
cdn-swell-assets.yotpo.com
cdn-widgetsrepository.yotpo.com
cdn.acsbapp.com
cdn.rebuyengine.com
cdn.shopify.com
cdn.weglot.com
cdnjs.cloudflare.com
connect.facebook.net
consentmo-geo.com
customerapp.anncode.com
d18eg7dreypte5.cloudfront.net
d1stxfv94hrhia.cloudfront.net
d3hb14vkzrxvla.cloudfront.net
discountmanager.amai.com
dynamic.criteo.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
gdpr.apps.isenselabs.com
gdprcdn.b-cdn.net
googleads.g.doubleclick.net
gum.criteo.com
jeffreestarcosmetics.com
jsccustomerservice.zendesk.com
p.yotpo.com
rebuyengine.com
shop.app
static-tracking.klaviyo.com
static.klaviyo.com
static.zdassets.com
staticw2.yotpo.com
stats.g.doubleclick.net
waves.retentionscience.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.merchant-center-analytics.goog
104.16.53.111
104.17.24.14
104.18.7.32
104.18.72.113
104.22.1.204
104.22.32.205
104.26.10.250
104.26.12.152
13.127.102.73
142.250.31.94
142.251.163.154
142.251.163.94
142.251.163.97
142.251.167.95
143.198.251.218
151.101.130.133
151.101.2.133
151.101.66.132
172.253.122.155
172.253.63.101
172.253.63.103
172.253.63.138
172.253.63.155
172.253.63.95
172.67.11.155
172.67.69.32
192.229.163.223
23.222.16.154
23.227.38.32
23.227.38.33
23.227.60.200
23.50.126.61
3.161.210.170
3.162.3.96
3.211.112.8
31.13.66.19
31.13.66.35
34.234.80.100
37.19.207.34
47.112.135.248
54.192.51.96
54.230.48.123
54.237.159.171
74.119.119.139
74.119.119.142
00ba7ec54b2450e898722c3a70a04ec4393720aec7628703e070f2980a63ed1e
05ce2c1d790f2396211c1c5ba79cc0ab6c3b74feb72c28d39f5d3b96a3174a71
0c9908c2748efa22a9d8884595d5a50e00731e361931aca0ace3151640da50a2
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
142454910814547d3e6caf0d9db0cd5f1fbe3c8189b8bd09061dad6f756893ca
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17037ee594465c750e2035b4fe14c314923be2fdb01058367e235d46005ce059
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1bdea061b099a0124814c1f06200ed6b56602cde9c6c06b649c8f9c4f14de23b
1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f
1c376d148361f36809d62e7ad6274300a3ca246889d1bee927be6eadd12cbee9
1d432e8204759faceeac8c0cdc7bd82dc67724437ab42e3818215490a72addff
1e0fb284dfac5a1db0eea756850a45bde214c49d22585550133189f2ca152e61
1e1d70c43292db7f5a8aef104ea9034a559c98c62de1766cc15c29c70c6a1027
22b42b7a9e7309fef4a7f49838646f78bd75a36ee5c80ddfa43272d4927a5848
26402aa93bad9cc1bf7a84fd7c0c8106e0604a4b996eb03d844bcd3f3c82f59f
274a3c3d9b6a9d5b63daf1fdb72a3a6d500f23b4f393fc8eb8f23684b6471629
278f99e711dad0ec54a2c4a9441e464cdf47e4c41c1a8c57c4e204c901b3973b
2ab821ec4659f12402381a072f2ede6c8e1a7879740150c83b06b3bfa7a54292
31c4e5bf8620de1ea3b8503c3df70c096c9668f824d2c61efde5dac252104a51
322d4cef888338d0ce45a5e82085dc1b26b748cc756991b494345695c84a49f7
37b6736d71011a65fee56af5a86569abb3a04a767af141197960ca861c4e83e0
38996929233554cd02a0f970ab6abe51162137a7760e2b84a588739b5a607dc9
38b904a1cf83df048360fb2480571b749fd98d57e11f1afdffb5a74a78166fea
3c0d0133f0c4de69506db43902173fb3e04ca467c2e4f03453247a544fe7c122
3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
3ef2cc8a6e5399c9d43a9b238fba4ae4dfa32a863211bc9555158274929e88ba
427cf90de1188977bd53dd34b7ee86a3e10a6aee3f0aa094b516ad1c31a1d0c3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46c2e87676af82866e8c4ab53ca12f086015e75f73b7656e429640e34d2e17b2
47fe90aeffdbd9c770012e4a04ddad4f2a44b0f6de6cf44e8e0bf3f5c0216996
4ab55733ee16c07f4173a190fe8511eb588ba56deabc44f0ff98543a03e5f10d
4ad6f47e8a8d0519d0ba07ddee7afdd41c2f55cf9f066ae18ddb2f7befa6f0ec
4b6275c7977f0cd7698d38c7726149bbb2a9902d33e7dd48a192a889c19f5ab6
4da9c823fd881c1d78e789f325894c042fe9426aaa26117b285e0d7dfc1e7ad4
4f939c473b1bee90fdfdc26e99aa663cbbb66e1f8c887630cc3e953cbfdf8857
514e50bb7c48595c8c2c5d67709ddc45b607044105c567d1645045e94d446878
51c359916588443d85c516f76c343c7e6787b8216d8933ed4864d3fc824d795d
52a27a6a1c1821efdf20d91ece59d5f29ba3ba28cc8480e2f73f3007216e7729
56a8394bca708353fa136437106494aa54b76a9b1fa791d720e59354cb25414e
575c6454d5b68907556ef61d448e895eae146fb02cc59082f7c7e94e9b54fc2f
5a4c313b65e6d5a926d44b5c15ec265e534820c2946ee06c26a0b3d8f8b34bb6
5a93f1e46e08c87e904c21fbd724bb377022d93e9fd0ebc6f733e239f730abaa
5a9f28d3d6a853380163d712a991ff3d64d3e9155519ec829cde87c411dd7a8e
5baf89a261c96182953979499c0095130f3a77a1ed3638fd5415e24ff9deff18
5c671f56760ca02685888dc5417cdba6020ffd8d4e27e27652026e7ab5d4cbea
6042b166cdc76df9094329890799d3832fc9d6d19ac22053c9a0f2088fe6634e
67fe368168d4d8dbfa1ce733163fe43075e50eb2696b487f84387ad27065282b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aeee8d7b8f59a4332c9d10016b6d08ce58270a1ba6e5e3964e4a67ef44659a2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d0da62e544b9db6c48c83dc185f6835cd5d1605eae727be748775076ab9ca76
6e95092d7d2c14c77997509d39e65d5f7a00ad84787afab7d328cfc3bcc6b658
6ed50f35dfa84208081e6994ac3758e141451835192d3cf6b3f6cb9b623dea86
795d25dbc0e09ab07cd9fe6bd4a64c640fe9506ae1a2bbc0090131154ef3df77
7aa07cb9eb4dcbd11651911e5b51ddfcca63a7407e4e82f6cbe1e217688af9e3
7de0583e4a8491b5c4a498e79dc78a4d456d8849c13c44df2d309225fcda6e77
7ed718cb3d6cda5977d8b5d38cc0b7bc792b1f2e1e77b6c84f898dae2a359c40
804e093259daf597554c97abae95f9943330991c72f64b4b08141a6f41e94b6a
808347cd92e2dd4fe36fae008e3f6e3c9d5f480de159b1352bb45508e118fe01
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
875ebbdc170c6a5c9e052aa642eba6d6634f0fee83987784f6e30b9513c8a7d0
87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e
88836a5f64301e2642ccbc46006e144be76e2ca5a5383779a6264b35d1275112
8ab508c9cdd594bf76615f192ca06ec371f2d057917a4b2226c53b146d044515
8b880a457a131cb1f783b2b06c49ffed7355a1e1f080c49530a0ae0c3655829f
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
8e7657b7ac6c90046a9d47a9e0356a394bbab40b3604063073abd712bdd2f6e3
8f8bdb39a3d037c0dd030ddeea68df3f11ae6718175f960052e812c280b463b3
90c91c3158b038a688cd4a400bc1b33a49672f001404efab1f4e62c8e0ba5d3c
99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9b7fca79bb6be4ae0e97e4dfbdc075e7756388b53b86275aae6faebf290cd4c7
9c12bdebe3b8cde7104bf9ffa87e7607f0145e1a21fedf8df5e0c9ddc1fe7cf1
9e29ef150ec9124531a5a9587349775a0806a31515de4fe6605349c60f11875d
9efc3f5b9a825c28d7679a389d8f9e77fc78bebde99071d41891b49b59347a04
a2225eb0354c1b15d1930ddc23f2f90bd2fc181a1299391b15abbb489e887b51
a2343ccb9a5bf31efbd289dcdd65840f4731bec8f655bf162bcec83fbb14ade8
a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f
a3984155b79c00a4fd83f8925dee82397a2adf1359e03ce2a84dbecf62ba899a
a3c9f7f04fd3ace2d223fc29cf0f3f0c30a78ac5ff3538a510b87c8571d28cda
a4bccaf689510d163684361a8bbfc7b4c2d3e57e1ff82802f8817d9cde1722f6
a6512595609fdc29866dc751e191fa2b516122b67c810688c18b0848b1ca2921
a68a269e898c8144c46450bc23a492eae05b71c8355fc47b56d7e9de0f805c94
a6eee58bc9d85eab55a8d76f49f03f44528975eb259573f418a7c78dbe425072
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b
a7fd029004a6b9231b85746a6ae04b2f17919845a6cea6c853f33d54593131bb
a95267db319f32a8e567c3a8018bf3a2a5199a95dddbbb1523f747eac4e655e2
a9a7979bfdb428aeee14c8f23b2671d0bc0924aef257bf0d1e332da168bf5b5b
a9dda4253a3edf4e05f605a04fcd4bc87b88e53456f964519a3667462cc84244
aa5053e312f7605942f6e073524ff976b44204a049ca77fc92fd850db7100d2d
adad0f387bdee702d1120265df725c20b92e9d1eaaca34557fd6208babd0cc1b
b0342339841f4af8e7c8e24d08303fefb49d25f62d6b800eca84c8aa2afdbaf3
b13f731e33ca920632336078d904c853eb745e0bfff9007d732a5979e82f4d68
b2dae0a5c9a0b003395edb9cc6626d1d276aeeb7f8a923148b5c246fdc5d3c83
b4243f06574c94ddaf59ee6002236835be6cbe83a0554865520bfb52338d28a4
b4e3e26512d8f55bffd4823de2ad8e9e0c88f413ce42fb5d8f5e3dee961d8874
b5e3bbf3b396ac6e77914ab2b2747aa6d19836fad35e51ebfe8e0e7bedd5a7b8
b70781fcb8c41d1f65a11509925e4f423e62f7c0fb96208c9d23e18f6b1f5cde
b824e8c6d9f5635e8fc1b2a2ad0f7400b8fe7bb26c347d68cc30e43823bc0b97
b83ef5c2af0819c75514e5ed1c975499ece93f8c9d369e3ba799abd450af5ef7
ba548478d053bb6421285c667cb31830ff18506fb39970e73610411dfd042cf0
baadb3c66c03833721cdcd0c583ad87af65665ebae8d1df7c0fd34549c9349fc
bd333d99f5ea7bfe6364efc97b9ba49d7232faad6923732e2af32f184aeb8d5e
be8eeb1ad352bb92d5aa5cd7d89839c2d04c6b3f1c04276f55dc8ce5c7adb5fc
c0eb59dfca4c7d7dc3cdc4a5bb5a90a9911c73e70b849235d091a2a5a43b59a4
c9881931311b77f935225d7eeb7ebd0395480a7737a56d427778c98534ade38a
c999cedc3fe6b6b188beb9a1d569be62a2022e635c22d2c0dc4c8f4a4b9ed843
ca70f137d1b611b871c1019b744b62dbee58028da6373482cfacbb2f6b998279
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
cea0db802f77991710cc504fa657fa2b08c8209da5e01d34bb2590ae15fb048d
ceb09275cdd331c7f6a45251bade3bdf6e027c26b220bb91e53f107418b9af8c
d4aa3444bfbeeef5b54c3c84ed94595c16b297c7fcbe18602fdb9b194642d7ab
d5f8db0e78183b1df2a602f7c86391d0148d02d88ab7162dbdf6e16e499eb251
d70af1bf07eb98b1264c5e0682aae4df02105d917f6b8859383116ee54f78f5b
d77d7d789dece7d7b2bc638753bc2a74e9633482a357e1d7db54846bd01de56c
d81a59eb68f6ac46e7e7b17abf234e2718c2fd098305f5c05f965a9a841b8433
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de458cd476885db3b1b8a642545f35d444bd1a5fbe4c245ec7bcec0de83427e7
ded3cc824f7bd6d490d247ad247bc13cd3205f3dca15e6afa78610dc8a4d1143
e052dd1f5d0cfefcdcb8f2098a39fdacccf085c2fda558af829fa070b13a3325
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7500d287d54893078314dbed04c4096522a596daffbaf53cbe8243100c74e20
e7fd2689d338da03bc9b56d99bf5d65e50486aa914025d9f1e31ac4f81fddd2a
e94e9489245d6fac2a4c2eabba920f5dd5b8af77474a9fe89a80bb13a4048832
e9c2891c066c83b534ee619c4731ea1de8bf1c1b130a0c1d8dc651f35bc5c913
eb29b8b1a7c192ac5f50496b7fce448fc7ea8ae807d860b91d1197ffb3cc5286
ec2b3779943f7a3860b5b49f07bbda7d87608c25e5d894fb1d930d34851f842d
ed39422762e3c316a2683518a93bb54aec56e2c43da4a7491ae9dda7eb2b3d72
ee288c07388eebe7ef64078fd0d342a64a7c1ec2021c0d850abebedd4c9225f6
ee2c9001833e647ea59461dcbab7cfa5bfdbe14fa0ec37459d2b1e608d18e4fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f180bd22855ecbcb04f5337542bb8006a4324a603d45371a1a69efab9cb13d88
f2e70152f8d6d73d7378013d95fb02cdfcf734ea2c172f2d3b81cc10f5253fb9
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9ad420bf51c2930fc2a49d44209d202cb18acb2d8b82853a01023e69eab6885
fa0b52021665d0356c4dc592c7e4b11b4f2bc8e756b160e3478474139d10adc5
fa4903bd30ee6e3f3e49f98bb9f7f1fd32a0a21a76553bfa6cdc62a2dc2d346b
fe9670ac491353425384a019c03db79ab25f9c92c9d4a8dace55c9f30279c928